URLhaus Database

You are currently viewing the URLhaus database entry for https://prauditores.com/ut/iqniu which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2339820
URL:	https://prauditores.com/ut/iqniu
URL Status:	Offline
Host:	prauditores.com
Date added:	2022-09-30 21:54:15 UTC
Last online:	2022-12-01 14:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-10-01 15:47:15 UTC to abuse{at}bluehost[dot]com)
Takedown time:	2 months, 0 days, 22 hours, 50 minutes (down since 2022-12-01 14:38:14 UTC)
Tags:	bb Qakbot qbot Quakbot TR U492 zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2022-11-28	SLKuGsiilmCaeGhFfx.zip	unknown	149b844f96de3f22463a36d70ec47ec65b255b5ae5d2ac80603fbc0f95e7c755	n/a
2022-11-22	aZxzGUhIvgYlq.zip	unknown	2451c72a03c59a9e620448528e5610833947bbd8760961b6b943bee59d38a8a8	n/a
2022-11-18	DsIjZT.zip	unknown	09fec618fe638dba7b97c8ab4ed27752b3c37cd133093128884f6322009cde44	n/a
2022-11-03	NbAgPxDU.zip	unknown	0fe84a5886627df9e2169e359907ffe60ba25520cb759781e9ccbc2d0498ffc1	n/a
2022-10-27	ZzXtPazApPHMwLKXq.zip	unknown	bdd5ce83dfe571dace3a5271faf26de62776b5925150f70843d469f015c69546	n/a
2022-10-22	mMXIiB.zip	unknown	2cddb02680945bdc2d4bb39d134cea7058f5a40a958b9c605fdd1d0e08b969da	n/a
2022-10-15	OJWDpcsoXzBuk.zip	unknown	11ae91cd434f18beb78dcc163a53880bf5e6d01ef1f556a2ba7f8fe63be295aa	n/a
2022-10-14	tgoEEtpdHsDiSKj.zip	unknown	2951e729522c0214b9f771b25c1acc7518d722baefadcf2fb4f37b29b976fcfb	n/a
2022-10-09	R2634740497.zip	zip	24b1b6ef4a7dcd0c0a1371b47e5144bfa263a6db25800d7bf98ee643af94a7c0	36.36%		Quakbot
2022-10-08	R1126491580.zip	zip	18ddfcd380676ecc32406ca15bcf3f66dfcfabbeaf3519c24705ad10bdec79ed	40.91%		Quakbot
2022-10-05	CA2622552181.zip	zip	7335dfde58f45ccb34c769bd8e21a7674c447362e64cb16dd60f226bc6e7d953	19.70%		Quakbot
2022-10-01	CA60352766.zip	zip	c4295a1224da2e9d5c89a19dd479a28609cc0b5d79a8b649f14b4f3baf9425a4	4.84%