qnodeservice | 4941926b3a6b027248ec257184b0a0f6128193947288dc313208eed459f19d6a | Triage

Submit
Reports

Overview

overview

Static

static

1

d2350d4df0...18.jar

windows7-x64

1

d2350d4df0...18.jar

windows10-2004-x64

Sharing

General

Target

d2350d4df0cb07cc824d65ef6427f824_JaffaCakes118
Size

320KB
Sample

240907-sej96azaqp
MD5

d2350d4df0cb07cc824d65ef6427f824
SHA1

778386245851563d0c2617beb68dda0beb5697d5
SHA256

4941926b3a6b027248ec257184b0a0f6128193947288dc313208eed459f19d6a
SHA512

59ced958404ee0d37a8dc8571fd1d196df1d13c64a0d9d30ffcd7781dcb6b078ab7418c51610086b8466d9990a371366915de0e3c7a1aca70d4c10bfabc81b7d
SSDEEP

6144:t2VurPJupJ8EnYr3fFYVnOB5XcWV05jxbLsZgeYa1tTayps:JrPkVOfUn65+FL2p/TayK

Score

10^/10

qnodeservice trojan

Static task

static1

Behavioral task

behavioral1

Sample

d2350d4df0cb07cc824d65ef6427f824_JaffaCakes118.jar

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

d2350d4df0cb07cc824d65ef6427f824_JaffaCakes118.jar

Resource

win10v2004-20240802-en

qnodeservice trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  d2350d4df0cb07cc824d65ef6427f824_JaffaCakes118
- Size
  
  320KB
- MD5
  
  d2350d4df0cb07cc824d65ef6427f824
- SHA1
  
  778386245851563d0c2617beb68dda0beb5697d5
- SHA256
  
  4941926b3a6b027248ec257184b0a0f6128193947288dc313208eed459f19d6a
- SHA512
  
  59ced958404ee0d37a8dc8571fd1d196df1d13c64a0d9d30ffcd7781dcb6b078ab7418c51610086b8466d9990a371366915de0e3c7a1aca70d4c10bfabc81b7d
- SSDEEP
  
  6144:t2VurPJupJ8EnYr3fFYVnOB5XcWV05jxbLsZgeYa1tTayps:JrPkVOfUn65+FL2p/TayK
Score

10^/10

qnodeservice trojan
- QNodeService
  Trojan/stealer written in NodeJS and spread via Java downloader.
  trojan qnodeservice
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

qnodeservicetrojan

© 2018-2025

Terms | Privacy