SolarMarker Malware Research
Research notes related to SolarMarker / Jupyter activity, including SEO poisoning delivery, PowerShell behavior, infostealer components, infrastructure, and detection opportunities.
Research Focus
-
SEO poisoning and delivery
Analysis focus includes search-result abuse, fake documents, installer chains, lure content, and distribution patterns.
-
PowerShell and payload behavior
Tracking execution chains, script behavior, staged payloads, persistence, and artifacts associated with SolarMarker activity.
-
Infostealer indicators
Useful hunting areas include file paths, command lines, network endpoints, process relationships, registry changes, and related host artifacts.
-
Related blog posts
SolarMarker and Jupyter-related writeups can be found through the blog label page.