URLhaus Database

You are currently viewing the URLhaus database entry for https://menuazores.com/iut/qbot.zip which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2396100
URL:	https://menuazores.com/iut/qbot.zip
URL Status:	Offline
Host:	menuazores.com
Date added:	2022-11-02 01:57:12 UTC
Last online:	2022-11-27 12:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-11-21 04:28:08 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	25 days, 10 hours, 8 minutes (down since 2022-11-27 12:11:17 UTC)
Tags:	BB05 BV1 iso Qakbot qbot Quakbot TR zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2022-11-21	M2.zip	zip	b55aac8a6d5dabcfd1be4a3b7615e51a3c4f88226e182153b6e83a4c394b4ba7	0.00%
2022-11-15	CA370910171.zip	zip	78c2ba505ec928359adddae67aac74a0a58e52f9909ce6d1a9665c5637b1e843	n/a
2022-11-15	pdf10.zip	zip	a3ad1540b20079d82336621c5c9aee4d4d7be279b192be2a53262aa4e1cd1e49	n/a
2022-11-14	k5.zip	zip	35eb71d29395225d657afed251123304a1bd151726946b1d85abac30a5091c1d	3.12%
2022-11-10	i9.zip	zip	a1987fc0841d88c6ad8029ee00787824ecf7f0e1f231c39d26caa791c87dc25a	4.92%
2022-11-08	k5.zip	zip	690b97f34491e108b2393d5ac37cdf479976822bb16c4bd355e4d459b3f71cdf	15.87%
2022-11-02	IT9.zip	zip	4635e2515b64830285a85a3aafbd4981cd27471a88ed5a6d53bab3c1269adfe3	3.12%