Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
LOI 1000MT.jar
-
Size
12KB
-
Sample
200707-1kqgl5xsna
-
MD5
f5f8a528c5825a1fa032327e128c5320
-
SHA1
b43c86e9d2f3cce0766257e44122fe2216365b05
-
SHA256
dcb9f8cbe1da85545179a3c9a0f6c84f9ad0c4612d2e4ae6b4320ee35d041396
-
SHA512
01db263883a1b1da27963eb574fd4d05f0c1283f8d2b44b65cd4a876eb36b03d782e8e1fd6c422bdd1097802e36fd8aef91e01ade1ea540f4e5c3b9ff034f015
Static task
static1
Behavioral task
behavioral1
Sample
LOI 1000MT.jar
Resource
win7v200430
Behavioral task
behavioral2
Sample
LOI 1000MT.jar
Resource
win10v200430
Malware Config
Targets
-
-
Target
LOI 1000MT.jar
-
Size
12KB
-
MD5
f5f8a528c5825a1fa032327e128c5320
-
SHA1
b43c86e9d2f3cce0766257e44122fe2216365b05
-
SHA256
dcb9f8cbe1da85545179a3c9a0f6c84f9ad0c4612d2e4ae6b4320ee35d041396
-
SHA512
01db263883a1b1da27963eb574fd4d05f0c1283f8d2b44b65cd4a876eb36b03d782e8e1fd6c422bdd1097802e36fd8aef91e01ade1ea540f4e5c3b9ff034f015
Score10/10-
QNodeService
is a trojan written in NodeJS and spread via Java downloader. Utilizes stealer functionality.
-
QNodeService NodeJS Trojan
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run entry to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-