Analysis Overview
score
10/10
SHA256
10fc8f8cf1b45a6a6b2b929414a84fc513f80d31b988c3d70f9a21968e943bf2
Threat Level: Known bad
The file 10fc8f8cf1b45a6a6b2b929414a84fc513f80d31b988c3d70f9a21968e943bf2 was found to be: Known bad.
Malicious Activity Summary
Jupyter family
Jupyter Backdoor/Client payload
Unsigned PE
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-08-09 08:47
Signatures
Jupyter Backdoor/Client payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Jupyter family
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-09 08:47
Reported
2024-08-09 08:48
Platform
win10v2004-20240802-en
Max time kernel
30s
Max time network
4s
Command Line
rundll32.exe C:\Users\Admin\AppData\Local\Temp\10fc8f8cf1b45a6a6b2b929414a84fc513f80d31b988c3d70f9a21968e943bf2.dll,#1
Signatures
N/A
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\10fc8f8cf1b45a6a6b2b929414a84fc513f80d31b988c3d70f9a21968e943bf2.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp | |
| N/A | 40.68.123.157:443 | tcp |
Files
N/A