URLhaus Database

You are currently viewing the URLhaus database entry for https://cuellargalvez.com/anam/cptifiimfodaei which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2318229
URL: https://cuellargalvez.com/anam/cptifiimfodaei
URL Status:Offline
Host: cuellargalvez.com
Date added:2022-09-28 17:48:38 UTC
Last online:2022-10-13 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-09-29 17:12:07 UTC to mochahost{at}cloudequitygroup[dot]com)
Takedown time:13 days, 17 hours, 50 minutes Bad (down since 2022-10-13 11:02:38 UTC)
Tags:bb H322 H436 Qakbot link qbot link Quakbot link TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-08Card974387069.zipzip 686c267f7f9f2e26edffa1e8d670bf21614d409c35313e11257c521f50b8f2b4Virustotal results 45.45% Quakbot
2022-10-06P3921949318.zipzip 1c806cf1e21df213a716fb9cef2b53d64c2c04eb930479ba58225925ff52c50bVirustotal results 21.21% Quakbot
2022-10-04MeTWuYiZaKw.zipunknown 31298839663ffa95e0c0eb8d6022b017c212ca4e8f15b94a2db8cba1aa99d4d1n/a 
2022-09-30CA4146492644.zipzip 2dd786a92631321fffa64e8e5bb95d2f27771e41bc6e6406a2e8ab5e0919a5c1n/a 
2022-09-30G2866085865.zipzip a42c036e8ef5fadf88cdb97c020585ffa8107e7b48c755aec8fcf5cce078bbd5Virustotal results 1.59% 
2022-09-29Gall2104482388.zipzip 09e4b547d441efdf2a941af7613f279e7729681d6e02bea987134172e62ab155Virustotal results 11.11%