Analysis

  • max time kernel
    150s
  • max time network
    12s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    09-11-2020 19:28

General

  • Target

    OV002458.pdf.jar

  • Size

    5KB

  • MD5

    3490a955e550ec8f8bd1d5a848f91c66

  • SHA1

    58c058f76480474ef6901375be70ffd0824243f5

  • SHA256

    06fd5c51bca2b705184009a1ebe43cf7a5f238bbc68a464259523a824073fe90

  • SHA512

    a43bd640e139011bd7dface7f08a95af4111150601ebfde771a1ffef674d91d6071cccefaf32046966eb884785ae3e7e557bb4ed2cfc6cdf742fd633b7ab0d5e

Score
10/10

Malware Config

Signatures

  • QNodeService

    Trojan/stealer written in NodeJS and spread via Java downloader.

Processes

  • C:\Windows\system32\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\OV002458.pdf.jar
    1⤵
      PID:288

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads