URLhaus Database

You are currently viewing the URLhaus database entry for https://meditourz.com/ousl/ooemrrlerrod which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2337388
URL:	https://meditourz.com/ousl/ooemrrlerrod
URL Status:	Offline
Host:	meditourz.com
Date added:	2022-09-30 21:30:27 UTC
Last online:	2022-11-21 01:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-10-03 08:19:11 UTC to abuse{at}hostgator[dot]com)
Takedown time:	1 month, 18 days, 16 hours, 52 minutes (down since 2022-11-21 01:11:30 UTC)
Tags:	bb Qakbot qbot Quakbot TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-25	PZNTvkRbvd.zip	unknown	4ee657b67b5f43d9ebb6967252fb65f4df1967cbcbfc49b8a728c2234715a12e	n/a
2022-10-17	fyqeUDlHHOgCPj.zip	unknown	0faa594359b9a347e3131e7e32dec74c8fa8850747fcbf25459c7bb5b3774419	n/a
2022-10-14	Ijcm.zip	unknown	a7fd39e9479a0fc483f10a13cc0b52a1e88f880c3c9acaced60e383c8a2013d0	n/a
2022-10-10	NE4193953827.zip	zip	2330209dffaf9ca6199da80772238a94079d37c8178afb0bf9ba59babffee4d9	n/a
2022-10-08	Co505966204.zip	zip	3c14df1ceef9ebcdb64d3857b947f58139e4fd6f00774600e8053cbcc2da6436	48.48%		Quakbot
2022-10-04	Co4210762858.zip	zip	98577f073bc2acc55f0461e71147e00a4d3f2b298dc04026f9ae6f64c63c918f	3.17%
2022-10-03	UyuhVmI.zip	unknown	da13c3515c42dbb5a964c8113baf2d1b104331c4e69a47f549e73cbba4171bda	n/a