URLhaus Database

You are currently viewing the URLhaus database entry for https://autoimporte.com.br/upe/ulitemspnattvo which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2328648
URL:	https://autoimporte.com.br/upe/ulitemspnattvo
URL Status:	Offline
Host:	autoimporte.com.br
Date added:	2022-09-30 20:21:16 UTC
Last online:	2022-10-28 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-10-03 03:23:12 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:	25 days, 13 hours, 39 minutes (down since 2022-10-28 17:02:25 UTC)
Tags:	bb Qakbot qbot Quakbot TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-19	jhEFShhaaDDBnB.zip	unknown	21250c6a77e4a685d64dbf4b4e3feb49958be060ee5ebb8bb8df3da552c7d200	n/a
2022-10-14	uSQXLV.zip	unknown	ea24a3c915fb21ee63e4cca90a6eee0e631f0021d2eb7e58dd724014981a1659	n/a
2022-10-09	R2312365528.zip	zip	424f2f4277b8c4907062e35a32b280c77d2d1a3abaaf25bc754f8c120910278f	45.45%		Quakbot
2022-10-08	G2202539521.zip	zip	862af059c440393e0179d7486defb542d0915374785e36ee8478712481face4a	43.94%		Quakbot
2022-10-04	bsXKqwkuGnGaD.zip	unknown	1c6ad202d76d29e35ca3a2174a8223a1d9adf59dc339af2bd1bfa4be73dee6b3	n/a
2022-10-03	Card964683231.zip	zip	2609242e402123bab9e703cec41546261ca2c46dbcdeda017926316b43dc0e61	1.61%