qnodeservice | d7b3a26564a7d3232604da3dec930c10a3f777e5cbfc8d47a1ea8e55c6f2164d | Triage

Submit
Reports

Overview

overview

Static

static

380000_USD...20.jar

windows7_x64

1

380000_USD...20.jar

windows10_x64

Sharing

General

Target

380000_USD_INV_011740_NOV_2020.jar.zip
Size

54KB
Sample

201125-dw48gxpkfe
MD5

31c1ebc2b790c89d7cf93ab87f375718
SHA1

fc6b19ae8dcb24691669a8e364b8adeb785369aa
SHA256

d7b3a26564a7d3232604da3dec930c10a3f777e5cbfc8d47a1ea8e55c6f2164d
SHA512

dbc9663145be7a733df4bb99700bbb70894d0853d5ed3d1362d0e3e32a144c3e5ce4df0e3c6d9a2871ea7853316099e75740a53913ea9b207d616fb26bc0635f

Score

10^/10

qnodeservice trojan

Static task

static1

Behavioral task

behavioral1

Sample

380000_USD_INV_011740_NOV_2020.jar

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

380000_USD_INV_011740_NOV_2020.jar

Resource

win10v20201028

qnodeservice trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  380000_USD_INV_011740_NOV_2020.jar
- Size
  
  64KB
- MD5
  
  aa4cc34e07330dac5e26c7e48bc469fd
- SHA1
  
  8810ae3a071b894f76bbbd8bb8cec2832eee0362
- SHA256
  
  6d3f7620b05ce217ff5db72d4af251801a16b4c86b7a2caa79dbe4431c5e0289
- SHA512
  
  9f98db768d103b940d23ecaa92a750c567f19b3198cbbc16d50d8a0d7c858355e42fddcace4fd1ed7f8b9d5c72c334429cb0e7e8b832562b31c602a566898f20
Score

10^/10

qnodeservice trojan
- QNodeService
  Trojan/stealer written in NodeJS and spread via Java downloader.
  trojan qnodeservice
- Executes dropped EXE
- JavaScript code in executable
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

qnodeservicetrojan

© 2018-2024

Terms | Privacy