URLhaus Database

You are currently viewing the URLhaus database entry for https://jyothichitra.com/anie/pqnularucosvuutsteon which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2319917
URL: https://jyothichitra.com/anie/pqnularucosvuutsteon
URL Status:Offline
Host: jyothichitra.com
Date added:2022-09-28 18:01:53 UTC
Last online:2022-10-15 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-09-29 18:07:09 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:15 days, 8 hours, 38 minutes Bad (down since 2022-10-15 02:45:13 UTC)
Tags:bb H322 H436 Qakbot link qbot link Quakbot link TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-07irQurpocuto411662841.zipzip a28f4ef59c2302c5dd1025414ec28fc215fe16823a927c1ad338d64f17ad98f2Virustotal results 21.21% Quakbot
2022-10-06Co2917615681.zipzip 3a9cfe98e1dba3f8e99230a78869c31cf9f946ba5ee4e9de08582fdebf3e18a0Virustotal results 21.21% Quakbot
2022-10-01Card1571631508.zipzip 456fad95ab372fcf66942582fc39f6ef12e32f67c0a65efb62e5271687365782Virustotal results 12.90% 
2022-09-30G3672675144.zipzip 23cf4563c0815856626f185ebb7e02ba465c89b0ee74c51aa8f0c11370587f98n/a 
2022-09-29G2888317287.zipzip 8079c7da76a8bf155cb9588d718878dce374a687a6be628aa947a692d565284aVirustotal results 4.76%