URLhaus Database

You are currently viewing the URLhaus database entry for https://rajtravels.co.in/tc/posluteavx which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2321248
URL:	https://rajtravels.co.in/tc/posluteavx
URL Status:	Offline
Host:	rajtravels.co.in
Date added:	2022-09-28 18:11:48 UTC
Last online:	2022-10-13 23:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-09-28 18:12:13 UTC to abuse{at}publicdomainregistry[dot]com)
Takedown time:	15 days, 5 hours, 27 minutes (down since 2022-10-13 23:39:35 UTC)
Tags:	bb H322 H436 Qakbot qbot Quakbot TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-01	C3040208932.zip	zip	5255fcb71cd98e9b9acf67f1cbb0420bf04be0f4614b11475e0059881d22a870	n/a
2022-09-30	P4196329944.zip	zip	c372f9ce9ded5560b2d7fdc54fd41379591d481c5e1a85c5ee77093d07741507	1.64%
2022-09-30	G3956234682.zip	zip	8528ccb896ad8ca2bf36089e20e34e68621dd80e8e5e535f77418842b41501c8	5.00%
2022-09-29	G1176224311.zip	zip	44c5ee304f290f1f81b41f5c28c91cf230e9ddf4271e59f5e68b7a9c95ceac51	1.59%
2022-09-28	NIgZ.zip	unknown	0ce1383d54adaa2d8d53d7900c1cf0b6224a53576575529e2de0fb0d8e7a5e77	n/a
2022-09-28	jEyNKExdLG.zip	unknown	4ceeea07788691c3445b98659d1cc49c8ba58974c2c36fbe37713ca3d5559e43	n/a