qnodeservice | f89d1bdd0d0fee43aa0e927e65283f524793aef151e857ac552191afb9694885 | Triage

Submit
Reports

Overview

overview

Static

static

CONFIRMATI...03.jar

windows7_x64

CONFIRMATI...03.jar

windows10_x64

Analysis

max time kernel
151s
max time network
17s
platform
windows7_x64
resource
win7v20201028
submitted
09-11-2020 19:48

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

CONFIRMATIONSWIFT MT103.jar

Resource

win7v20201028

qnodeservice trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

CONFIRMATIONSWIFT MT103.jar

Resource

win10v20201028

qnodeservice trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

CONFIRMATIONSWIFT MT103.jar
Size

5KB
MD5

21f6239b668e87e32542c6ee0a95db06
SHA1

a6b0f7364d3cab58174effcfb137b190d3612160
SHA256

f89d1bdd0d0fee43aa0e927e65283f524793aef151e857ac552191afb9694885
SHA512

2b4b6d4778525a321bf0b5279c4182528b2cfc5617d3561a0a3d0c01e533235cf870795cc60c777df67e35b79af5cafe2c15022f71f0058798543bb7c5c69910

Score

10^/10

qnodeservice trojan

Malware Config

Signatures

QNodeService
Trojan/stealer written in NodeJS and spread via Java downloader.
trojan qnodeservice

Processes

C:\Windows\system32\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\CONFIRMATIONSWIFT MT103.jar"
1⤵
PID:596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy