URLhaus Database

You are currently viewing the URLhaus database entry for https://haroldhallroofing.net/pAz8O63Gn/hr.html which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1646657
URL: https://haroldhallroofing.net/pAz8O63Gn/hr.html
URL Status:Offline
Host: haroldhallroofing.net
Date added:2021-09-28 11:59:06 UTC
Last online:2021-09-29 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: JAMESWT_MHT
Abuse complaint sent (?): Yes (2021-09-28 12:35:03 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:1 day, 3 hours, 10 minutes Poor (down since 2021-09-29 15:45:20 UTC)
Tags:dll Quakbot link test TR

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-09-28n/adll aa0c6a60f1977cc9cee837419e0fa1a029b620eea00a44d567a57923f03d1e3an/a Quakbot
2021-09-28n/adll 4c7fc622294b4605a5eccf62b7aed74188368a1fbabd6b6ed04f5de781083d9fn/a Quakbot
2021-09-28n/adll 1d28a3babe8f5ed2102c3a85245a8a6d01696d75ed66ade55dcf09fb5154a77fn/a Quakbot
2021-09-28n/adll 877481065d6f5a6e339cf39e22fee5797137ee68b3551c39d0620fe77fcda395n/a Quakbot
2021-09-28n/adll 88df45867390a28795f85eccf541d62c2f859001d34d6d9b3e970bb84808c573n/a Quakbot
2021-09-28n/adll cf2652dc2a844f6aa436149211ea57e54102ce3ebd808eded619298c0bb16cc4n/aQuakbot