SYMBOLCOMMON_NAMEaka. SYNONYMS
win.solarmarker (Back to overview)

solarmarker

aka: Jupyter, Polazert, Yellow Cockatoo

There is no description at this point.

References
2022-04-27eSentireeSentire Threat Response Unit (TRU)
@online{tru:20220427:esentire:64541e7, author = {eSentire Threat Response Unit (TRU)}, title = {{eSentire Threat Intelligence Malware Analysis: SolarMarker}}, date = {2022-04-27}, organization = {eSentire}, url = {https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-solarmarker}, language = {English}, urldate = {2022-05-05} } eSentire Threat Intelligence Malware Analysis: SolarMarker
solarmarker
2022-04-08Palo Alto Networks Unit 42Shimi Cohen, Inbal Shalev, Irena Damsky
@online{cohen:20220408:new:6c99a64, author = {Shimi Cohen and Inbal Shalev and Irena Damsky}, title = {{New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns}}, date = {2022-04-08}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/solarmarker-malware/}, language = {English}, urldate = {2022-04-14} } New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns
solarmarker
2022-02-01SophosGabor Szappanos, Sean Gallagher
@online{szappanos:20220201:solarmarker:597b088, author = {Gabor Szappanos and Sean Gallagher}, title = {{SolarMarker campaign used novel registry changes to establish persistence}}, date = {2022-02-01}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2022/02/01/solarmarker-campaign-used-novel-registry-changes-to-establish-persistence/}, language = {English}, urldate = {2022-02-02} } SolarMarker campaign used novel registry changes to establish persistence
solarmarker
2022-01-13BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220113:threat:8a5c973, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: Jupyter Infostealer is a Master of Disguise}}, date = {2022-01-13}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/01/threat-thursday-jupyter-infostealer-is-a-master-of-disguise}, language = {English}, urldate = {2022-01-24} } Threat Thursday: Jupyter Infostealer is a Master of Disguise
solarmarker
2021-10-28PRODAFT Threat IntelligencePRODAFT
@techreport{prodaft:20211028:solarmarker:6c54c24, author = {PRODAFT}, title = {{Solarmarker In-Depth Analysis}}, date = {2021-10-28}, institution = {PRODAFT Threat Intelligence}, url = {https://www.prodaft.com/m/reports/Solarmarker_TLPWHITEv2.pdf}, language = {English}, urldate = {2021-11-03} } Solarmarker In-Depth Analysis
solarmarker
2021-09-21MorphisecNadav Lorber
@online{lorber:20210921:new:117cc51, author = {Nadav Lorber}, title = {{New Jupyter Evasive Delivery through MSI Installer}}, date = {2021-09-21}, organization = {Morphisec}, url = {https://blog.morphisec.com/new-jupyter-evasive-delivery-through-msi-installer}, language = {English}, urldate = {2021-09-22} } New Jupyter Evasive Delivery through MSI Installer
solarmarker
2021-08-09Minerva LabsMinerva Labs
@online{labs:20210809:thwarting:cff4148, author = {Minerva Labs}, title = {{Thwarting Jupyter Stealer}}, date = {2021-08-09}, organization = {Minerva Labs}, url = {https://blog.minerva-labs.com/new-iocs-of-jupyter-stealer}, language = {English}, urldate = {2021-12-17} } Thwarting Jupyter Stealer
solarmarker
2021-07-29Talos IntelligenceAndrew Windsor, Chris Neal
@online{windsor:20210729:talos:6cba25b, author = {Andrew Windsor and Chris Neal}, title = {{Talos Spotlight: Solarmarker}}, date = {2021-07-29}, organization = {Talos Intelligence}, url = {https://blog.talosintelligence.com/2021/07/threat-spotlight-solarmarker.html#more}, language = {English}, urldate = {2021-09-02} } Talos Spotlight: Solarmarker
solarmarker
2021-07-16Binary DefenseBinary Defense
@online{defense:20210716:marsdeimos:c0e4144, author = {Binary Defense}, title = {{Mars-Deimos: From Jupiter to Mars and Back again (Part Two)}}, date = {2021-07-16}, organization = {Binary Defense}, url = {https://www.binarydefense.com/mars-deimos-from-jupiter-to-mars-and-back-again-part-two/}, language = {English}, urldate = {2021-07-24} } Mars-Deimos: From Jupiter to Mars and Back again (Part Two)
solarmarker
2021-07-06Binary DefenseBinary Defense
@online{defense:20210706:marsdeimos:ebe87c7, author = {Binary Defense}, title = {{Mars-Deimos: SolarMarker/Jupyter Infostealer (Part 1)}}, date = {2021-07-06}, organization = {Binary Defense}, url = {https://www.binarydefense.com/mars-deimos-solarmarker-jupyter-infostealer-part-1/}, language = {English}, urldate = {2021-07-24} } Mars-Deimos: SolarMarker/Jupyter Infostealer (Part 1)
solarmarker
2021-06-20SquiblydooSquiblydoo
@online{squiblydoo:20210620:marsdeimos:f574072, author = {Squiblydoo}, title = {{Mars-Deimos: From Jupiter to Mars and Back again (Part Two)}}, date = {2021-06-20}, organization = {Squiblydoo}, url = {https://squiblydoo.blog/2021/06/20/mars-deimos-from-jupiter-to-mars-and-back-again-part-two/}, language = {English}, urldate = {2021-12-17} } Mars-Deimos: From Jupiter to Mars and Back again (Part Two)
solarmarker
2021-06-11Twitter (@MsftSecIntel)Microsoft Security Intelligence
@online{intelligence:20210611:solarmarkerjupyter:86c4f14, author = {Microsoft Security Intelligence}, title = {{Tweet on solarmarker/Jupyter malware}}, date = {2021-06-11}, organization = {Twitter (@MsftSecIntel)}, url = {https://twitter.com/MsftSecIntel/status/1403461397283950597}, language = {English}, urldate = {2021-06-21} } Tweet on solarmarker/Jupyter malware
solarmarker
2021-04-13eSentireeSentire
@online{esentire:20210413:hackers:bc5d7af, author = {eSentire}, title = {{Hackers Flood the Web with 100,000 Malicious Pages, Promising Professionals Free Business Forms, But Delivering Malware, Reports eSentire}}, date = {2021-04-13}, organization = {eSentire}, url = {https://www.esentire.com/security-advisories/hackers-flood-the-web-with-100-000-malicious-pages-promising-professionals-free-business-forms-but-are-delivering-malware-reports-esentire}, language = {English}, urldate = {2021-04-16} } Hackers Flood the Web with 100,000 Malicious Pages, Promising Professionals Free Business Forms, But Delivering Malware, Reports eSentire
solarmarker
2021-02-08CrowdStrikeTom Simpson, Tom Henry, Seb Walla
@online{simpson:20210208:blocking:c4fb4be, author = {Tom Simpson and Tom Henry and Seb Walla}, title = {{Blocking SolarMarker Backdoor}}, date = {2021-02-08}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/solarmarker-backdoor-technical-analysis/}, language = {English}, urldate = {2021-02-09} } Blocking SolarMarker Backdoor
solarmarker
2020-12-20Security MagicSecurity Magic
@online{magic:20201220:tracking:9d75102, author = {Security Magic}, title = {{Tracking Jupyter Malware}}, date = {2020-12-20}, organization = {Security Magic}, url = {https://security5magics.blogspot.com/2020/12/tracking-jupyter-malware.html}, language = {English}, urldate = {2021-06-29} } Tracking Jupyter Malware
solarmarker
2020-11-12MorphisecArnold Osipov
@online{osipov:20201112:threat:05d4acd, author = {Arnold Osipov}, title = {{Threat Profile: JUPYTER INFOSTEALER}}, date = {2020-11-12}, organization = {Morphisec}, url = {https://blog.morphisec.com/jupyter-infostealer-backdoor-introduction}, language = {English}, urldate = {2021-12-17} } Threat Profile: JUPYTER INFOSTEALER
solarmarker

There is no Yara-Signature yet.