Analysis

  • max time kernel
    150s
  • max time network
    140s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    09-11-2020 19:30

General

  • Target

    BL draft COSU6258421850.jar

  • Size

    7KB

  • MD5

    9c50fcc522f6b5677101a586b544cbcb

  • SHA1

    0e86f26c5e953bf157c9bf92efe138f80f5d84a1

  • SHA256

    77017176722b8d9a8dbf40488df920bed1d7fda8e1c78f695e649e786bea0728

  • SHA512

    e458019d8b9b4719f3f9f74332fcd2524f9713cce8c476fd106836e6a3a6ef1de0feeaa7275c35c7fe426c5a9bd8a3a0385ab6784d8b5204b295038984791574

Score
10/10

Malware Config

Signatures

  • QNodeService

    Trojan/stealer written in NodeJS and spread via Java downloader.

Processes

  • C:\ProgramData\Oracle\Java\javapath\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\BL draft COSU6258421850.jar"
    1⤵
      PID:580

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads