URLhaus Database

You are currently viewing the URLhaus database entry for https://autoimporte.com.br/upe/ettu which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2328604
URL: https://autoimporte.com.br/upe/ettu
URL Status:Offline
Host: autoimporte.com.br
Date added:2022-09-30 20:20:36 UTC
Last online:2022-10-27 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-10-02 20:28:10 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:24 days, 10 hours, 58 minutes Bad (down since 2022-10-27 07:26:57 UTC)
Tags:bb Qakbot link qbot link Quakbot link TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-18bJENSisecBanctm.zipunknown 8215cf5a0885937f29b1699ebbfc0a69b7fcdd05717ac2fd7f116af12020cb5bn/a 
2022-10-14AmnpAzWyFlLfrb.zipunknown a21325cc499db23b6ac8d9c0bac44c3f6607b1242f45627fa41b96de5a70c1e6n/a 
2022-10-09R634523900.zipzip f925bd2d4a29af5baae759caffbd7d2bdd2a47fe41be622db25007f6ba1e969aVirustotal results 49.23% 
2022-10-05Acc3346499895.zipzip 697a5c9236d6830d677d7b62d574e462f7662c67720e91755999e2cbec7db857Virustotal results 20.31% 
2022-10-02Card960166816.zipzip 1897e733080d20df658e36aa67effdeccb1e4ce7912ee6029e0b5da484d583afVirustotal results 3.17%