Resubmissions

05-06-2022 12:18

220605-pgyzjsaca9 4

19-10-2020 00:44

201019-1lrwtdmymj 10

General

  • Target

    f80a0b2708893179f10771d1656875f67d6a9fba78ffcfe14485aae21b31dc55.zip

  • Size

    208KB

  • Sample

    201019-1lrwtdmymj

  • MD5

    e1eeb6dc12267f8ecfcbd6b990771042

  • SHA1

    2ab80f6cb8334c8b9a1eca19019043c0db71f094

  • SHA256

    685faf9930e594f4cfe598d461b384abee2baa18e5d766592c4c58a45e00700d

  • SHA512

    4dc3569879d436efe136a653090fe1402d3f0964491e07666bc1317001c1bf96bc4716fe92cc94379a522bb2775aefde24eec7719c390ccb9117720e5794fc68

Score
10/10

Malware Config

Targets

    • Target

      f80a0b2708893179f10771d1656875f67d6a9fba78ffcfe14485aae21b31dc55.jar

    • Size

      209KB

    • MD5

      369eb059f2b5b98c7b42e14fad64c2a7

    • SHA1

      84c74b6512664d339f7f49a5368f9a6fdf6025e4

    • SHA256

      f80a0b2708893179f10771d1656875f67d6a9fba78ffcfe14485aae21b31dc55

    • SHA512

      8cccf82be1dd1fc9b4375c1c066f077b5433fa82d03bc46c90a5ae1b348b1c5deab9ea45313720f222a45316751189ea887c526d30cf80188f74db76771093bb

    Score
    10/10
    • QNodeService

      Trojan/stealer written in NodeJS and spread via Java downloader.

    • Executes dropped EXE

    • JavaScript code in executable

MITRE ATT&CK Matrix

Tasks