qnodeservice | e99cba9a1ff350f74dd3a7795dee0a9a92135deba5d40a8bae1069d3cee4fe15 | Triage

Submit
Reports

Overview

overview

Static

static

DX2500NH.jar

windows7_x64

DX2500NH.jar

windows10_x64

Analysis

max time kernel
149s
max time network
15s
platform
windows7_x64
resource
win7v20201028
submitted
09-11-2020 19:55

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

DX2500NH.jar

Resource

win7v20201028

qnodeservice trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

DX2500NH.jar

Resource

win10v20201028

qnodeservice trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

DX2500NH.jar
Size

5KB
MD5

d546e7a67f46794b5d1fc073a1219879
SHA1

3ac07b2d9e183af6dd10ed4330337e7650566f80
SHA256

e99cba9a1ff350f74dd3a7795dee0a9a92135deba5d40a8bae1069d3cee4fe15
SHA512

2bf2a1ba9de1d1e06b741d03ba0fbc0826cb3b91955ff96773740ba09365c40f72065ebc6f9f9f5f54ffbcd95fd5b80ca17e73aca8a986ac6793eda08ba9d085

Score

10^/10

qnodeservice trojan

Malware Config

Signatures

QNodeService
Trojan/stealer written in NodeJS and spread via Java downloader.
trojan qnodeservice

Processes

C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\DX2500NH.jar
1⤵
PID:1644

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy