URLhaus Database

You are currently viewing the URLhaus database entry for https://meditourz.com/ousl/nasrvdsemoeau which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2337415
URL:	https://meditourz.com/ousl/nasrvdsemoeau
URL Status:	Offline
Host:	meditourz.com
Date added:	2022-09-30 21:30:33 UTC
Last online:	2022-11-02 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-09-30 21:31:15 UTC to abuse{at}hostgator[dot]com)
Takedown time:	1 month, 2 days, 12 hours, 49 minutes (down since 2022-11-02 10:20:45 UTC)
Tags:	bb Qakbot qbot Quakbot TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-10-28	LobYHmH.zip	unknown	3a2bbb53210e790d7ad7154d1c5565a8be7ab696cd4786ef3856cd9d266600a1	n/a
2022-10-16	fyLGKqqe.zip	unknown	a7b69a0989da28fb3a6a874d6aa155dd29a1eabc6c1c9b2cab8f9fa0c4c4ce78	n/a
2022-10-13	eThbHyXjYJ.zip	unknown	966382f5c2b16b7da8611fe1929773f46ca586916ff72d027030ca3889e7840f	n/a
2022-10-09	R337074018.zip	zip	7407cf78ee44e579ac0a7a6d02e378efdd09fe20a39284754007c149bb70e177	46.97%		Quakbot
2022-10-08	Co943431929.zip	zip	f63a6b7e036c0ec28d8c30758b9fcef61dd88a3768bc9a1c12237f60f16eab40	47.46%		Quakbot
2022-10-02	Reiciendissed2463554948.zip	zip	de0db70f99a689ee87845f2d0be7b05e14d415f5b8d3ac16033f9d24a8fde782	3.17%
2022-09-30	Card38067631.zip	zip	1c0faf4eadd9963565fd98d13a15e0616b105369103620c9df8528a98a589e52	n/a