DHL_Nov 2020 at 1.88_8BZ290_JPG.jar

General
Target

DHL_Nov 2020 at 1.88_8BZ290_JPG.jar

Size

82KB

Sample

201117-1jl3f69bjj

Score
10 /10
MD5

c3006afce4ce3352014dcb836243cba7

SHA1

c6d98eed856a46c4fbb25186af4ff85bdb8740b2

SHA256

26b31e15be447333afd80f62a5723b4d8b432819bdfd6b1c07ab1ab437d92e37

SHA512

3d3e9692599203e3d95f2555e1178cbcbf4a34f5735e22a91dcd159b59c19b8494ecb009db116d18f5d3a41e001e6594d8ed5e6f6df636ea2561cc8893e02f87

Malware Config
Targets
Target

DHL_Nov 2020 at 1.88_8BZ290_JPG.jar

MD5

c3006afce4ce3352014dcb836243cba7

Filesize

82KB

Score
10/10
SHA1

c6d98eed856a46c4fbb25186af4ff85bdb8740b2

SHA256

26b31e15be447333afd80f62a5723b4d8b432819bdfd6b1c07ab1ab437d92e37

SHA512

3d3e9692599203e3d95f2555e1178cbcbf4a34f5735e22a91dcd159b59c19b8494ecb009db116d18f5d3a41e001e6594d8ed5e6f6df636ea2561cc8893e02f87

Tags

Signatures

  • QNodeService

    Description

    Trojan/stealer written in NodeJS and spread via Java downloader.

    Tags

  • Executes dropped EXE

  • JavaScript code in executable

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          1/10

                          behavioral2

                          10/10