Payment 05-19-20.jar

General
Target

Payment 05-19-20.jar

Filesize

5KB

Completed

10-11-2020 02:51

Score
10/10
MD5

38f5e145127f2eaee9bf40b8aea0ad1e

SHA1

b4937acde80a3e1c5a11fa4cbc144c9d0b7c19ad

SHA256

fb9cdab9be2ae4f77ea8fa002e372aa0f2bd5ecf2a05ccff3877f074a849f355

Malware Config
Signatures 1

Filter: none

  • QNodeService

    Description

    Trojan/stealer written in NodeJS and spread via Java downloader.

Processes 1
  • C:\Windows\system32\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\Payment 05-19-20.jar"
    PID:1032
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads