URLhaus Database

You are currently viewing the URLhaus database entry for https://prauditores.com/ut/detoorel which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2339598
URL: https://prauditores.com/ut/detoorel
URL Status:Offline
Host: prauditores.com
Date added:2022-09-30 21:53:19 UTC
Last online:2022-11-29 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-10-02 15:31:15 UTC to abuse{at}bluehost[dot]com)
Takedown time:1 month, 27 days, 12 hours, 24 minutes Bad (down since 2022-11-29 03:55:53 UTC)
Tags:bb Qakbot link qbot link Quakbot link TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-11-19fYYAuuqCqsXXbFdRcQE.zipunknown 56e12575362cedfaacc12f79c98298e70a6cfdb759622b66527016f64af6194an/a 
2022-10-25KOAAiSmlBJLZs.zipunknown 344b5734ca9acd26e9375fc4e5bfa213a108b8060d8af721ffc689ba7a4a1bdan/a 
2022-10-17MpnuTAH.zipunknown 71a31af9567a8374203a612e984fdd620a93f439bf9b3e84cdd8d5d5c20acc5en/a 
2022-10-14YeKVesuKcqePHL.zipunknown 847e48a7f841ed2b17298491421ade5ea692043e3bd434054c577b9ee36d4231n/a 
2022-10-08Co2271280432.zipzip c4a1c0eb3515756784eedc51be112460fb941b51c43ee5787363aa941778fe71Virustotal results 48.48% Quakbot
2022-10-02CA4020625523.zipzip f8d444b62fa89f361af66bda9ce9858b3076cfb92f0f489592a9c3033ebb7c36Virustotal results 1.61%