URLhaus Database

You are currently viewing the URLhaus database entry for https://buffetegypt.com/tei/uprmleeidnenlse which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2317856
URL:	https://buffetegypt.com/tei/uprmleeidnenlse
URL Status:	Offline
Host:	buffetegypt.com
Date added:	2022-09-28 17:45:25 UTC
Last online:	2022-11-29 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-09-28 23:18:06 UTC to abuse{at}hostgator[dot]com)
Takedown time:	2 months, 1 days, 8 hours, 1 minutes (down since 2022-11-29 07:19:35 UTC)
Tags:	bb H322 H436 Qakbot qbot Quakbot TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-11-24	kJVcrwFVOjxVfocoTg.zip	unknown	0f8900415afb6b8f081ea1d70c065f14b24c763dacfa3296649c73b69e82c15c	n/a
2022-11-16	vBFGbNLKJ.zip	unknown	ac921ada8c326ea41ec83c870481c0a1bf6873d928fb45484fb1ffb5a2ce996b	n/a
2022-10-28	yYktztNgJuamxzYT.zip	unknown	50bfcb68d03b70f77ec55d5c8cfbfcf0ea481d62b4aea61a66b6cb4f4ca1e1ed	n/a
2022-10-20	GeyRklp.zip	unknown	62bece54c9c2eb30b0f4d22170a762af45cae02259a8fe258045cf9b3bd76dd5	n/a
2022-10-13	oasolpZ.zip	unknown	b0b05b1c5b753c0955c1c806653e8734d8cf959ddd022bfef0d7fc4babc1c305	n/a
2022-10-10	Co4102115454.zip	zip	74724d9b6c9498deb92d19edb82d51761d9bd7a699d908e9047df4cf6e86187e	46.97%		Quakbot
2022-10-06	R4244302893.zip	zip	53cfe1a0faff1f75c2323f0fe90ffbd5b9ec570fe9e665943c4eb7ec17615ab0	18.18%		Quakbot
2022-10-02	Card1975475910.zip	zip	8cedfca2f32aabef7373939e3b8e9a7345ceaca7c2e78c9504e84829d423b9b5	16.13%
2022-09-30	Doolvelemr3809489752.zip	zip	d981cc97c669ee41bf1c302b85e55d62d779d4ea7e57ed72d63bd39813e54d30	1.59%
2022-09-29	G75654282.zip	zip	d26a27572eba544d8aac4e8bee89c597010a30f7280fffdeab4307f17974482f	4.76%
2022-09-29	G1029014451.zip	zip	55d4538cb9957fa3ecceeed7cf47cb397cfb5faaeb93c9edfe25eb21e18dfa3d	3.17%
2022-09-28	Gall2119467935.zip	zip	084c27a199fb313c5fb5feab63ec0635d6bbd334d1c4fd6c1cbb36ff5c8c0ac9	n/a