Analysis

  • max time kernel
    149s
  • max time network
    148s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    09-11-2020 19:29

General

  • Target

    order PC1746006-70320-ACBEL POLYTECH INC.jar

  • Size

    5KB

  • MD5

    958702cfd18f75c38357c0b9b3c48bac

  • SHA1

    8b3a1aa5674d36569157da272226535c8354fa28

  • SHA256

    fb8e064fb9ecee06da6211f9440d87edc2a3f9e8a929894077815ab85459d6e1

  • SHA512

    e690fcb8eae027880915d8b3d1deaa387e55af4368bc2700d17dc5aaa05954c5a9ddb79e99de48462f3ecfcd6ea6f8d63f2be9fedf05d9f5c750dce5defdd6cd

Score
10/10

Malware Config

Signatures

  • QNodeService

    Trojan/stealer written in NodeJS and spread via Java downloader.

Processes

  • C:\ProgramData\Oracle\Java\javapath\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\order PC1746006-70320-ACBEL POLYTECH INC.jar"
    1⤵
      PID:500

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads