URLhaus Database

You are currently viewing the URLhaus database entry for https://autoimporte.com.br/upe/liqurouodam which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2328548
URL:	https://autoimporte.com.br/upe/liqurouodam
URL Status:	Offline
Host:	autoimporte.com.br
Date added:	2022-09-30 20:20:19 UTC
Last online:	2022-10-29 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-10-02 11:11:09 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:	26 days, 21 hours, 13 minutes (down since 2022-10-29 08:25:07 UTC)
Tags:	bb Qakbot qbot Quakbot TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-20	vXqbbNKIoCb.zip	unknown	8a5216429cceb4807e72ceff961a61c7e8c7421918486912d704ee1e9b035637	n/a
2022-10-13	ZmNbexmU.zip	unknown	25c6dfbfaf128c38abff9a28a492b1bdc4563632ae6291e16c94c58ee06fbef6	n/a
2022-10-09	Co757048012.zip	zip	3663ad724ab8608542a7da9cdc15937ede6bb51d399fb5dee7b765c406677150	40.91%		Quakbot
2022-10-08	R3477508295.zip	zip	a9139bd249128aadb9df47450546799a289d089c8eb544cdc6f977237df12142	48.48%		Quakbot
2022-10-05	AC2176762205.zip	zip	b8833ad8fc298c4c35bae3b23ef15462f608bf19878f02450222e35373b3a023	n/a
2022-10-02	Card940643178.zip	zip	285bdffcb79ec841366abadeb52525f3ffa261b61292f14129b68a3ba1b02354	1.59%