Analysis

  • max time kernel
    150s
  • max time network
    79s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    09-11-2020 19:29

General

  • Target

    qnode (2).jar

  • Size

    7KB

  • MD5

    a7f9a7e69f17f4f41fbd3c53483b4bde

  • SHA1

    076e74027afcfc60153dc9d9b4533a1af2ecbd82

  • SHA256

    4405f3a9ef80b0de143be40c7946d6624e30b6f57f900a49227a9568dee8c297

  • SHA512

    6e9cd7570287d935b93dd451e90314517e812a01b245b5d2ed498d9356db744c9018843ddc4a390428f55b011cdee32058362947ed2d07d31245f49341a1e90f

Score
10/10

Malware Config

Signatures

  • QNodeService

    Trojan/stealer written in NodeJS and spread via Java downloader.

Processes

  • C:\Windows\system32\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\qnode (2).jar"
    1⤵
      PID:1080

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads