home

qks.exe

The application qks.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from d26yaxxlnmhaem.cloudfront.net.
MD5:
0ffd18c43eca38d58acf19ececd14f0f

SHA-1:
98fd7e944183e4fdb70e5a3a75e27c86a85409d6

SHA-256:
666db189919106702f3cc1cca4e4adec59a4e25fdbc9584e91b8174d033eea32

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 8:20:24 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Elex.Qksee (M)
16.7.22.10

File size:
2.4 MB (2,474,936 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\qks.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
49152:5M4Yz7GbwdCBHSLDZTtNHyTartNp/FMdNgngf+fArUOsv/XQiz2o:5MjfGbaC1SLNTLaOtbFMgnzbP3AiCo

Entry point:
6D, 20, E6, F5, 7D, 46, 00, 5E, 33, 0F, 5E, 25, 29, 99, 7F, 00, 00, 00, 00, 00, 7F, 00, 00, 00, 00, 00, 00, 00, A0, 04, 66, FB, BB, D6, 44, BA, 59, 07, 00, 40, 56, 58, E2, A0, CD, 25, 3D, F5, 33, F5, 43, 0B, 7A, 31, E3, F2, AF, 6E, 8D, BE, 47, 9A, BE, AB, BA, 89, 5D, 48, 70, 37, 15, 8C, 2B, 1A, 48, 69, A9, 39, A6, D8, 61, 58, 49, E2, 3A, 11, D3, AA, 3B, B5, 74, A2, 7E, 0D, A5, C3, 0C, 21, EB, 52, 68, 4D, 1E, D5, 90, E2, BD, EF, 95, 15, DC, 62, EE, 14, 39, 9B, 7C, B7, 82, 97, C3, 5E, 09, 76, DE, E0, BC, 7B...
 
[+]

Entropy:
7.9999  (probably packed)

The file qks.exe has been seen being distributed by the following URL.

http://d26yaxxlnmhaem.cloudfront.net/Public/softs/qks/3.3.46/.../qks.exe

Remove qks.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.