Overview

overview

10

Static

static

Payment Co...on.jar

windows7_x64

10

Payment Co...on.jar

windows10_x64

10

Analysis

  • max time kernel
    151s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    09-11-2020 19:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payment Confirmation.jar

  • Size

    100KB

  • MD5

    bcaa3de9152dfbc095f37bb67853770e

  • SHA1

    6c6fda231bbc79f6730b4e4ad2cf21b29d0d9e15

  • SHA256

    20629897fd36f8cdb5321d1c58b8acb62fa29c54c0e22b1d2e9e6bef807f7e4d

  • SHA512

    b6025ecc196a6930157ae6ae8aac5109b54ec404a3af96aa6652cce9858e30f7513769fdef5084082ad9dd5710563443c21d01988d5de2cda5583ebd8c341025

Score
10/10
qnodeservicetrojan

Malware Config

Signatures

  • QNodeService

    Trojan/stealer written in NodeJS and spread via Java downloader.

    trojanqnodeservice
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\Payment Confirmation.jar"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1588

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads