qnodeservice | 18271340763eec905ab512d1e1af9aea61a271f96062e7e62f38938db48f5d4a | Triage

Sharing

General

Target

18271340763eec905ab512d1e1af9aea61a271f96062e7e62f38938db48f5d4a
Size

4KB
Sample

220205-xf6l1aech2
MD5

9137f24022c7cf5bf49e6238298b1195
SHA1

23e23a22889d369d22da273d3168773e7b3dc53e
SHA256

18271340763eec905ab512d1e1af9aea61a271f96062e7e62f38938db48f5d4a
SHA512

b38c3e5c639785d3f923cc4e2fd8399bc17663940a59c759b4047a0823898a9b211ebeb4ce12f3c05ac0b0e7ce1ab464d27f89ee12ac38ddeec54400b50ad0ef

Score

10^/10

qnodeservice trojan

Malware Config

Targets

- Target
  
  invoice 837001.jar
- Size
  
  5KB
- MD5
  
  2290ca0172c7e5d2f4fa99ab4546c569
- SHA1
  
  87a97ef2c7c8b202146b370be396b0f09412ec9f
- SHA256
  
  fbee6ba15c3a034b99b5e92524c7dfb1ee2aad1a0ce4a4f9df87eeb85f9d3e21
- SHA512
  
  4b88d19f62b6a8fdc3857b79eb78531d762f98a619ec41426fcb4ee455e5425ad21898f3b2d07c3289168acdd9643c1dd8f5858db4bf7b341f8b7c519ecf52d6
Score

10^/10

qnodeservice trojan
- QNodeService
  Trojan/stealer written in NodeJS and spread via Java downloader.
  trojan qnodeservice
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

qnodeservicetrojan

behavioral2