URLhaus Database

You are currently viewing the URLhaus database entry for https://safes-endocrine.com/opu/opu.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2604611
URL: https://safes-endocrine.com/opu/opu.php
URL Status:Offline
Host: safes-endocrine.com
Date added:2023-04-10 16:21:14 UTC
Last online:2023-04-13 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-04-10 16:22:15 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 12 hours, 39 minutes Poor (down since 2023-04-13 05:02:09 UTC)
Tags:BB23 geofenced Qakbot link qbot link Quakbot link R89 TR USA wsf zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-04-12Jgo.zipzip deaec0042a1eb6222df8df6466fe015902ec57ec05e0bb12b7647dbc19b9b36dn/a 
2023-04-12Aob.zipzip 7d84f97b29d422b3ab22d6ad35d6bdff4f27e296db3285f0275279d3dc767bcdn/a Quakbot
2023-04-11S.zipzip d8c6fdabcb99cbc19a75d8573b828f2bb0b64d0b59d61808c24500e54ca5c222n/a 
2023-04-11Bly.zipzip 8597741f7058915c28a5ba935b187b9fc78215420c509915cbee30e3bb60f50cn/a 
2023-04-10I.zipzip a99480f3d77063b33ae122f3ae009725806ba5e84a45bc5f5a8b0cbb97b94cebn/a 
2023-04-10Hxhv.zipzip 22bc1df3ba3998e6bb642f5e45e1bdf8a7710920d7d7dfa6d41db56d7c930935n/a