URLhaus Database

You are currently viewing the URLhaus database entry for http://turkmenulastirma.com/nhs/futcrrpeeaiexce which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2249613
URL:	http://turkmenulastirma.com/nhs/futcrrpeeaiexce
URL Status:	Offline
Host:	turkmenulastirma.com
Date added:	2022-06-25 03:45:47 UTC
Last online:	2022-06-30 11:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-06-25 05:04:08 UTC to abuse{at}hostlab[dot]com)
Takedown time:	5 days, 6 hours, 25 minutes (down since 2022-06-30 11:29:30 UTC)
Tags:	aa Qakbot qbot Quakbot TR U523 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-06-30	Main3108153928.zip	zip	cc46d36de10c12c418037e7858b862190339e009981dcfbfd58432aaa4ff5dcc	1.69%
2022-06-29	Main607864084.zip	zip	7a55411cc2837c967ed37d106dae7596ef523a2accf24cf5288571ebdcc5ffb8	3.33%
2022-06-29	Main3175115420.zip	zip	8c22f8430ae6efb3fcba95adb32873c6edd90635b894f1d7b091bf516352b525	1.67%
2022-06-29	Main3266830327.zip	zip	f6f2b3157eb5a431b84bbc06d8753e2b893510b9e0590fd9e0dcd952fe6f0a14	3.33%
2022-06-29	Main1697362529.zip	zip	7a5b05f4c19678204457f49b32ce95dba08a0a5f913723ffea6e812da4c08459	1.67%
2022-06-28	Main4252091455.zip	zip	93a8e5e6ae88e38c52c83c579ef427dc27d41a25b3a433f59f8d2479c0b0a89c	1.67%
2022-06-28	Copies2515753223.zip	zip	c96dcf25c3117d7f827198084b3ca173412d9774d3bf98bb8af5f0eca30d851a	1.69%
2022-06-27	Copies2091032058.zip	zip	ab4b29efc6beba942c753c47c8679d0afca791e9e130b803c17cf769daead58f	0.00%
2022-06-27	Copies3841835616.zip	zip	4186bbf88d9c7d9ae4846b5007740178abd379bbd66a176d26d6d0c0a9b54f89	0.00%
2022-06-27	Copies842458493.zip	zip	4bbaf5f2740aabf83710900de146768629b7868ee1427024c3b56d42a6e0b675	0.00%
2022-06-26	Copies1288659316.zip	zip	1954eed1f4f434dfdf28aad33c1cd52fc7af8e4c20005ed786a05983e7bc69ce	13.56%		Quakbot
2022-06-26	Copies1482863917.zip	zip	913be649fcdb8c57b9a239ad346d039bf2c46cff3c9ed075caf729afe230440d	0.00%
2022-06-26	Copies2648555566.zip	zip	c037ed7d11d92d0a249fa1040ed14755579c80c10841eec8af4d5c27b5afaf4e	0.00%
2022-06-26	Copies2602206414.zip	zip	f89d8695993e74c8a716c803083bdfec3df4d99fedc1e306abd5c4134e1476c9	0.00%
2022-06-25	Copies3709843434.zip	zip	ab41e6636cfb6815147ee7c847afbdc3b38c20fbaa091dbe95eb6c31a9ebefae	0.00%
2022-06-25	F1457607930.zip	zip	b6bd5a6e6a3aba7777aa7d088a5886e3ea70e92b70597589a9cdf17404664ce2	0.00%