Overview
overview
10Static
static
7QZK RAT Fr...er.dll
windows10-2004-x64
1QZK RAT Fr...ll.xml
windows10-2004-x64
1QZK RAT Fr...er.dll
windows10-2004-x64
1QZK RAT Fr...es.dll
windows10-2004-x64
1QZK RAT Fr...ng.dll
windows10-2004-x64
1QZK RAT Fr...us.dll
windows10-2004-x64
1QZK RAT Fr...ox.dll
windows10-2004-x64
1QZK RAT Fr...er.bat
windows10-2004-x64
1QZK RAT Fr...rp.dll
windows10-2004-x64
1QZK RAT Fr...re.dll
windows10-2004-x64
1QZK RAT Fr...ms.dll
windows10-2004-x64
1QZK RAT Fr...UI.dll
windows10-2004-x64
1QZK RAT Fr...I2.dll
windows10-2004-x64
1QZK RAT Fr...ry.dll
windows10-2004-x64
1QZK RAT Fr...ry.dll
windows10-2004-x64
1QZK RAT Fr...VB.dll
windows10-2004-x64
1QZK RAT Fr...or.dll
windows10-2004-x64
1QZK RAT Fr...am.dll
windows10-2004-x64
1QZK RAT Fr...io.dll
windows10-2004-x64
1QZK RAT Fr...ip.dll
windows10-2004-x64
10QZK RAT Fr...ws.dll
windows10-2004-x64
5QZK RAT Fr...ne.dll
windows10-2004-x64
1QZK RAT Fr...AC.dll
windows10-2004-x64
1QZK RAT Fr...en.dll
windows10-2004-x64
1QZK RAT Fr...ks.dll
windows10-2004-x64
1QZK RAT Fr...at.dll
windows10-2004-x64
1QZK RAT Fr...um.dll
windows10-2004-x64
1QZK RAT Fr...AT.exe
windows10-2004-x64
7QZK RAT Fr...rs.dll
windows10-2004-x64
1QZK RAT Fr...fe.dll
windows10-2004-x64
1QZK RAT Fr...ib.dll
windows10-2004-x64
1General
-
Target
QZK RAT Free.zip
-
Size
135.8MB
-
Sample
230416-rj2vbsca6z
-
MD5
137b00100757794f85bfd997700ee1e8
-
SHA1
0d558b31fbe2e90babd7cdd4058d53ec66fa60de
-
SHA256
5690987418e7898137bb9f8e706d3ff8f196b1dc612be983012524235f64f6af
-
SHA512
f7283e2e1cdbff26e4c2ecca2f990c72d0703412472cccf0212c81bbf9a0979ee2e3ac6c55f1324cbab98b27392776f49319e6bbc84d7784138d89f29353bb8e
-
SSDEEP
3145728:AgC3YNSUW9fG+SbOeuzqHc3C6JDnnTj/Xi8BiVsspOMZ0kr+tQzapQG8KAt086UD:AgCasqOeLc3C6JbP/XiTo3krnglgD
Behavioral task
behavioral1
Sample
QZK RAT Free/Bug Fixer.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral2
Sample
QZK RAT Free/Bug Fixer.dll.xml
Resource
win10v2004-20230221-en
Behavioral task
behavioral3
Sample
QZK RAT Free/ConversionWrapper.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral4
Sample
QZK RAT Free/EPPlus.Interfaces.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
QZK RAT Free/EPPlus.System.Drawing.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral6
Sample
QZK RAT Free/EPPlus.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
QZK RAT Free/FastColoredTextBox.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral8
Sample
QZK RAT Free/Fixer.bat
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
QZK RAT Free/FontAwesome.Sharp.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral10
Sample
QZK RAT Free/GMap.NET.Core.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral11
Sample
QZK RAT Free/GMap.NET.WindowsForms.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral12
Sample
QZK RAT Free/Guna.UI.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral13
Sample
QZK RAT Free/Guna.UI2.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral14
Sample
QZK RAT Free/ICSharpCode.NRefactory.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral15
Sample
QZK RAT Free/ICSharpCode.SharpRefactory.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral16
Sample
QZK RAT Free/ICSharpCode.SharpRefactoryVB.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral17
Sample
QZK RAT Free/IconExtractor.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral18
Sample
QZK RAT Free/Microsoft.IO.RecyclableMemoryStream.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral19
Sample
QZK RAT Free/NAudio.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral20
Sample
QZK RAT Free/Plugins/7zip.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral21
Sample
QZK RAT Free/Plugins/ACTWindows.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral22
Sample
QZK RAT Free/Plugins/All-In-One.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral23
Sample
QZK RAT Free/Plugins/AskUAC.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral24
Sample
QZK RAT Free/Plugins/BlankScreen.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral25
Sample
QZK RAT Free/Plugins/Bookmarks.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral26
Sample
QZK RAT Free/Plugins/Chat.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral27
Sample
QZK RAT Free/Plugins/Chromium.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral28
Sample
QZK RAT Free/QZK RAT.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral29
Sample
QZK RAT Free/System.Numerics.Vectors.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral30
Sample
QZK RAT Free/System.Runtime.CompilerServices.Unsafe.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral31
Sample
QZK RAT Free/dnlib.dll
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
QZK RAT Free/Bug Fixer.dll
-
Size
122.2MB
-
MD5
a54e1b46fb8f24ab0f8ee2528098b1b5
-
SHA1
f110a574dbff2b59721d6d526c5640733d6fd094
-
SHA256
4d1b3e552e4b4a455803c6143490aab97d572bf5376cb9c2cb140bf56c58bb95
-
SHA512
3e73690767d589ba3d97fcda8d7e1892ddc7b2ff2cc00f52241e50c958b2d3f83d8e5450d201980c64147b90f516255b4932912e241afd82a83bf70c494c1081
-
SSDEEP
3145728:VhgY/ofQVcj0/kYp09gG3croHnbfTKGu7SLtJB:VhgYQckYqb3GibfeWr
Score1/10 -
-
-
Target
QZK RAT Free/Bug Fixer.dll.config
-
Size
161B
-
MD5
c16b0746faa39818049fe38709a82c62
-
SHA1
3fa322fe6ed724b1bc4fd52795428a36b7b8c131
-
SHA256
d61bde901e7189cc97d45a1d4c4aa39d4c4de2b68419773ec774338506d659ad
-
SHA512
cbcba899a067f8dc32cfcbd1779a6982d25955de91e1e02cee8eaf684a01b0dee3642c2a954903720ff6086de5a082147209868c03665c89f814c6219be2df7c
Score1/10 -
-
-
Target
QZK RAT Free/ConversionWrapper.dll
-
Size
15KB
-
MD5
53c98fc84721d640c568721a06bfa9d0
-
SHA1
5d40974f80cda617c0fdc6f50a45117a5e3f1552
-
SHA256
38e9594b37f6382202ffd3f553c29fee47b725edc6f619c7dfe5fb0941e43a30
-
SHA512
0e673b4e0f311e84e82cc58e8d41db6dc496a25d0133293939f81de9fa23beecd5f9d4bb6b704c95976bee38e6c9a9c616acf79406ad5da62dcdb9f0cfd1febf
-
SSDEEP
384:TxzJ6m1jAQ3qrZB7liM+VqrFcwad+LRp6BPkI:N0/vlitocB/f
Score1/10 -
-
-
Target
QZK RAT Free/EPPlus.Interfaces.dll
-
Size
6KB
-
MD5
03b939b9cfdc81001dc493193d093124
-
SHA1
363377689b490414552253b918ff3c674210a4d2
-
SHA256
ff96bf2475e44f10647f8641bbac12aaf686ff6060080651923ba57bb80c57c0
-
SHA512
0fac5725adc72fcdc6293d8a56c0dd188512b61f6aa4b5fbb91c251e70c357af9b055b0aaeb4612389aa84714f3516defcc85fd608ccae9f9b5e148a8537aa1c
-
SSDEEP
96:9Br+hUJ5C63EhOoK3zriBRUQbceerdIgJPRolfOR:7FJ5CNhwGq8
Score1/10 -
-
-
Target
QZK RAT Free/EPPlus.System.Drawing.dll
-
Size
7KB
-
MD5
807d52b8f0d61ae00ffbbff66d31f957
-
SHA1
c33f6123c0c0cf2d07db1538f4e1f75e10519c37
-
SHA256
875137c5b89fb678a5bb78dfe90becc2366750beb44bb98a6990db48ef79cabc
-
SHA512
2cdfb30c3b5483035d9b092c7fa3fac41bf1fa9a843859b4ad3aa94eb517b448016a54eb02df019ac1f27838db84c8b497eeadfe2e14bf3a55451c8c29ef8093
-
SSDEEP
96:NzbnPZsqaaNFCT5j9LpHY0hl0QFRZSp63A5QBHJ+w6F+P2k1Id9TmNKMVQaazj:xv4LJZhl9tmQBN6k1I7mNKM2
Score1/10 -
-
-
Target
QZK RAT Free/EPPlus.dll
-
Size
3.1MB
-
MD5
ff4ecff3d9db54f69464be08632dba4d
-
SHA1
3097bb8ce6ecefa035a35ff3f54f94e917c6ddc6
-
SHA256
3fa2e9f82ee68f9e43bf756f4c75d5a3299fdb29c9229aa185db981366513762
-
SHA512
bc7d579f10286835cdf263329f74ab2ae2c525266487dc12745f5700400a14fb5d6152ddf8baf580f9174b27e92e6fc9922352bfb5d58bd01743697fe4606d98
-
SSDEEP
49152:klZKMN3mIT7i+805hcgyY6aZXNlqO/E8tOFH7tWpWCmvW:/OzNsSmv
Score1/10 -
-
-
Target
QZK RAT Free/FastColoredTextBox.dll
-
Size
325KB
-
MD5
adac0cee5cc4de7d4046ae1243e41bf0
-
SHA1
c8d6d92f0dbee64d0f4c0930f0d2699a8253e891
-
SHA256
68d0e444c0b27552d2cb86501dcb7db3fd64b82d966e9708db0408ec1ba38c79
-
SHA512
1d7af604540532a4121850760b1e401bb6356e59503c26f3d1fa358a105b7d88362c92f78aa4394095b165f06c484b8c2d2ed640380e85ef9b3eb087d3e7c869
-
SSDEEP
6144:CbgkJe4jG4m3oCCClXA34Wm5pVg/IWTKZCQOsqJLDd5eNqwDl1HD5:CbgEGv3oCCQAohVgSLmeNfD
Score1/10 -
-
-
Target
QZK RAT Free/Fixer.bat
-
Size
126B
-
MD5
d8aa2c83d328b4a8b7a1eca66d30834e
-
SHA1
d259afa241dd916d51da96c412eb4bdf13ee05b8
-
SHA256
8de3eb12c61b83853d25f88233f7d9498a3e5c3c0c0a6289f2e7d2acfcc9a442
-
SHA512
934adbdc9dc0ec5e56e214e504459275cbb544c1547550e8c9707271bece5a7c3c5062185be990478f2c204e304663871b7c1fc873a24c9c458fccf04fdb79b9
Score1/10 -
-
-
Target
QZK RAT Free/FontAwesome.Sharp.dll
-
Size
727KB
-
MD5
af7ea96479d85d6e858d27eadea10c49
-
SHA1
fc4dabf14bb0b61c3701815c8824347803af7877
-
SHA256
d7667c2d702e99eb009eaf917eaf177e855907ec5f10ee200eca7a57e6116722
-
SHA512
afcda3a046c5ace2d0c6c9ca97bf72267434a046b886baf36412cd4e7afaad992b02074aee4f4e72cfd3af4d59e267b9f6fe5e8c059a745990a9463cd9f74921
-
SSDEEP
12288:/mSRD6HQda9iky5eQXZ13KR8urDS9DukunSU8av+IL8:/lsQda9iky116R8urDS1I8av+I
Score1/10 -
-
-
Target
QZK RAT Free/GMap.NET.Core.dll
-
Size
2.9MB
-
MD5
819352ea9e832d24fc4cebb2757a462b
-
SHA1
aba7e1b29bdcd0c5a307087b55c2ec0c7ca81f11
-
SHA256
58c755fcfc65cddea561023d736e8991f0ad69da5e1378dea59e98c5db901b86
-
SHA512
6a5b0e1553616ea29ec72c12072ae05bdd709468a173e8adbdfe391b072c001ecacb3dd879845f8d599c6152eca2530cdaa2c069b1f94294f778158eaaebe45a
-
SSDEEP
49152:ot12Gb/hz7ZsK9qY5uyUW57VC4IB1+fXhQ1hyCzMw/22fSg7gjxhUE/nbTC0xemh:oLbteKb57W1+PhQ1HM1gmJ/SZmh
Score1/10 -
-
-
Target
QZK RAT Free/GMap.NET.WindowsForms.dll
-
Size
147KB
-
MD5
32a8742009ffdfd68b46fe8fd4794386
-
SHA1
de18190d77ae094b03d357abfa4a465058cd54e3
-
SHA256
741e1a8f05863856a25d101bd35bf97cba0b637f0c04ecb432c1d85a78ef1365
-
SHA512
22418d5e887a6022abe8a7cbb0b6917a7478d468d211eecd03a95b8fb6452fc59db5178573e25d5d449968ead26bb0b2bfbfada7043c9a7a1796baca5235a82b
-
SSDEEP
3072:k1GmgYqIY/0YSDBRGlDUqL63budipxj64m8HWYh3vHbFwMhLJSb+:lIO6rGloqL63qW62lJ
Score1/10 -
-
-
Target
QZK RAT Free/Guna.UI.dll
-
Size
1.1MB
-
MD5
8673eae95d67e5eb19f0eca3111408e8
-
SHA1
ad3e1ce93782537ffd3cd9e0bb9d30ae22d40ddb
-
SHA256
576d2de2c9ef5bc1ea9bdd73ae8f408004260037c3b72227eed27e995166276d
-
SHA512
65c4eadf448a643f45fa9a0d91497bb25af404c41a3a32686d9e99ba4f4e50783d73f5b13d5df505cc62c465be300746d84a2eaa8000531893cd0b19d6436239
-
SSDEEP
24576:hUsmpWNSUFmCqJPNsTuJDYYviEcHy1t6Y:hSUQWSF8q
Score1/10 -
-
-
Target
QZK RAT Free/Guna.UI2.dll
-
Size
2.3MB
-
MD5
b7cf1039d089511ff4594d0796dc966b
-
SHA1
e41d50c48f5381da01ed43967d1024fdaaeedd81
-
SHA256
9143707613cfa106fc4d7177e6e9f8a544738989b6167cd6578101f1bdb0927a
-
SHA512
6627a7a810c78a94ff1d52b14d071f8aabd71a2e6b521d2fcea7d865d94f5bcb1dd890f1b93b292035b20127507e32c11c215268e00510e5bf28c6132a4ce2a4
-
SSDEEP
49152:DpR548WTt9kUHdvAmZL0Th+1n9fr2flQChRigKw1:54JErh0gz1
Score1/10 -
-
-
Target
QZK RAT Free/ICSharpCode.NRefactory.dll
-
Size
648KB
-
MD5
19c667a32fdaa1ff5162c6e599d8209c
-
SHA1
4e5d2a045a44b2695c4d664de24070c16b51653d
-
SHA256
7ed9f334fbc846bd89773db45a58d5839bb62acc69d902b6918c5bfa4c25fae8
-
SHA512
ffa021cfd60213327933ef488c1ae637cc92ec8eccaf1258ae1cb909500f048a7fa8133194bb04f90d479bd70e345a6b9e475c7fa4e394ceba37566695656319
-
SSDEEP
12288:0TcdmW4lR962A5Cndb+N2uzgb5ShLgMfgGA:Uc+olIsfgGA
Score1/10 -
-
-
Target
QZK RAT Free/ICSharpCode.SharpRefactory.dll
-
Size
212KB
-
MD5
9af954f391ead3815c92a69ba37dc5cd
-
SHA1
def87efd6f8bef87e8317e0e4445b26ec157df6a
-
SHA256
38241922082e5b50ba3fba85667d1fbf8da4cabd1a59b0ace734eb99b7cd327a
-
SHA512
9d5f060756eeb61a135d1fec1e0bca1d3d3fadd9abce8c8eebdf0fd0f061bcfb162c26cad3fce4116fd4f642d27ead633757a8133cd9658047dff31fc36440a2
-
SSDEEP
3072:lvhs2+BF+y/TqNdErZVQXvtmlf9nAWH6gfphBPbsTbPZhlQCAaM3:xK1Tqb9mR9nRagfphR/Xn
Score1/10 -
-
-
Target
QZK RAT Free/ICSharpCode.SharpRefactoryVB.dll
-
Size
196KB
-
MD5
cd3ed4637cd1faefa0f066f3b4539a39
-
SHA1
e1a39b0ec05af109a1a92565515766c01f1a749e
-
SHA256
514fdff274358335b5347b32b8b0d44c4423bda6484eee13aa20e88c79be75d1
-
SHA512
2c7eaa59e3cfb3767786e93ac8f274e7421c9e58d6d79803ebdbf3092ef7be263c6edbe1543a633b3200ef9327e8de52f29ba4476f1fd41bb867bc4d442348bb
-
SSDEEP
3072:KhY78eVb9gPWlyxH+Qn4JEf6JZ6+M1p2/I0AvL8Zp:KED5y3R+REPSI0SL8
Score1/10 -
-
-
Target
QZK RAT Free/IconExtractor.dll
-
Size
10KB
-
MD5
640d8ffa779c6dd5252a262e440c66c0
-
SHA1
3252d8a70a18d5d4e0cc84791d587dd12a394c2a
-
SHA256
440912d85d2f98bb4f508ab82847067c18e1e15be0d8ecdcff0cc19327527fc2
-
SHA512
e12084f87bd46010aded22be30e902c5269a6f6bc88286d3bef17c71d070b17beada0fe9e691a2b2f76202b5f9265329f6444575f89aff8551c486eafe4d5f32
-
SSDEEP
192:7f77J4cGYyfQknxLvIgyLY5xJeU5pPpZlEAs:HS2yINgyLYLJR5wl
Score1/10 -
-
-
Target
QZK RAT Free/Microsoft.IO.RecyclableMemoryStream.dll
-
Size
57KB
-
MD5
aedcb85e47ea5ddc1182043ba311de33
-
SHA1
e7b124978b60a41bdb2b90a5862c2724af1c3569
-
SHA256
70d1c7355a48071f0cea3984bbe34ad24f11a1a16140bb901587f0e852397a97
-
SHA512
20f5cddff59a9c48354b9fbfc0e6ed716fd92ed6dc35cd45116db6f1ef759055b83a7f53b434fb9ba7b24dca49865a243d025be1e60fa3f807963cf9ecbc0ca6
-
SSDEEP
768:N4rRZa7odkCYSdPljNbdOJC3ywL6/2+psJlmjdPGANh6tVzHTNx9zKm:NIljxdMwL69yfmjpGANAbzzpzKm
Score1/10 -
-
-
Target
QZK RAT Free/NAudio.dll
-
Size
502KB
-
MD5
3b87d1363a45ce9368e9baec32c69466
-
SHA1
70a9f4df01d17060ec17df9528fca7026cc42935
-
SHA256
81b3f1dc3f1eac9762b8a292751a44b64b87d0d4c3982debfdd2621012186451
-
SHA512
1f07d3b041763b4bc31f6bd7b181deb8d34ff66ec666193932ffc460371adbcd4451483a99009b9b0b71f3864ed5c15c6c3b3777fabeb76f9918c726c35eb7d7
-
SSDEEP
6144:96/i10SZtfzWctj98vZcE0wmLlaIZs5eku2sX2hrjAzvgmXa6W9FwsT9idwktQZG:9yrSKMJR9aGs55T1X9Fwspi2tGpmS
Score1/10 -
-
-
Target
QZK RAT Free/Plugins/7zip.dll
-
Size
1.8MB
-
MD5
bb4ca828dabc67199159e4d6f7ebfad1
-
SHA1
3167e23e66ad5b7268f60f445cce382b6300089f
-
SHA256
2f1d87120286bfc33593a2a62ac3452d4921537005a9d66934a07c0c19a60f71
-
SHA512
856d329c0ad3e8d7696c473af84e2f4eaa7bf45666d6a16fd7c0137948462e9bc6cb47efec7b0b9666acbfcf6a2e33919fe48419185dbc602cfd98bf10efe3b6
-
SSDEEP
49152:Mow7W+ocCZY+MjT5OlAYSiqjbxippODgApn1/qvs:YobZY+Mf5OlI/hsi7qv
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
QZK RAT Free/Plugins/ACTWindows.dll
-
Size
1.1MB
-
MD5
91c072b5c4eaf18b81d4c522f967df5c
-
SHA1
4290045e1382057ab339f3e0c269770714b5487b
-
SHA256
61451c536c1a5a9b2b676fa191c4a960d7952aff4cf8b3437860adcdedec3774
-
SHA512
03dba43bcb6f0ee1b82ed874a5a7ff7b94b2096e230f906927666438372f77a379301acbaa31c71a507dbd3e59944dab1fb4f8466a9808a6077719d33a99e540
-
SSDEEP
24576:AQ3sWYfdA5r6B/QIdMFmEADsHcxw6J6fG3tLVJnsdWUVSEPP:AQ8WIe5r61MFFADk+2fG3xPs40
Score5/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
QZK RAT Free/Plugins/All-In-One.dll
-
Size
4.8MB
-
MD5
d668737933aa7ff596f8e085e3baa904
-
SHA1
23fa9ad768e027655f4d2f9f6d4144c7d6d9f4d4
-
SHA256
56310832130d1b57d06004bbc54a17d531fdccd74afd8519c2d78076ee9a00eb
-
SHA512
ee48650f78b8b6eab48b2979448a1da472e2dba5197cf5e14e914f82292657ebf9f3d166405cc7ccd6ad82233608a1cb3ac88b80f921fdd83c3d499d9f572543
-
SSDEEP
98304:UP19F9QORkChiDC9OtH7c2iwGxIvPBOw0JefVfQ2a5cFd4KssODtd:+9FPRkC8C9OH7c2ilInz0kfVo26Wsd
Score1/10 -
-
-
Target
QZK RAT Free/Plugins/AskUAC.dll
-
Size
9KB
-
MD5
892cb580698edce6b2282ffb84390aa0
-
SHA1
2ff58c3b3ba931103bdbf18b8e7cfe7c45a1a354
-
SHA256
cdac77b808104421069ce848259992a12f1fd9b94260c71e8eb4a64784d27409
-
SHA512
5142f8de7a03d95a606ea48ed1e53b8ce9ece358714c5bf2f3467f5fc69e6d00375d8c39661650bf18968f0d5282d5cdedefa794f1d2b796a323505e6c0d3db4
-
SSDEEP
192:mHUtgZzv32GOp8bzJgyBTkIW1Pn/KicamxLO0A:mH6gZ3c8bWyBTun/K3att
Score1/10 -
-
-
Target
QZK RAT Free/Plugins/BlankScreen.dll
-
Size
9KB
-
MD5
a243723ea9b8bbe0b7c4f25c75896a4b
-
SHA1
63527ed5d9dc8d6dbf5cec17dc2c843ebab9f702
-
SHA256
1c6636f9ed05572706ee25765884f050c383170dbc4b9302c9f604b0d127b64a
-
SHA512
8e08dc4dd0f709a5237b42627a78ce87051cea61532021de5e518824e2916042c0e2a311fd146188f84495205ba955bc786853134f543c5c6be0476ee9fc2826
-
SSDEEP
192:xwUEwB2fTGOl61LATWEIW1PnaPwpMeAL22:aUEIQS9UTWOnaPwpMu2
Score1/10 -
-
-
Target
QZK RAT Free/Plugins/Bookmarks.dll
-
Size
28KB
-
MD5
0b6df4d519ea05eb162adbc487689755
-
SHA1
6c1e715b476e5edf7349ad47f837bfb0dae9c1dd
-
SHA256
4eace1ffbb2d9ad23d134691cbe1a6409602e659c1431cfa9e280115828c9e48
-
SHA512
a67c5209e777604815f23a21afe73b887dd2e03c94cdcd85b05dce2ea466c23c95feda51a01e08b792162f1503dac85f27f8291e287ffaa7ca4e92fa2a8633ee
-
SSDEEP
768:S5PKDtoU1bOU+texSftVGeAsmc2v8pUZVPykbbl1zFrezN03OMFzB9gB:j1bOUZeQb7VP5bxrezS3OMxB9gB
Score1/10 -
-
-
Target
QZK RAT Free/Plugins/Chat.dll
-
Size
18KB
-
MD5
682c29845efa6474461a5023a0fcb6a3
-
SHA1
74013b11721ff1bef8d6678c577e8f1d6b1ad4ad
-
SHA256
a0d79a5dedacf0bf24c24fb33b406259bc6525a8d91db607994c83d66eba46aa
-
SHA512
18a35e81fd1b89a41ebd80c7fb49d0cab87d3f110d829018ad8bb9f5d64a5adcd6af0db0a9f34bb0861211d4170cfff93d841bd3cba464d9c500142eb95eb49a
-
SSDEEP
384:IlYxUVSLim0EAT1sZKivG1dELq1TKQt0InoIH+lfUmWDf5:IZVSLz0bT1kKivGv0q1qIHEfUZt
Score1/10 -
-
-
Target
QZK RAT Free/Plugins/Chromium.dll
-
Size
25KB
-
MD5
0612625fe0d1d3b9c037bd7c1506e2f1
-
SHA1
9f3d1201cac3346327ddacef194b23b8e0f97336
-
SHA256
b82d1b59f11ab1c33c953b5b7ff2fbed5d065ef6bb07723d164c0db76afa65c5
-
SHA512
50f82c3befdb29311d3540a1288ba4a32f822d884a0de033a6752ed2a8f656e0b10797078820e8313fcbb316e914fd9970e789e085065f114a527da2050bc13a
-
SSDEEP
384:GtGWc3ht3Xa7LHDxtN5RV/PBPugcs9/cnjqlg91YDa3ZsrkSL7:6GWcR5XeLTFPN/6qCbYW3Zsg0
Score1/10 -
-
-
Target
QZK RAT Free/QZK RAT.exe
-
Size
11.6MB
-
MD5
ffbea3a298fb6de9a6ef389013c9e5f6
-
SHA1
036bd7355eeb62444a1a957c637f589e97a882a3
-
SHA256
c62b713747d6cff351f1088346caeb4799aa5718bbf073c37f58011e9abc99c7
-
SHA512
00e63fd8762e21327813372c10c2d7581fa6a60dbc3c85d078d6a19d63bc20bc7ea6a937823edc97da013f7de0ffb4144db258ac184b334de7eff57fc67d2b78
-
SSDEEP
196608:/ywGVHA2ZsdFSWnMYmvp7djurW1yNd3HUFxDSWSccMiIIiKIRM7ebK4ht3PYuz0R:awwHBZsSWep7JIX3HUFxOZMiIIiKIRMz
Score7/10-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
QZK RAT Free/System.Numerics.Vectors.dll
-
Size
113KB
-
MD5
aaa2cbf14e06e9d3586d8a4ed455db33
-
SHA1
3d216458740ad5cb05bc5f7c3491cde44a1e5df0
-
SHA256
1d3ef8698281e7cf7371d1554afef5872b39f96c26da772210a33da041ba1183
-
SHA512
0b14a039ca67982794a2bb69974ef04a7fbee3686d7364f8f4db70ea6259d29640cbb83d5b544d92fa1d3676c7619cd580ff45671a2bb4753ed8b383597c6da8
-
SSDEEP
1536:nPOw0SUUKw+GbgjMV+fCY1UiiGZ6qetMXIAMZ2zstK/hV+sUwS:nWw0SUUKBM8aOUiiGw7qa9tK/bJS
Score1/10 -
-
-
Target
QZK RAT Free/System.Runtime.CompilerServices.Unsafe.dll
-
Size
16KB
-
MD5
da04a75ddc22118ed24e0b53e474805a
-
SHA1
2d68c648a6a6371b6046e6c3af09128230e0ad32
-
SHA256
66409f670315afe8610f17a4d3a1ee52d72b6a46c544cec97544e8385f90ad74
-
SHA512
26af01ca25e921465f477a0e1499edc9e0ac26c23908e5e9b97d3afd60f3308bfbf2c8ca89ea21878454cd88a1cddd2f2f0172a6e1e87ef33c56cd7a8d16e9c8
-
SSDEEP
192:LGLxTyHvc4ROgcxAdWXYWJeaPtWsI9A9GaHnhWgN7aJeWw0fnCsqnajt:LgGLROZAdWXYW8aPcyHRN7WEqn1lx
Score1/10 -
-
-
Target
QZK RAT Free/dnlib.dll
-
Size
1.1MB
-
MD5
9ed69fbbfdec5d95ea229da3969dd77b
-
SHA1
7972339f0a1b6a28a2f335c84cdfc5d9beee72b6
-
SHA256
e8bc7a627149386cb3cf714ae0101f69440f72cf2e7468a677b727b32aaed755
-
SHA512
61bfaa00736487ed736a27c1a9e45ce14b578452471866d195ce1a4736e72bd4bec98938b8cbb83ffbf09cbf188e9b8760452cc95ee30565414882aadd0171a6
-
SSDEEP
24576:+9itfCdSZYeP0jsLpPl44znxuhv7fBTu1Z:W5QF6
Score1/10 -