qnodeservice | fb9cdab9be2ae4f77ea8fa002e372aa0f2bd5ecf2a05ccff3877f074a849f355 | Triage

Submit
Reports

Overview

overview

Static

static

Payment 05-19-20.jar

windows7_x64

Payment 05-19-20.jar

windows10_x64

Analysis

max time kernel
150s
max time network
16s
platform
windows7_x64
resource
win7v20201028
submitted
09-11-2020 19:54

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Payment 05-19-20.jar

Resource

win7v20201028

qnodeservice trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Payment 05-19-20.jar

Resource

win10v20201028

qnodeservice trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

Payment 05-19-20.jar
Size

5KB
MD5

38f5e145127f2eaee9bf40b8aea0ad1e
SHA1

b4937acde80a3e1c5a11fa4cbc144c9d0b7c19ad
SHA256

fb9cdab9be2ae4f77ea8fa002e372aa0f2bd5ecf2a05ccff3877f074a849f355
SHA512

426d35fa6db4623e4906fffb77c9dda2c2d893dfa6010ed5dcfd6507f4e13a32de0e17ac06f166ae817f8c91f003429b264f8879cc9c13e3ba71f569bf613f91

Score

10^/10

qnodeservice trojan

Malware Config

Signatures

QNodeService
Trojan/stealer written in NodeJS and spread via Java downloader.
trojan qnodeservice

Processes

C:\Windows\system32\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\Payment 05-19-20.jar"
1⤵
PID:1032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy