URLhaus Database

You are currently viewing the URLhaus database entry for https://divinediamond.org/les/nmniotssi which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2318531
URL:	https://divinediamond.org/les/nmniotssi
URL Status:	Offline
Host:	divinediamond.org
Date added:	2022-09-28 17:51:21 UTC
Last online:	2022-10-11 20:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-09-28 21:16:08 UTC to abuse{at}hostgator[dot]com)
Takedown time:	12 days, 23 hours, 33 minutes (down since 2022-10-11 20:49:52 UTC)
Tags:	bb H322 H436 Qakbot qbot Quakbot TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-05	R197730389.zip	zip	27814c5f8232ad400687be178960ce55e561e61ee876f0c516a35292e28601c4	n/a		Quakbot
2022-10-01	ueeVlri1738126988.zip	zip	eaa4a109c15b3145f94fa59e67e55c7f64a4b9a8f37298375877b780810a3c44	3.23%
2022-09-30	C1618788247.zip	zip	774bcdef7d822280e90a94353163dbc6b4b27557cc529cf3c362152cd9ab85a8	1.61%
2022-09-30	Gall275099750.zip	zip	d3216e72fc633131f3a31f40585c839f71e4df069aba7127dda19e443b86c785	3.28%
2022-09-29	G3989078078.zip	zip	4815f69290a82e7d1ef0657384085e152fb21804779ef76fc830582272c05f2e	n/a
2022-09-29	Gall4285817070.zip	zip	5ffc28ce6c66a3987bc8916bf15b59c0b3b13a430e702b05413cd7ffbbfdd0fa	3.17%
2022-09-28	Gall4071418452.zip	zip	b1655bb75c8777ebd7f691e829486606bdae101854bae406031d0e2056f49fee	n/a