380000_USD_INV_011740_NOV_2020.jar.zip

General
Target

380000_USD_INV_011740_NOV_2020.jar.zip

Size

54KB

Sample

201125-dw48gxpkfe

Score
10 /10
MD5

31c1ebc2b790c89d7cf93ab87f375718

SHA1

fc6b19ae8dcb24691669a8e364b8adeb785369aa

SHA256

d7b3a26564a7d3232604da3dec930c10a3f777e5cbfc8d47a1ea8e55c6f2164d

SHA512

dbc9663145be7a733df4bb99700bbb70894d0853d5ed3d1362d0e3e32a144c3e5ce4df0e3c6d9a2871ea7853316099e75740a53913ea9b207d616fb26bc0635f

Malware Config
Targets
Target

380000_USD_INV_011740_NOV_2020.jar

MD5

aa4cc34e07330dac5e26c7e48bc469fd

Filesize

64KB

Score
10/10
SHA1

8810ae3a071b894f76bbbd8bb8cec2832eee0362

SHA256

6d3f7620b05ce217ff5db72d4af251801a16b4c86b7a2caa79dbe4431c5e0289

SHA512

9f98db768d103b940d23ecaa92a750c567f19b3198cbbc16d50d8a0d7c858355e42fddcace4fd1ed7f8b9d5c72c334429cb0e7e8b832562b31c602a566898f20

Tags

Signatures

  • QNodeService

    Description

    Trojan/stealer written in NodeJS and spread via Java downloader.

    Tags

  • Executes dropped EXE

  • JavaScript code in executable

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          1/10

                          behavioral2

                          10/10