jupyter | 336101572125e2ac77ba7077cad820578294cb7e433df48939dfaee6ac1a8729 | Triage

Submit
Reports

Overview

overview

Static

static

1

renamed file.msi

windows7-x64

7

renamed file.msi

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_336101572125e2ac77ba7077cad820578294cb7e433df48939dfaee6ac1a8729
Size

1.9MB
Sample

241229-je9qdawpfj
MD5

dab55780f8a6c5036c1e0a8791cc607f
SHA1

86bf4eaf9ba846ff6b0137f3b2edcf2d0d7277ee
SHA256

336101572125e2ac77ba7077cad820578294cb7e433df48939dfaee6ac1a8729
SHA512

9cea10cf42fbc42ec0d9c359d31f7260f402716c437afc085976a2bed2ff9314d323633869cdb654b7e82a1f0ef90de159f463b1d2768a3ae5646833758c4ca6
SSDEEP

24576:qwnCK/uTz0wSJXrOPQrVCeaQr4cI+vhyda00ips2oZm4yZbc6hru:YLSJSPGiZxmhbRipcxyZbtha

Score

10^/10

jupyter backdoor discovery execution stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

renamed file.msi

Resource

win7-20240903-en

discovery execution

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

renamed file.msi

Resource

win10v2004-20241007-en

jupyter backdoor discovery execution stealer trojan

windows10-2004-x64

20 signatures

150 seconds

Malware Config

Extracted

Family

jupyter

Version

OC-8

C2

http://37.221.114.23

Targets

- Target
  
  renamed file.msi
- Size
  
  101.7MB
- MD5
  
  d32bff7790a7a7cc09e3fd8a604e4462
- SHA1
  
  8097f23668557b2dcdf6d3aca285c0d499b5c78f
- SHA256
  
  3303926a6468dab25286a65bb9f3e5883a8938e6501031b3b85e21f182d1ed0d
- SHA512
  
  cc5f0ff6e7121970c98efe91dff8846c0216faab8daac0102ece6110cb05d2e4504edd2b191c1f0a571a503c4ea3c51add920b22db9696e70579d5d246a43ac0
- SSDEEP
  
  49152:cwxcLDe+cpl7+GgVVN7HgTrztiIpqtSZFmD:Pa/MpZGgTFZFmD
Score

10^/10

discovery execution jupyter backdoor stealer trojan
- Jupyter Backdoor/Client payload
- Jupyter family
  jupyter
- Jupyter, SolarMarker
  Jupyter is a backdoor and infostealer first seen in mid 2020.
  backdoor trojan stealer jupyter
- Drops startup file
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

jupyterbackdoordiscoveryexecutionstealertrojan

© 2018-2025

Terms | Privacy