General

  • Target

    INVOICE#1608.jar

  • Size

    74KB

  • Sample

    201027-xy2xdyhmwa

  • MD5

    dc133c7480dbe52eda437d9cdf5a1570

  • SHA1

    a1e36cabc5eb441292db4e8813659923db83b7ff

  • SHA256

    95325c40661f2bfce78d8c9793a672bd7b9dc0783f154956924385e1615f9a65

  • SHA512

    16a8eb3d038510ea6f5b7d3178d43dd034a8ae9c95d07f393b4843d3a4dd4aedca7ebfb4e308bfef3c4b6babad647170acb09e98977391150b835cd742f5d18c

Score
10/10

Malware Config

Targets

    • Target

      INVOICE#1608.jar

    • Size

      74KB

    • MD5

      dc133c7480dbe52eda437d9cdf5a1570

    • SHA1

      a1e36cabc5eb441292db4e8813659923db83b7ff

    • SHA256

      95325c40661f2bfce78d8c9793a672bd7b9dc0783f154956924385e1615f9a65

    • SHA512

      16a8eb3d038510ea6f5b7d3178d43dd034a8ae9c95d07f393b4843d3a4dd4aedca7ebfb4e308bfef3c4b6babad647170acb09e98977391150b835cd742f5d18c

    Score
    10/10
    • QNodeService

      Trojan/stealer written in NodeJS and spread via Java downloader.

    • Executes dropped EXE

    • JavaScript code in executable

MITRE ATT&CK Matrix

Tasks