URLhaus Database

You are currently viewing the URLhaus database entry for https://tourclass.com.br/ii/eorsloeds which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2322293
URL: https://tourclass.com.br/ii/eorsloeds
URL Status:Offline
Host: tourclass.com.br
Date added:2022-09-28 18:19:45 UTC
Last online:2022-11-18 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-09-28 18:20:23 UTC to abuse{at}bluehost[dot]com)
Takedown time:1 month, 20 days, 16 hours, 31 minutes Bad (down since 2022-11-18 10:51:35 UTC)
Tags:bb H322 H436 Qakbot link qbot link Quakbot link TR U425 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-26DiKMkC.zipunknown 3daf0ba09906b0a3909b4dc91532b76729894efe6924abe65055ce9bd22f327dn/a 
2022-10-20NHsVrBgNyHlzj.zipunknown 788158d21c13959af9a6683dd8e31ddef175c9b30ed6f6bee2a277536d78d1a1n/a 
2022-10-13oOBZiyDYzYtHyiqZq.zipunknown e396c9fe274eb5b9079731810201fe921cf209b79e170daffd04840039e05ebcn/a 
2022-10-10P1989842941.zipzip e2024184a7ac1d8e596787d0380b650a00d302ef1a9158f68130e5e978d62130Virustotal results 18.46% Quakbot
2022-09-30tapsxbiolVtueu1951302381.zipzip 82f933e062f430172a862c59f959af345da78d92119b93c9f3725fa04f3bcd0aVirustotal results 1.59% 
2022-09-30G652312753.zipzip ab2818957eae36b1b49c5591ed16943ec6f179c49f9f445915562250c6dc8535Virustotal results 1.59% 
2022-09-29Gall105873942.zipzip 6033418995de12dcaa9bea72db8f46ff6db6a60c450ceb55d612085700f9f764Virustotal results 1.59% 
2022-09-28plKBDa.zipunknown c042d336b9203545e1cd5020ce9db38d84afa38292adad15f36a5285328e30d6n/a 
2022-09-28hUHPu.zipunknown ddfaca57bda116c17cc702a3b0897a480e7e4c35ac71bb16cf63e5fb174108f2n/a