URLhaus Database

You are currently viewing the URLhaus database entry for https://hscsac.com/ui/otpoavrprsoul which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2319476
URL:	https://hscsac.com/ui/otpoavrprsoul
URL Status:	Offline
Host:	hscsac.com
Date added:	2022-09-28 17:58:25 UTC
Last online:	2022-10-18 14:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-09-28 21:43:07 UTC to abuse{at}ovh[dot]net)
Takedown time:	19 days, 17 hours, 14 minutes (down since 2022-10-18 14:57:42 UTC)
Tags:	bb H322 H436 Qakbot qbot Quakbot TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-12	O_1978642731.zip	zip	a92c3e64bcee9e6a4a5b7dd1e60e48ca3297889cda47df2085244319fe34e755	3.12%
2022-10-10	NE3931431672.zip	zip	307d28c5da81f17cfcf5ab654653ac2f9ca143edf6984cea51b9beb9ef62c88c	n/a
2022-10-08	CA2854129352.zip	zip	c7eae722a583394db2631f11582278175369f4e80d58a3157c79be9a0a289b85	46.15%		Quakbot
2022-10-06	R707775630.zip	zip	902344bd188fc05b81b3079ff75cb52b63381ae9f4de89a91d7bd8e3e1fa264c	19.70%		Quakbot
2022-10-02	Card3386844908.zip	zip	26875cb58c98aaca3f094c05c3d4c1b99d950aad55b84c0f01968c1ea8d0c924	3.23%
2022-09-29	G1841408421.zip	zip	45484d6ef5dab893384e705939c73d523cdaa9b6da19f9e96376b740a9cb1fe1	3.17%
2022-09-29	G3590893988.zip	zip	836cf35c0aa6c21de8dfa80aa88bc05c1c57e649d8c5f8f7dbaf6d7941cff980	3.17%
2022-09-28	G2535906632.zip	zip	c4c4a332052cb6598e93781cb08d7c6922fc9d20a6ef4857fc102408a893e069	3.17%