URLhaus Database

You are currently viewing the URLhaus database entry for https://autoimporte.com.br/upe/lmotassiete which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2328592
URL: https://autoimporte.com.br/upe/lmotassiete
URL Status:Offline
Host: autoimporte.com.br
Date added:2022-09-30 20:20:26 UTC
Last online:2022-10-28 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-10-03 00:45:10 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:25 days, 18 hours, 11 minutes Bad (down since 2022-10-28 18:56:49 UTC)
Tags:bb Qakbot link qbot link Quakbot link TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-17QpFiY.zipunknown d27758fe165d0d00e247ba94d48361027e40919718fc020bc77b5683e98bc07cn/a 
2022-10-11O-1199855697.zipzip 0f363480ee383b099e42f62b11425a9d2dc8e1151473cab439fa9fbb78e8d414n/a 
2022-10-07R1692754971.zipzip 473a81b513fe75647b8b13e2a4ffbeae06393c638c0bfc552f3354d261d133e9Virustotal results 40.91% Quakbot
2022-10-05G1522431184.zipzip 28c36d4783c4a5ecfc7a3f4bcd9e5e5958901f52cbadbe82dab2e9f641334225n/a Quakbot
2022-10-03Card3433777837.zipzip d46fb5f2733a6575b0bd55371c5836adb3a711b2a6f03ff56e89c80a060206fdVirustotal results 1.61%