Analysis
-
max time kernel
151s -
max time network
142s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
05-02-2022 15:52
General
-
Target
5210afa4567b98fb3f8aee513206b5fd466d3afe01dd576a2bee4a623f2cdae2.jar
-
Size
5KB
-
MD5
1159c8fa61d9bf42b67dfe721c73843d
-
SHA1
ccd1312f6a444492301674d7cf2a45995dd86e0b
-
SHA256
5210afa4567b98fb3f8aee513206b5fd466d3afe01dd576a2bee4a623f2cdae2
-
SHA512
693ddc434d47ad594b36771b6b410e71cae4d45f57b7475db1ba657ae0b77a60159963ca65135bf730e54b687accff6caf4622bbbad8a0895e545c4b500c33c2
Score
10/10
Malware Config
Signatures
-
QNodeService
Trojan/stealer written in NodeJS and spread via Java downloader.
Processes
-
C:\Windows\system32\java.exejava -jar C:\Users\Admin\AppData\Local\Temp\5210afa4567b98fb3f8aee513206b5fd466d3afe01dd576a2bee4a623f2cdae2.jar1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/756-55-0x000007FEFB781000-0x000007FEFB783000-memory.dmpFilesize
8KB
-
memory/756-57-0x0000000002070000-0x0000000005070000-memory.dmpFilesize
48.0MB
-
memory/756-58-0x0000000000220000-0x0000000000221000-memory.dmpFilesize
4KB
-
memory/756-61-0x0000000000220000-0x0000000000221000-memory.dmpFilesize
4KB
-
memory/756-85-0x0000000000220000-0x0000000000221000-memory.dmpFilesize
4KB
-
memory/756-88-0x0000000000220000-0x0000000000221000-memory.dmpFilesize
4KB
-
memory/756-97-0x0000000000220000-0x0000000000221000-memory.dmpFilesize
4KB
-
memory/756-100-0x0000000000220000-0x0000000000221000-memory.dmpFilesize
4KB
-
memory/756-107-0x0000000000220000-0x0000000000221000-memory.dmpFilesize
4KB