qnodeservice | 0a125f7c1cfe7096eed332cbb06df68aa8672282c6cd242ee98bd719854e13c2 | Triage

Submit
Reports

Overview

overview

Static

static

Najran PR ...91.jar

windows7_x64

Najran PR ...91.jar

windows10_x64

Analysis

max time kernel
150s
max time network
126s
platform
windows7_x64
resource
win7v20201028
submitted
09-11-2020 19:37

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Najran PR 12000191.jar

Resource

win7v20201028

qnodeservice trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Najran PR 12000191.jar

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

Najran PR 12000191.jar
Size

7KB
MD5

c3f9c8f0c39093d32c790b5716c50a83
SHA1

268636b06b917dd6dbf2ecfec030d4e1c1dad41f
SHA256

0a125f7c1cfe7096eed332cbb06df68aa8672282c6cd242ee98bd719854e13c2
SHA512

49d1af479f7d6a77689b5d36d33de2000b0a05c102383748774a7a5f368aa08ed85dd7e22c915395e502eaaf5ed914db3b2a605fe09b8829fada7529240619c3

Score

10^/10

qnodeservice trojan

Malware Config

Signatures

QNodeService
Trojan/stealer written in NodeJS and spread via Java downloader.
trojan qnodeservice

Processes

C:\Windows\system32\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\Najran PR 12000191.jar"
1⤵
PID:1632

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy