URLhaus Database

You are currently viewing the URLhaus database entry for https://thirumularresearch.com/vfa/iioaequatccac which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2322021
URL: https://thirumularresearch.com/vfa/iioaequatccac
URL Status:Offline
Host: thirumularresearch.com
Date added:2022-09-28 18:17:36 UTC
Last online:2022-10-12 01:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-09-28 22:00:11 UTC to abuse{at}hostgator[dot]com)
Takedown time:13 days, 3 hours, 13 minutes Bad (down since 2022-10-12 01:13:51 UTC)
Tags:bb H322 H436 Qakbot link qbot link Quakbot link TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-08Co3467360922.zipzip 094dda58b23e9af7cbbe30bab47128efab4b30c4c0f551800955eb44e1c761eaVirustotal results 42.42% Quakbot
2022-10-04Gall2940990815.zipzip c83df56152ab023730f1cef462cd2367fdb66a1ba20960ae072f0b96d10241cdVirustotal results 6.45% 
2022-10-01CA4113782050.zipzip 083ffe234969d1031f6ea2a30888af74718e44047aa9640f7027b319d71c3fe4Virustotal results 3.23% 
2022-09-30Post1731358150.zipzip db9f68c9a825b6c0f9eac5845f871eadc83b60810d25d3df6e8d154044075e8fn/a 
2022-09-29G2779149683.zipzip ef610def0c6ad4a6be2da01dad6444f256d24d6fdbc05bfe3ece6c72438d0df9Virustotal results 3.17% 
2022-09-28G2921131086.zipzip de845e79c4ea4636878998e18440c5c4b6dd565705a75916e2bbd3f98fb14f5eVirustotal results 3.17%