URLhaus Database

You are currently viewing the URLhaus database entry for http://rosenbaum-milan15y.ru.com/body.html which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1121268
URL:	http://rosenbaum-milan15y.ru.com/body.html
URL Status:	Offline
Host:	rosenbaum-milan15y.ru.com
Date added:	2021-04-15 13:38:06 UTC
Last online:	2021-04-30 23:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2021-04-15 13:44:03 UTC to google-cloud-compliance{at}google[dot]com)
Takedown time:	15 days, 9 hours, 36 minutes (down since 2021-04-30 23:20:23 UTC)
Tags:	b-TDS dll Qakbot qbot Quakbot

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-04-30	n/a	dll	06446653a08a6e03d6af1d2a9d92206082694b743786ef89cb382a3bfaeb6552	n/a	Quakbot
2021-04-30	n/a	dll	c4e50871933cbc80682def9c055384d3702111031cd082ffef23ec18a7037786	n/a	Quakbot
2021-04-30	n/a	dll	8094d8a17af784666365df70d4b478b5f5c0cb3165af80429af855e0890f86df	n/a	Quakbot
2021-04-30	n/a	dll	4de2640aecd5a12aa8af0d20d1a9e3088bb7a012cceb22010e6c14d122943a73	n/a	Quakbot
2021-04-30	n/a	dll	64895ffcb3532b6b743caae8319414299d61dc41a9526ec93a9b072ea0c54de1	n/a	Quakbot
2021-04-30	n/a	dll	b430e2430814bbb208c6c0973a85292aa1814da439d5f17d5bbaac6959f4a4f9	n/a	Quakbot
2021-04-30	n/a	dll	f45af578b9000f72f9747be8b0eafc32c37c418f9078c78a0830986fec942c6b	n/a	Quakbot
2021-04-30	n/a	dll	3c6dcb7cfa4ef2bcd59529a44044113dad52fadc9dbb304806a7af3ebde2f11e	n/a	Quakbot
2021-04-30	n/a	dll	6698586b596786201a0aa46b107f2dfb826e3314c3ae74263b55b81e3b892310	n/a	Quakbot
2021-04-30	n/a	dll	e450868c460ad3d017771d5008eabc22658727c98fb329fc132fe1473fc23e2d	n/a	Quakbot
2021-04-30	n/a	dll	317479a3e1c2b63f8894216bf01043dde84913fbb31e679c65281c56a05609fc	n/a
2021-04-30	n/a	dll	037f2f2e193472edfa8a68ac0ebb21cd511a53cf0baa04a7042fa6ef712d98f3	n/a	Quakbot
2021-04-30	n/a	dll	8f7f063efd6dbe198ece0bfea3e1e6f848fecbbbc2c7a4dc598659ac95bbcb55	n/a
2021-04-19	n/a	dll	6b2256e39192bc8a096dc8815396574a95ff1ccdbd94987bb7a1f8cd83aba007	n/a	Quakbot
2021-04-19	n/a	dll	c1fa5e029b4d077303e09b1826315f5ad599c00194af9eea4d6dfd501c175905	n/a	Quakbot
2021-04-19	n/a	dll	98cad7ca94b12d64406617e2182d3b50d153354a2e464edaef1a01291207414c	n/a	Quakbot
2021-04-18	n/a	dll	c0102041432fb38a85d054a3667d64396e0c688c81ed2a903b51e36bd9060f03	n/a	Quakbot
2021-04-18	n/a	dll	de61d793bc097e9b74670f0c280f27fb3ac0e9e7ffe263a8441e2b47b9dc4bdf	n/a	Quakbot
2021-04-17	n/a	dll	da19534f862b9961e94ef64f3cbab12c424459849200629e13163b5249d208de	n/a	Quakbot
2021-04-17	n/a	dll	36c9cddea437864c7f93dc5e55b7919994a45c9608c165e3c8e2c727abb2797b	n/a	Quakbot
2021-04-17	n/a	dll	d61b8fba2c39d29861b6c6eb0a860af6bd8fb97a276587c3677f660cd1d9151e	n/a	Quakbot
2021-04-17	n/a	dll	c95c0aff6dc3aae2c81370defec6a3efc7b1bf4adaf90f1057cdea9b561e1ccf	n/a	Quakbot
2021-04-15	n/a	dll	ebd504356bbf1bd525131b2c16104955595943d67a221a25f246eeed95579949	n/a	Quakbot
2021-04-15	n/a	dll	a738cf76d421dd03a9a1dbf142e0366f5ac15f07a35f8b167db3342f88f88304	n/a	Quakbot