URLhaus Database

You are currently viewing the URLhaus database entry for http://zkevd.com/od/doodorilt which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2248334
URL:	http://zkevd.com/od/doodorilt
URL Status:	Offline
Host:	zkevd.com
Date added:	2022-06-23 13:06:12 UTC
Last online:	2022-06-25 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Anonymous
Abuse complaint sent (?):	Yes (2022-06-23 13:34:11 UTC to abuse{at}amazonaws[dot]com)
Takedown time:	1 day, 18 hours, 18 minutes (down since 2022-06-25 07:52:27 UTC)
Tags:	aa qbot TR

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-06-25	Copies2133982674.zip	zip	131e8ec4c895fbd7b91ab3d671ed7129c58e991a5b2f8bb4521dd95a90321a0b	0.00%
2022-06-24	Copies3525387278.zip	zip	bd08fd933af6ccb28b6ed84f885a0c1ab786a0225504499939e82a9ac4f813cd	0.00%
2022-06-24	Copies863832017.zip	zip	fff497a2a55672d34b4c007630f7c7a654ab5e5337b7dccfb519e960aa545e23	n/a
2022-06-24	F2494619927.zip	zip	a04106d24d6702fd69b0cc05878b216e87e476aa0af78a36aa1b99321cf4d1cf	1.69%
2022-06-24	DataS4150746383.zip	zip	8a2d804b4ff9559b1657169697ae216de43ce21a9cf3980361f018826521b868	0.00%
2022-06-23	LL601406936.zip	zip	4abb561ce1fa0dd6f65c7c06c4904d52a3f11940d1ebf1ac8e365422772578cc	0.00%