5690987418e7898137bb9f8e706d3ff8f196b1dc612be983012524235f64f6af | Triage

Submit
Reports

Overview

overview

Static

static

7

QZK RAT Fr...er.dll

windows10-2004-x64

1

QZK RAT Fr...ll.xml

windows10-2004-x64

1

QZK RAT Fr...er.dll

windows10-2004-x64

1

QZK RAT Fr...es.dll

windows10-2004-x64

1

QZK RAT Fr...ng.dll

windows10-2004-x64

1

QZK RAT Fr...us.dll

windows10-2004-x64

1

QZK RAT Fr...ox.dll

windows10-2004-x64

1

QZK RAT Fr...er.bat

windows10-2004-x64

1

QZK RAT Fr...rp.dll

windows10-2004-x64

1

QZK RAT Fr...re.dll

windows10-2004-x64

1

QZK RAT Fr...ms.dll

windows10-2004-x64

1

QZK RAT Fr...UI.dll

windows10-2004-x64

1

QZK RAT Fr...I2.dll

windows10-2004-x64

1

QZK RAT Fr...ry.dll

windows10-2004-x64

1

QZK RAT Fr...ry.dll

windows10-2004-x64

1

QZK RAT Fr...VB.dll

windows10-2004-x64

1

QZK RAT Fr...or.dll

windows10-2004-x64

1

QZK RAT Fr...am.dll

windows10-2004-x64

1

QZK RAT Fr...io.dll

windows10-2004-x64

1

QZK RAT Fr...ip.dll

windows10-2004-x64

QZK RAT Fr...ws.dll

windows10-2004-x64

5

QZK RAT Fr...ne.dll

windows10-2004-x64

1

QZK RAT Fr...AC.dll

windows10-2004-x64

1

QZK RAT Fr...en.dll

windows10-2004-x64

1

QZK RAT Fr...ks.dll

windows10-2004-x64

1

QZK RAT Fr...at.dll

windows10-2004-x64

1

QZK RAT Fr...um.dll

windows10-2004-x64

1

QZK RAT Fr...AT.exe

windows10-2004-x64

7

QZK RAT Fr...rs.dll

windows10-2004-x64

1

QZK RAT Fr...fe.dll

windows10-2004-x64

1

QZK RAT Fr...ib.dll

windows10-2004-x64

1

Resubmissions

21-11-2023 21:25

231121-z9p78agf85 10

16-04-2023 14:14

230416-rj2vbsca6z 10

Analysis

max time kernel
111s
max time network
177s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
16-04-2023 14:14

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

QZK RAT Free/Bug Fixer.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

QZK RAT Free/Bug Fixer.dll.xml

Resource

win10v2004-20230221-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

QZK RAT Free/ConversionWrapper.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

QZK RAT Free/EPPlus.Interfaces.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

QZK RAT Free/EPPlus.System.Drawing.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

QZK RAT Free/EPPlus.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

QZK RAT Free/FastColoredTextBox.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

QZK RAT Free/Fixer.bat

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

QZK RAT Free/FontAwesome.Sharp.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

QZK RAT Free/GMap.NET.Core.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

QZK RAT Free/GMap.NET.WindowsForms.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

QZK RAT Free/Guna.UI.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

QZK RAT Free/Guna.UI2.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

QZK RAT Free/ICSharpCode.NRefactory.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

QZK RAT Free/ICSharpCode.SharpRefactory.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

QZK RAT Free/ICSharpCode.SharpRefactoryVB.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

QZK RAT Free/IconExtractor.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

QZK RAT Free/Microsoft.IO.RecyclableMemoryStream.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

QZK RAT Free/NAudio.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

QZK RAT Free/Plugins/7zip.dll

Resource

win10v2004-20230220-en

neshta persistence spyware

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral21

Sample

QZK RAT Free/Plugins/ACTWindows.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral22

Sample

QZK RAT Free/Plugins/All-In-One.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

QZK RAT Free/Plugins/AskUAC.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

QZK RAT Free/Plugins/BlankScreen.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

QZK RAT Free/Plugins/Bookmarks.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

QZK RAT Free/Plugins/Chat.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

QZK RAT Free/Plugins/Chromium.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

QZK RAT Free/QZK RAT.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral29

Sample

QZK RAT Free/System.Numerics.Vectors.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

QZK RAT Free/System.Runtime.CompilerServices.Unsafe.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

QZK RAT Free/dnlib.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

QZK RAT Free/ConversionWrapper.dll
Size

15KB
MD5

53c98fc84721d640c568721a06bfa9d0
SHA1

5d40974f80cda617c0fdc6f50a45117a5e3f1552
SHA256

38e9594b37f6382202ffd3f553c29fee47b725edc6f619c7dfe5fb0941e43a30
SHA512

0e673b4e0f311e84e82cc58e8d41db6dc496a25d0133293939f81de9fa23beecd5f9d4bb6b704c95976bee38e6c9a9c616acf79406ad5da62dcdb9f0cfd1febf
SSDEEP

384:TxzJ6m1jAQ3qrZB7liM+VqrFcwad+LRp6BPkI:N0/vlitocB/f

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\QZK RAT Free\ConversionWrapper.dll",#1
1⤵
PID:4104

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy