Jupyter Rising: An Update on Jupyter Infostealer [Tuesday, November 7, 2023]

Jupyter Rising: An Update on Jupyter Infostealer [Tuesday, November 7, 2023]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/ATTACK-REPORT-LOGO-2.png
Report

Jupyter Rising: An Update on Jupyter Infostealer

Description :
New Jupyter Infostealer variants continue to evolve with simple yet impactful changes to the techniques used by the malware author. This improvement aims to avoid detection and establishes persistence, enabling the attacker to stealthily compromise victims.

Published :
2023-11-07T14:19:31.446Z

Created :
2023-11-07T14:19:31.446Z

Modified :
2023-11-07T14:29:23.506Z

Tags

  • powershell
  • infostealer
  • firefox
  • installer
  • chrome
  • solarmarker
  • polazert
  • jupyter
  • defense evasion
  • mdr team
  • autodesk

Indicators

IPv4s :
  • 78.135.73.176
  • 185.243.112.60
  • 146.70.121.88
  • 91.206.178.10
  • 146.70.101.83
  • 146.70.71.13
Hashes :
  • 7d57b32e3753a28d2e106392fef0c02ec549062f607563732a64abb4ad949fde
  • c083bf80cfc91f4e3c696bab27760163b9b7621ff4e1230b8129d44b52ccf79a
  • 32e0c3db78cdeaa026b8b9ed9c3e4f599eb5d9cb4184aaacae8ec94a0c1be438
  • ad7098b4882cdd187a2c2bdf87f6e4cb6c76017975a135cf9c9dcd49ce1f30d7
  • 820eda2078723e7f1c09d0e6d3641ea822c2b36c981cb5bfa4e445733664c087
  • 39102fb7bb6a74a9c8cb6d46419f9015b381199ea8524c1376672b30fffd69d2
  • fee1e684cc9588c9aea22c48e9745d0f3150479b2c094c0de598247487fc3f89
  • 95a96d21f89b5e73ad41c5af5381f54a2697abd0c8490b4fd180ad88e9677452
Attacks Pattern :
  • T1552.001
  • T1547
  • T1036
  • T1055
  • T1070
  • T1112
  • T1204
  • T1005
  • T1027
  • T1105
  • T1059
  • T1083
  • T1082
  • T1041
External References :

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.