URLhaus Database

You are currently viewing the URLhaus database entry for https://ubeil.mx/or/tuatu which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2322209
URL:	https://ubeil.mx/or/tuatu
URL Status:	Offline
Host:	ubeil.mx
Date added:	2022-09-28 18:19:26 UTC
Last online:	2022-10-27 20:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-09-29 08:00:08 UTC to abuse{at}hostgator[dot]com)
Takedown time:	28 days, 12 hours, 17 minutes (down since 2022-10-27 20:17:34 UTC)
Tags:	bb H322 H436 Qakbot qbot Quakbot TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-15	ckLOpaVeFByqkH.zip	unknown	02b3ed1fac96db289bdeea49f7ffff32b79de00043004fca106494a7d93dd348	n/a
2022-10-10	Gall349393449.zip	zip	43124a19d9f7f95bd08e589361728d14e3259308e506d6a974041c683c7b7c7e	n/a
2022-10-08	Co1908432623.zip	zip	bd9d2c850b90452fd77e3061678f87dc3dff16e10d509ae8120e441c51f29743	25.76%		Quakbot
2022-10-05	Co2318122014.zip	zip	fa3f7cfe3abbb329265f26bbbdd40bdc0329b51c35563cc16934dd3decdd9d7d	20.31%		Quakbot
2022-10-01	Card1280351482.zip	zip	a3b1a9089906220f15072e57745f89be750a0afee656db57f7e8f4044ba5b187	n/a
2022-09-30	SzRxihQEdlOUcPkLHC.zip	unknown	6599d06758e35a9a4a2e4805023f3ace5e82349ae8541d104614a320f2798fea	n/a
2022-09-29	Gall93024832.zip	zip	9fb71243e8ba6b5767dfcb858d6104ab0acd5eaebc9fe0bf50e7d59a9179ce94	3.23%
2022-09-29	G1943480877.zip	zip	5f98dad8b07dfe64cb10d49fe16f2776cfb1a5d186f564440132a1fda23a6bc2	3.17%