URLhaus Database

You are currently viewing the URLhaus database entry for http://cdn-10049480.file.myqcloud.com/qcoin/qcoin139.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	105976
URL:	http://cdn-10049480.file.myqcloud.com/qcoin/qcoin139.exe
URL Status:	Online (spreading malware for 7 years, 5 months, 15 days, 6 hours, 54 minutes)
Host:	cdn-10049480.file.myqcloud.com
Date added:	2019-01-19 20:20:07 UTC
Threat:	Malware download
URLhaus blocklist:	Blocked
Spamhaus DBL :	Abused domain (phishing)
SURBL :	Blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2026-05-20 12:33:16 UTC to zhaoyz3{at}chinaunicom[dot]cn)
Tags:	exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2019-06-23	n/a	exe	f3386b2c0e53f904e3d14e8b99669eae4541f0bb04439fe15ed980221cddec1f	n/a
2019-06-20	n/a	exe	4a132b6afee7e511a1253e15036d74ddab326ac42acdb50cfac7c3d47a8df4bd	n/a
2019-06-15	n/a	exe	5da27efa3dd7f4db21a4fabe307a9ee0ee35f3e6a22efc5c186b7e1da3fc2104	n/a
2019-06-15	n/a	exe	b298ac23bffa7d4f84795c129a061d6750872a1d86a16f643346b67a0f8f3df8	n/a
2019-06-14	n/a	exe	a3ab1c1b8fe1a68bb9c56563de862806eacd43ec7125b23cac0dc35b90a33793	n/a
2019-01-19	n/a	exe	55f9876aeb533dda4c1d115e4edebaeddab0ac4d8c8fa1a391d4f72831a0227c	61.19%