URLhaus Database

You are currently viewing the URLhaus database entry for https://nokri4all.com/lua/ioufntfteiacer which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2320720
URL: https://nokri4all.com/lua/ioufntfteiacer
URL Status:Offline
Host: nokri4all.com
Date added:2022-09-28 18:07:53 UTC
Last online:2022-10-08 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-09-28 18:08:10 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:10 days, 4 hours, 1 minutes Bad (down since 2022-10-08 22:09:39 UTC)
Tags:bb H322 H436 Qakbot link qbot link Quakbot link TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-03R2448060410.zipzip da4fa5fbcdf37ee4e17cc7eb2e838e2635d7aec210e1e1ac427640b76cfc6151n/a 
2022-09-30P3906597122.zipzip 8f4d42c10f93ae43c173ae02c068f8471a1f976c0993a06b22d5b53f1edbcd0bn/a 
2022-09-29Gall2573089937.zipzip 55b36e772f197a027f4b11992e649654d4531349190d879e58d7fd3986d6f5dbVirustotal results 3.17% 
2022-09-29Gall1565299588.zipzip 265827ff82279f9d5306078a0f061d46c61c57fba4ac0d6030eda4c976376acdVirustotal results 1.64% 
2022-09-28BLnKXWShdlEXYxJcr.zipunknown cd86f573e6bf58cf554371a87dff6b3597571cbf53df70e5362bc13908cb5919n/a 
2022-09-28TSIDaVRJQrxlqfNI.zipunknown 58113f98100f68bbc68fc114b47b5be86f6f5967f99d93a6a63ea97b47cabc69n/a