SYMBOLCOMMON_NAMEaka. SYNONYMS
js.qnodeservice (Back to overview)

QNodeService


According to Trend Micro, this is a Node.js based malware, that can download/upload/execute files, steal credentials from Chrome/Firefox browsers, and perform file management, among other things. It targets Windows and has components for both 32 and 64bit.

References
2020-05-14Trend MicroMatthew Stewart
@online{stewart:20200514:qnodeservice:603306e, author = {Matthew Stewart}, title = {{QNodeService: Node.js Trojan Spread via Covid-19 Lure}}, date = {2020-05-14}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/qnodeservice-node-js-trojan-spread-via-covid-19-lure/}, language = {English}, urldate = {2020-05-18} } QNodeService: Node.js Trojan Spread via Covid-19 Lure
QNodeService

There is no Yara-Signature yet.