URLhaus Database

You are currently viewing the URLhaus database entry for https://creosotesolutions.com/ato/odubishrnliiol which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2318202
URL: https://creosotesolutions.com/ato/odubishrnliiol
URL Status:Offline
Host: creosotesolutions.com
Date added:2022-09-28 17:48:33 UTC
Last online:2022-10-13 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-09-29 00:24:06 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:14 days, 21 hours, 4 minutes Bad (down since 2022-10-13 21:28:58 UTC)
Tags:bb H322 H436 Qakbot link qbot link Quakbot link TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-08R2990817849.zipzip 4e46e481250138239622eeba59be74c3341ae81b8dc48d22d39d9d687ab9ce9dVirustotal results 45.45% Quakbot
2022-10-05Co886590988.zipzip 978c158abbe673f477a676cc615e3febff106bb706cc89895c7e01b9282795ccVirustotal results 4.69% 
2022-09-30CA137610252.zipzip 3af28d3c5ef5869c90366f69af19a1e8c9e0cbf83d42e7e47ee1fe883006c21cn/a 
2022-09-29Gall1511543071.zipzip 5961ce921eafc7b237fa777a5286126953f679976ef0bd70e335f94ed74822dbn/a 
2022-09-29Gall189548177.zipzip de2635c0ef4c0667b67ed2c521ee96dea6cbcc28802b4a7cdb1d3a9f51e1ded5n/a