Analysis

  • max time kernel
    149s
  • max time network
    143s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    09-11-2020 19:54

General

  • Target

    Purchase Order_ 172833_O_393.jar

  • Size

    5KB

  • MD5

    bfa124521374ebcc77807c2531b1260a

  • SHA1

    43a7bcffc95ee3834ef4ab3e2fc9189972671fd9

  • SHA256

    202080e727b4d21764023115b9f2c5e0b60656bcc57362daa80933754466620b

  • SHA512

    6e6bff5e0e61021e6b614b870c18b967bd55512370141b37333918e605f5c6b025fa7e746e331996fa2f4ceaeb8e6c99e9244d33e19197a40c5c30321e42adcc

Score
10/10

Malware Config

Signatures

  • QNodeService

    Trojan/stealer written in NodeJS and spread via Java downloader.

Processes

  • C:\ProgramData\Oracle\Java\javapath\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\Purchase Order_ 172833_O_393.jar"
    1⤵
      PID:3636

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads