qnodeservice | 945c7ca113a19badb59de5b902131859e4632114f356bdc273b1ed8dbdc14a37 | Triage

Submit
Reports

Overview

overview

Static

static

Payment copy.jar

windows7_x64

Payment copy.jar

windows10_x64

Analysis

max time kernel
150s
max time network
136s
platform
windows7_x64
resource
win7v20201028
submitted
09-11-2020 19:29

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Payment copy.jar

Resource

win7v20201028

qnodeservice trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Payment copy.jar

Resource

win10v20201028

qnodeservice trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

Payment copy.jar
Size

7KB
MD5

f363037a5de2ac153432db74d1e77854
SHA1

c3c9340c87cabca216c6866195a3d35a8a79ccde
SHA256

945c7ca113a19badb59de5b902131859e4632114f356bdc273b1ed8dbdc14a37
SHA512

55b06ac86d2b1021ba2c30a84e50d242e30c0c6d6335abcd2218ca74d7087aca57d101d68eafa48e60fb894e776c819a018fc5a2f8cd5604a669de6efb8e5476

Score

10^/10

qnodeservice trojan

Malware Config

Signatures

QNodeService
Trojan/stealer written in NodeJS and spread via Java downloader.
trojan qnodeservice

Processes

C:\Windows\system32\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\Payment copy.jar"
1⤵
PID:1944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy