qnodeservice | 18271340763eec905ab512d1e1af9aea61a271f96062e7e62f38938db48f5d4a | Triage

Sharing

General

Target

18271340763eec905ab512d1e1af9aea61a271f96062e7e62f38938db48f5d4a
Size

4KB
Sample

220205-xf6l1aech2
MD5

9137f24022c7cf5bf49e6238298b1195
SHA1

23e23a22889d369d22da273d3168773e7b3dc53e
SHA256

18271340763eec905ab512d1e1af9aea61a271f96062e7e62f38938db48f5d4a
SHA512

b38c3e5c639785d3f923cc4e2fd8399bc17663940a59c759b4047a0823898a9b211ebeb4ce12f3c05ac0b0e7ce1ab464d27f89ee12ac38ddeec54400b50ad0ef

Score

10^/10

qnodeservice trojan

Malware Config

Targets

- Target
  
  invoice 837001.jar
- Size
  
  5KB
- MD5
  
  2290ca0172c7e5d2f4fa99ab4546c569
- SHA1
  
  87a97ef2c7c8b202146b370be396b0f09412ec9f
- SHA256
  
  fbee6ba15c3a034b99b5e92524c7dfb1ee2aad1a0ce4a4f9df87eeb85f9d3e21
- SHA512
  
  4b88d19f62b6a8fdc3857b79eb78531d762f98a619ec41426fcb4ee455e5425ad21898f3b2d07c3289168acdd9643c1dd8f5858db4bf7b341f8b7c519ecf52d6
Score

10^/10

qnodeservice trojan
- QNodeService
  Trojan/stealer written in NodeJS and spread via Java downloader.
  trojan qnodeservice
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

qnodeservicetrojan

behavioral2