qnodeservice | 64d0c0ae9c3977f16d8f1821eb03fee9f0ee4120c48cdb08a27dbd2af10dd5a7 | Triage

Submit
Reports

Overview

overview

Static

static

PAYMENT SLIP.jar

windows7_x64

PAYMENT SLIP.jar

windows10_x64

Analysis

max time kernel
150s
max time network
12s
platform
windows7_x64
resource
win7v20201028
submitted
09-11-2020 19:30

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

PAYMENT SLIP.jar

Resource

win7v20201028

qnodeservice trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PAYMENT SLIP.jar

Resource

win10v20201028

qnodeservice trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

PAYMENT SLIP.jar
Size

8KB
MD5

7ca120978147daae9bc122118170250e
SHA1

4140d33fb3cbb0c5207514f94e2ba9a6ef51f0a3
SHA256

64d0c0ae9c3977f16d8f1821eb03fee9f0ee4120c48cdb08a27dbd2af10dd5a7
SHA512

f8927ca4fdb68c2b489c4a9637c6cc6b91471d57bc08c3a28384a36c6a90017819be3fb4119dee146ac590fa85185ff8b72a2bb2e9ae25c26a48c2f800c57dba

Score

10^/10

qnodeservice trojan

Malware Config

Signatures

QNodeService
Trojan/stealer written in NodeJS and spread via Java downloader.
trojan qnodeservice

Processes

C:\Windows\system32\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\PAYMENT SLIP.jar"
1⤵
PID:292

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy