Analysis

  • max time kernel
    151s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    09-11-2020 19:29

General

  • Target

    invoice copy.jar

  • Size

    7KB

  • MD5

    6d252a0247bd2118467560813fc198c4

  • SHA1

    aea0c33c6f442ee42aa087080955c1a9649fe9ff

  • SHA256

    5232633d3b6233fcecd2941c793aea06a6a4c637a83d826383e2ac92383b5a00

  • SHA512

    f12d8c58550904f287816f79ccc136782dc87162bf2084f9e42ca1a89448f221cb6de22d2ee9f1f49d637438c55163b7a0aa11cc6b865a36e64f10c4bb763999

Score
10/10

Malware Config

Signatures

  • QNodeService

    Trojan/stealer written in NodeJS and spread via Java downloader.

Processes

  • C:\Windows\system32\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\invoice copy.jar"
    1⤵
      PID:1980

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads