Never run a pre-made QCOW2 image from an unknown source without isolating the VM from your host network first. Malware authors embed rootkits in pre-activated images.