General

  • Target

    9ff5f712e3f60b1722c1c1d93af310a8e33cf98e687c74797314425d096293ca

  • Size

    5KB

  • Sample

    220205-pc3ryabden

  • MD5

    b082f98cb117c45d3f737254568a3be5

  • SHA1

    b9a052802fd0aa183fc0cb3f0a7ac438da54f4fa

  • SHA256

    9ff5f712e3f60b1722c1c1d93af310a8e33cf98e687c74797314425d096293ca

  • SHA512

    b873a1d280c74f93b7b48fa2226686d4fdfba09f360ec4e3f00d45232a18ce15db57bc480cb960ba21ee532ecf14addfd4e2331d74588ad558265581f35a8d3a

Score
10/10

Malware Config

Targets

    • Target

      9ff5f712e3f60b1722c1c1d93af310a8e33cf98e687c74797314425d096293ca

    • Size

      5KB

    • MD5

      b082f98cb117c45d3f737254568a3be5

    • SHA1

      b9a052802fd0aa183fc0cb3f0a7ac438da54f4fa

    • SHA256

      9ff5f712e3f60b1722c1c1d93af310a8e33cf98e687c74797314425d096293ca

    • SHA512

      b873a1d280c74f93b7b48fa2226686d4fdfba09f360ec4e3f00d45232a18ce15db57bc480cb960ba21ee532ecf14addfd4e2331d74588ad558265581f35a8d3a

    Score
    10/10
    • QNodeService

      Trojan/stealer written in NodeJS and spread via Java downloader.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation

                          Tasks