qnodeservice | 18f86e8663d883b3df3cfd8c62f932a4ae38c7933f892008e1eb800b859f08b4 | Triage

Submit
Reports

Overview

overview

Static

static

RFQ19720006.jar

windows7_x64

RFQ19720006.jar

windows10_x64

Analysis

max time kernel
149s
max time network
143s
platform
windows10_x64
resource
win10v20201028
submitted
09-11-2020 19:37

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

RFQ19720006.jar

Resource

win7v20201028

qnodeservice trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

RFQ19720006.jar

Resource

win10v20201028

qnodeservice trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

RFQ19720006.jar
Size

7KB
MD5

0a1ee977d587cd29b7a74546322569b3
SHA1

06e7d3774fd04cf1dc225a89a973a86bae8a0654
SHA256

18f86e8663d883b3df3cfd8c62f932a4ae38c7933f892008e1eb800b859f08b4
SHA512

21d25b245c4b59d9162e9243354f4cbe5f7e9fdc4a7e392514b34b2b8df4bfd23e87e141dfac74d5272d40075bcff0a33c6f1ccd41b533dff26eb64008330ff3

Score

10^/10

qnodeservice trojan

Malware Config

Signatures

QNodeService
Trojan/stealer written in NodeJS and spread via Java downloader.
trojan qnodeservice

Processes

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\RFQ19720006.jar
1⤵
PID:1160

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy