URLhaus Database

You are currently viewing the URLhaus database entry for https://meditourz.com/ousl/teeevneimat which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2337344
URL:	https://meditourz.com/ousl/teeevneimat
URL Status:	Offline
Host:	meditourz.com
Date added:	2022-09-30 21:30:16 UTC
Last online:	2022-11-17 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-10-02 16:10:14 UTC to abuse{at}hostgator[dot]com)
Takedown time:	1 month, 15 days, 21 hours, 35 minutes (down since 2022-11-17 13:45:56 UTC)
Tags:	bb Qakbot qbot Quakbot TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-30	ecjEgvJBdM.zip	unknown	0d381e6ec1ae62a526c529ac160633022aa15e701bf3ea39f4e0eb0d3812e976	n/a
2022-10-21	Xfcdca.zip	unknown	c0ef80c07bf10b47f9444beb8ab868e105f19a704a95a43f9ff8f6b0ef380954	n/a
2022-10-18	bkwzUEO.zip	unknown	70a77e7f9a2088a8b6974a109513b707b354a57f911b44e4c93b7344eb7e161e	n/a
2022-10-14	jpaQ.zip	unknown	aaa3f62633da7dc65bc2f710774cb386f1dfeb871fad5555f30bdad2cf52c59a	n/a
2022-10-08	R478503545.zip	zip	2f90a5ab3e7217ea28791347ec825917b85c05e5be2d9be8a6f6c685551d8aaf	42.42%		Quakbot
2022-10-03	R3041941591.zip	zip	44d5d0ef37ac93f7d5b7293e234bf266078d8945100005f4a994285719c964f5	n/a
2022-10-02	C2166078179.zip	zip	47b562fe9ecb0d9f3971c6586e5b94283382a38602be5e42f1684ff991514a08	1.67%