URLhaus Database

You are currently viewing the URLhaus database entry for https://hscsac.com/ui/tomtinast which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2319434
URL:	https://hscsac.com/ui/tomtinast
URL Status:	Offline
Host:	hscsac.com
Date added:	2022-09-28 17:58:17 UTC
Last online:	2022-10-14 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-09-28 20:25:07 UTC to abuse{at}ovh[dot]net)
Takedown time:	16 days, 2 hours, 24 minutes (down since 2022-10-14 22:49:37 UTC)
Tags:	bb H322 H436 Qakbot qbot Quakbot TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-10	CA3738587428.zip	zip	d07acaa295820db4b96ea466a703f07cafab7c9cbcf76b2ace80d817acef933f	50.00%		Quakbot
2022-10-08	R613227144.zip	zip	eb092e3c365c9759b0755ad5b1fe0c58e5353bb729fc0d325709705881018723	50.00%		Quakbot
2022-10-04	Card3542788790.zip	zip	adc9e5768410bb7c2811ec3b2cce2572cefda1084871fa832463fd127f4006af	4.84%
2022-10-03	CA1023089618.zip	zip	27c6b031ee7c30e9ed6bdc1410479435ec39b2af474930241fe7cfa1051dcc24	1.61%
2022-09-30	CA1295879092.zip	zip	b484f88f9e5bb5569d0a6518a93d14a4ccb245ca4eb1395c44154cb590ce6c8f	n/a
2022-09-29	G2993559989.zip	zip	833546703ac34fdc57e2d3ffd59e1813512e10e676866baeecf5df93d573a305	3.17%
2022-09-29	G350118364.zip	zip	4ec2e2e6e8331cfb12b808f78df85067cac612c3ca6ce109d532134c1ecb593f	3.28%
2022-09-28	G3152010627.zip	zip	4695b10d8d9b3594051a7847554501fe1886ee8f022fb7668b7d16ae291de163	n/a