Analysis Overview
score
10/10
SHA256
870f691ec9a83e9c4acce142e0acbf110260e6c8e707410c23c02076244f3973
Threat Level: Known bad
The file 870f691ec9a83e9c4acce142e0acbf110260e6c8e707410c23c02076244f3973 was found to be: Known bad.
Malicious Activity Summary
Jupyter Backdoor/Client payload
Jupyter family
Unsigned PE
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-08-09 08:41
Signatures
Jupyter Backdoor/Client payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Jupyter family
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-09 08:41
Reported
2024-08-09 08:42
Platform
win10v2004-20240802-en
Max time kernel
30s
Max time network
23s
Command Line
rundll32.exe C:\Users\Admin\AppData\Local\Temp\870f691ec9a83e9c4acce142e0acbf110260e6c8e707410c23c02076244f3973.dll,#1
Signatures
N/A
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\870f691ec9a83e9c4acce142e0acbf110260e6c8e707410c23c02076244f3973.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp |
Files
N/A