URLhaus Database

You are currently viewing the URLhaus database entry for https://autoimporte.com.br/upe/tseeum which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2328577
URL: https://autoimporte.com.br/upe/tseeum
URL Status:Offline
Host: autoimporte.com.br
Date added:2022-09-30 20:20:24 UTC
Last online:2022-10-25 23:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-10-01 20:32:08 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:24 days, 2 hours, 45 minutes Bad (down since 2022-10-25 23:17:45 UTC)
Tags:bb Qakbot link qbot link Quakbot link TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-18BSTWCVbyozGGEGIgqR.zipunknown da1d736edeffd32c240ee41e26b9a64373dd548192c7cb0486038a5557a66aadn/a 
2022-10-11O_131065002.zipzip 8feed71f3bbddeaa7de212d961bec964a5817298491195575eb22ce03bfafa51n/a 
2022-10-09R2689404276.zipzip e17425ecac67199fa83f0051023ef2a1012e69b265499b2a0fc2d3619d6fc7fdVirustotal results 45.45% Quakbot
2022-10-04Co2681968489.zipzip da673b1ccbf860ad32bda7c68d3ea1c8bda95f558c861323ec11cd1d7d9bf9beVirustotal results 4.92% 
2022-10-01CA2040370808.zipzip 8fc02c93a509eeb0b425e24547d02e7e613bc8654ebed20d8a2e5bc322f98313Virustotal results 3.17%