Overview

overview

10

Static

static

USD_53080_...AN.jar

windows7_x64

10

USD_53080_...AN.jar

windows10-2004_x64

1

Analysis

  • max time kernel
    151s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    05-02-2022 16:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    USD_53080_MT101_BANK_SCAN.jar

  • Size

    5KB

  • MD5

    66dae49e6a1edf3e74c33a06b4270d4b

  • SHA1

    ed14532d4bbf152369cd39949802c6f773754c0e

  • SHA256

    6f55f6e567ee9df0a823ce1072fbf1e7b5ae4ace2128f8b330394cab4d07d2ab

  • SHA512

    a8ba21d9a23c2cace59ff915f8def5c5c9e7603aeaef76f34981456cfae9f1237a4600e73f5d3ebbf3c45a18701e29e330966e6b276d0443e10a33f124d4a1d9

Score
10/10
qnodeservicetrojan

Malware Config

Signatures

  • QNodeService

    Trojan/stealer written in NodeJS and spread via Java downloader.

    trojanqnodeservice

Processes

  • C:\Windows\system32\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\USD_53080_MT101_BANK_SCAN.jar
    1⤵
      PID:1772

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1772-55-0x000007FEFB5B1000-0x000007FEFB5B3000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1772-57-0x0000000001E60000-0x00000000051B0000-memory.dmp
      Filesize

      51.3MB

      Download
    • memory/1772-58-0x0000000000120000-0x0000000000121000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1772-62-0x0000000000120000-0x0000000000121000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1772-85-0x0000000000120000-0x0000000000121000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1772-95-0x0000000000120000-0x0000000000121000-memory.dmp
      Filesize

      4KB

      Download