URLhaus Database

You are currently viewing the URLhaus database entry for https://autoimporte.com.br/upe/desit which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2328612
URL: https://autoimporte.com.br/upe/desit
URL Status:Offline
Host: autoimporte.com.br
Date added:2022-09-30 20:20:41 UTC
Last online:2022-10-28 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-10-02 14:18:09 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:25 days, 19 hours, 42 minutes Bad (down since 2022-10-28 10:00:38 UTC)
Tags:bb Qakbot link qbot link Quakbot link TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-16OMooDd.zipunknown 2ae4bffccc2800d48af2f0655a36fb54c2a78330586b2d30400af1485b3fd0f3n/a 
2022-10-13KGevmi.zipunknown 9d978c77d92f9c9688eea994502c71e6e2adddbbddb4216a17cc078edbbe5b43n/a 
2022-10-10R225156728.zipzip 9b6fbdb1717bbe38a6b9c782f1733ef75c913dd00dfa73afe999ec2dbd5fbbd3Virustotal results 45.45% Quakbot
2022-10-03seltanoiirAa1323107855.zipzip 56cf41f5bc450938ea51d989efee4894199a4b9d2f0d952edc716e0d35657c7an/a 
2022-10-02C3851642490.zipzip 6e51842a9e41832b9df626972e74213c63d3414b25b17c930fe77b1843b63c67Virustotal results 3.39%