qarallax | 3b7e009a2ca84ce2834f422390a85515b80034e4227c05e7522b274e862c7924 | Triage

Submit
Reports

Overview

overview

Static

static

QAOTATION.jar

windows7_x64

QAOTATION.jar

windows10_x64

Sharing

General

Target

QAOTATION.jar
Size

399KB
Sample

200819-xxtxd8vera
MD5

be666fddf4e70621ec1a8fe19348bbc3
SHA1

132069951f67e7bd94cfce57a137b9f82ead15ad
SHA256

3b7e009a2ca84ce2834f422390a85515b80034e4227c05e7522b274e862c7924
SHA512

0ef5796a8bb0913389fefc4c940bd0200189d1227071e6a5a400c55925ee396722fa6107f91f618c9799e339a231ab43a7189378388f0551e2064d2eb9ff62fb

Score

10^/10

qarallax evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

QAOTATION.jar

Resource

win7v200722

persistence evasion trojan qarallax

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

QAOTATION.jar

Resource

win10v200722

evasion trojan persistence qarallax

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  QAOTATION.jar
- Size
  
  399KB
- MD5
  
  be666fddf4e70621ec1a8fe19348bbc3
- SHA1
  
  132069951f67e7bd94cfce57a137b9f82ead15ad
- SHA256
  
  3b7e009a2ca84ce2834f422390a85515b80034e4227c05e7522b274e862c7924
- SHA512
  
  0ef5796a8bb0913389fefc4c940bd0200189d1227071e6a5a400c55925ee396722fa6107f91f618c9799e339a231ab43a7189378388f0551e2064d2eb9ff62fb
Score

10^/10

persistence evasion trojan qarallax
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- QarallaxRAT
  Qarallax is a RAT developed by Quaverse and sold as RaaS (RAT as a Service).
  trojan qarallax
- Qarallax RAT support DLL
- Sets file execution options in registry
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Modify Registry

Disabling Security Tools

Hidden Files and Directories

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistenceevasiontrojanqarallax

behavioral2

evasiontrojanpersistenceqarallax

© 2018-2024

Terms | Privacy