Analysis
-
max time kernel
151s -
max time network
146s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
05-02-2022 11:15
Static task
static1
Behavioral task
behavioral1
Sample
RFQ20200.jar
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
RFQ20200.jar
Resource
win10v2004-en-20220113
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
RFQ20200.jar
-
Size
5KB
-
MD5
ee4b7cb48f23baf62dfdd8907927138d
-
SHA1
766b0247212f2731ba69721967a98f643ee127f4
-
SHA256
6ff68fff0890426f1baa3465b636323e30d20e42405b4c78f6b36fbf0d6a712f
-
SHA512
b5c162c837f9cb0a00f7b1ca5f94318d44c76bed140c2c89c799c81ccb7a39bebe009c37f7f2d522bbc999cb473b2b01158d858989aa9756ff0513772f563eb1
Score
10/10
Malware Config
Signatures
-
QNodeService
Trojan/stealer written in NodeJS and spread via Java downloader.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1288-54-0x000007FEFB7E1000-0x000007FEFB7E3000-memory.dmpFilesize
8KB
-
memory/1288-56-0x0000000002100000-0x0000000005100000-memory.dmpFilesize
48.0MB
-
memory/1288-57-0x0000000000230000-0x0000000000231000-memory.dmpFilesize
4KB
-
memory/1288-58-0x0000000000230000-0x0000000000231000-memory.dmpFilesize
4KB
-
memory/1288-61-0x0000000000230000-0x0000000000231000-memory.dmpFilesize
4KB