Overview

overview

10

Static

static

BANK-SWIFT...GE.jar

windows7_x64

10

BANK-SWIFT...GE.jar

windows10-2004_x64

1

Analysis

  • max time kernel
    150s
  • max time network
    56s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    05-02-2022 14:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BANK-SWIFT RETURNE ERROR MESSAGE.jar

  • Size

    5KB

  • MD5

    cb0c25a22d3220c9a27c81689454c30f

  • SHA1

    5830a1d928f4c60ecdbeeba79b775a7f5f4c8a1a

  • SHA256

    87a79399819d19575d58fad00b424a3d996b7d2f85aa1233d65cfa8e6065100c

  • SHA512

    e584e1bfec3ccfeaef616265f88b04d563016495c1b23dca5b9dc15ce9813e635609e44b0e6d254c2252ca65246494531294417485e0a52ab2c01663f6bfb44b

Score
10/10
qnodeservicetrojan

Malware Config

Signatures

  • QNodeService

    Trojan/stealer written in NodeJS and spread via Java downloader.

    trojanqnodeservice

Processes

  • C:\Windows\system32\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\BANK-SWIFT RETURNE ERROR MESSAGE.jar"
    1⤵
      PID:2028

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2028-54-0x000007FEFB531000-0x000007FEFB533000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2028-56-0x0000000002260000-0x0000000005260000-memory.dmp
      Filesize

      48.0MB

      Download
    • memory/2028-57-0x0000000000330000-0x0000000000331000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2028-59-0x0000000000330000-0x0000000000331000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2028-72-0x0000000000330000-0x0000000000331000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2028-84-0x0000000000330000-0x0000000000331000-memory.dmp
      Filesize

      4KB

      Download