URLhaus Database

You are currently viewing the URLhaus database entry for https://autoimporte.com.br/upe/odirqueosl which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2328532
URL: https://autoimporte.com.br/upe/odirqueosl
URL Status:Offline
Host: autoimporte.com.br
Date added:2022-09-30 20:20:17 UTC
Last online:2022-10-27 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-10-02 20:15:12 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:24 days, 17 hours, 50 minutes Bad (down since 2022-10-27 14:06:05 UTC)
Tags:bb Qakbot link qbot link Quakbot link TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-17bynQBZA.zipunknown ef1c9bd364a802ede28427282cb0b4520a559c7d05c675532032a3f43fe3a0c4n/a 
2022-10-14fHSNNHFdpTMvWBpbq.zipunknown 2ee0cc4b6686222ae2f233205d43e5e8029e63c31e0ac1773281f84b7b8b27den/a 
2022-10-09Co463037632.zipzip e6c44ee63bb018137704d1d8e074c71040c6dc5269bd491b37b790e7f717ed0aVirustotal results 49.23% Quakbot
2022-10-04R1750521796.zipzip 2d7e85baad89fcbd28aaa0ed11f4fdf4ef9c890e04fd0dba07ca39e4f2e4fd87Virustotal results 6.35% 
2022-10-02Card2339845270.zipzip 7e3e81a5555912646022f5b5cf63a34e48068970d49e69a1c47053333dc2713cVirustotal results 0.00%