URLhaus Database

You are currently viewing the URLhaus database entry for https://ubeil.mx/or/nmniimai which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2322170
URL:	https://ubeil.mx/or/nmniimai
URL Status:	Offline
Host:	ubeil.mx
Date added:	2022-09-28 18:19:16 UTC
Last online:	2022-10-26 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-09-28 22:31:15 UTC to abuse{at}hostgator[dot]com)
Takedown time:	27 days, 22 hours, 30 minutes (down since 2022-10-26 21:01:50 UTC)
Tags:	bb H322 H436 Qakbot qbot Quakbot TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-17	FwYocDZfgXsoEeaIm.zip	unknown	49f2660d56a67bf69ea84e162391ef925a28b9241f3816e022f5f78b20f2c1eb	n/a
2022-10-13	ueNjLsWT.zip	unknown	9b6d6414f89d5f02f76fb64d0a3f39f2e389d9ebec3abd7e1673b561fc286ded	n/a
2022-10-08	R744742602.zip	zip	f8706d9ab6ddadc635ad6f87d98fdae6afabf64b96f409a400c8c8a8b849b01d	46.97%		Quakbot
2022-10-06	R922751381.zip	zip	dd3ad6929c66132ffe150cbeb4d38ec2178236e6650b47bf1266a4e9c5ee50f9	17.24%		Quakbot
2022-10-05	Co3717366693.zip	zip	f4877f6b9059f151e22a0f95ad072002e595d9829fdb8194b0fb1ee64d2fbaf7	n/a		Quakbot
2022-10-01	Card1266650931.zip	zip	f6eb71c1a5c5faa03f0dda518d75dd1ba521fae1de99af3576c7ae9d4903659f	16.39%
2022-09-29	Gall2413231562.zip	zip	ca462bc9370acec301ece182c5b2f42927aaf781572920f5a7be004fc21be845	1.61%
2022-09-29	peuTrtmeo2265393731.zip	zip	a4d4eec03b3663b2eef8734825a09ed1854125434b54b8e7afb191aeabb88837	3.17%
2022-09-28	Autemvoluptas766808451.zip	zip	9249a9533cd3fe595b8e3e140a69bcad84064aeadea49feec6b9ee3336d12611	n/a