Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

f4.jar

windows7_x64

1

f4.jar

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f4.jar

  • Size

    57KB

  • Sample

    201208-frbcdhhcdn

  • MD5

    ae77d6c4c46bbfdaa23c9238d12dcd98

  • SHA1

    4a5e4e0e0e7957a6b78a827bcd2d13f37afa713d

  • SHA256

    b91195dd162317cf8064a5c6479eb676936d32aca3c0262533a6a143fe0e28d1

  • SHA512

    64dc178003a04a44a3887e136749a2e46e455ca343373d92e8087454cba8c462bdbd04e40164d315bf283174293104d759fc2d38fff4232579d760d9a3f1d114

Score
10/10
qnodeservicepersistencetrojan

Malware Config

Targets

    • Target

      f4.jar

    • Size

      57KB

    • MD5

      ae77d6c4c46bbfdaa23c9238d12dcd98

    • SHA1

      4a5e4e0e0e7957a6b78a827bcd2d13f37afa713d

    • SHA256

      b91195dd162317cf8064a5c6479eb676936d32aca3c0262533a6a143fe0e28d1

    • SHA512

      64dc178003a04a44a3887e136749a2e46e455ca343373d92e8087454cba8c462bdbd04e40164d315bf283174293104d759fc2d38fff4232579d760d9a3f1d114

    Score
    10/10
    qnodeservicepersistencetrojan

    • QNodeService

      Trojan/stealer written in NodeJS and spread via Java downloader.

      trojanqnodeservice

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • JavaScript code in executable

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.