SYMBOLCOMMON_NAMEaka. SYNONYMS
js.qnodeservice (Back to overview)

QNodeService


According to Trend Micro, this is a Node.js based malware, that can download/upload/execute files, steal credentials from Chrome/Firefox browsers, and perform file management, among other things. It targets Windows and has components for both 32 and 64bit.

References
2020-11-19TelsyTelsy Research Team
QNodeService stepped up its features while operated in widespread credential-theft campaigns
QNodeService
2020-05-14Trend MicroMatthew Stewart
QNodeService: Node.js Trojan Spread via Covid-19 Lure
QNodeService

There is no Yara-Signature yet.