Analysis
-
max time kernel
149s -
max time network
40s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
05-02-2022 07:53
General
-
Target
NOTE DE SERVICE.pdf.jar
-
Size
5KB
-
MD5
c38bf06bce2793cd226dfa7eff582482
-
SHA1
08238c708ae4acc85a6c5a1fe452bb8f5dc46c6b
-
SHA256
c968ebe9ec371a611049d8836e1a6bcd3d6791d331604e80b0c65f9e442b8239
-
SHA512
2f76a86a7ae60a5b5564b443e694aff02bec00e9687f9f0a6b73046970314c089a8820d60348b6981f393a5b278c8862cfaafa3539ae7dbd78a4f80bb408b266
Score
10/10
Malware Config
Signatures
-
QNodeService
Trojan/stealer written in NodeJS and spread via Java downloader.
Processes
-
C:\Windows\system32\java.exejava -jar "C:\Users\Admin\AppData\Local\Temp\NOTE DE SERVICE.pdf.jar"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/836-53-0x000007FEFBE11000-0x000007FEFBE13000-memory.dmpFilesize
8KB
-
memory/836-55-0x0000000001CF0000-0x0000000005130000-memory.dmpFilesize
52.2MB
-
memory/836-56-0x0000000000120000-0x0000000000121000-memory.dmpFilesize
4KB
-
memory/836-58-0x0000000000120000-0x0000000000121000-memory.dmpFilesize
4KB
-
memory/836-59-0x0000000000120000-0x0000000000121000-memory.dmpFilesize
4KB
-
memory/836-60-0x0000000000120000-0x0000000000121000-memory.dmpFilesize
4KB
-
memory/836-66-0x0000000000120000-0x0000000000121000-memory.dmpFilesize
4KB
-
memory/836-99-0x0000000000120000-0x0000000000121000-memory.dmpFilesize
4KB