URLhaus Database

You are currently viewing the URLhaus database entry for https://chinargoc.com/ea/autdenu which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2317931
URL:	https://chinargoc.com/ea/autdenu
URL Status:	Offline
Host:	chinargoc.com
Date added:	2022-09-28 17:46:18 UTC
Last online:	2022-10-19 05:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-09-28 23:39:07 UTC to abuse{at}hostgator[dot]com)
Takedown time:	20 days, 6 hours, 9 minutes (down since 2022-10-19 05:48:19 UTC)
Tags:	bb H322 H436 Qakbot qbot Quakbot TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-13	gwuRCgsZQiu.zip	unknown	004c33061e237f3ed77921e9d1ba6cca31457dce9750b2b9cf936d1b6b8dfcd8	n/a
2022-10-09	Co2291439769.zip	zip	e5d74aa74f8473315283cdf06c3d18105c015860cf48d960ffd6421be5a9e374	50.77%		Quakbot
2022-10-06	Co2523195918.zip	zip	04d8fc08fdbcab139421eddab0cb6d475c72ec45846030c9259ef2c303ee5c90	n/a		Quakbot
2022-10-02	C3053393551.zip	zip	26dda080d016a98e4a978c1c6d2dfc9a2950d2ab55c0a166ae9367c2f7ed5ae0	1.59%
2022-09-30	P2173475963.zip	zip	37130c6d76f50f7ab59953874e8b888653549d6d81365db8da211e909e0fcfa1	n/a
2022-09-29	Gall3101754796.zip	zip	9d898d1cde4a11d1d8788bad96447e01d0efd153c6d59896541792e5d51d2985	1.59%
2022-09-29	Gall3750700281.zip	zip	b31d2190d96759a7b6d698528fdd20640ffb6afab9818236f037f2198a7b00d5	1.59%
2022-09-28	G2353825290.zip	zip	8a0c2eeea77c8eb087a4c0528ac254cf217c6978d8ae38428ffa886c12ca441e	n/a