URLhaus Database

You are currently viewing the URLhaus database entry for https://bodybuildingsupplementzone.com/esu/suntvoluptas.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2617772
URL: https://bodybuildingsupplementzone.com/esu/suntvoluptas.php
URL Status:Offline
Host: bodybuildingsupplementzone.com
Date added:2023-04-25 12:58:31 UTC
Last online:2023-04-28 01:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-04-25 13:00:27 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 12 hours, 11 minutes Poor (down since 2023-04-28 01:12:04 UTC)
Tags:bb25 geofenced Qakbot link qbot link Quakbot link TR USA wsf zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-04-27Si.zipzip 5c88205a2567daad9e6691214bb3c46b410ee6d4e7b8bdf543eee0ca2937a74an/a Quakbot
2023-04-27Pid.zipzip 07589178a3c8648544233d81956aaa87ac9d609da73a9aa27e18700261fef1f2Virustotal results 22.58% Quakbot
2023-04-26Yzm.zipzip 7eb5b51390fc6d0808270529181febe49253a9b9e02dba4f7f8dac6abd99a9b8n/a 
2023-04-26Rn.zipzip 373dbf48f7262af68dc3dd7c80d2f9268e3f4742c3d064cbf7f199e0259d31ban/a 
2023-04-25Shyx.zipzip 1638156bb4857dea2beff68f21d17b4ef22610d0a79aa992a48b120059ee3e50n/a Quakbot
2023-04-25Vm.zipzip 8e92c3523ed0f41a2180a3f30df247a2a5c432e31b6d4fe46855deb18ec5d1f2n/a Quakbot