URLhaus Database

You are currently viewing the URLhaus database entry for https://sahityaclasses.com/euti/fugalaborum.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2617807
URL:	https://sahityaclasses.com/euti/fugalaborum.php
URL Status:	Offline
Host:	sahityaclasses.com
Date added:	2023-04-25 12:59:13 UTC
Last online:	2023-04-28 01:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-04-25 13:01:38 UTC to abuse{at}godaddy[dot]com)
Takedown time:	2 days, 12 hours, 26 minutes (down since 2023-04-28 01:28:02 UTC)
Tags:	bb25 geofenced Qakbot qbot Quakbot TR USA wsf zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2023-04-27	D.zip	zip	914042e1991fc70d879f60768734164a95a55d6bee873f9a9ac666926df1e2e4	0.00%		Quakbot
2023-04-27	Hzub.zip	zip	f11f22566bde0afffb33e16dd443bf6a6c94cba0777ee8ee8c227370a55abfd3	n/a
2023-04-26	Tp.zip	zip	8a6a1e890a1767cc180ad84e9dd45b8394f33f7d3d6499dbd29603064422b4a4	n/a		Quakbot
2023-04-26	Fpio.zip	zip	3c1abb3d2e564b5be96e073e476761fceb5e98cb528cfe3de3bf62e84ac28a7a	0.00%
2023-04-25	Es.zip	zip	e51b5c47663aeb9d4fd429bd7f2a65979aee46165192ab654fce9cbc5ebf824d	n/a
2023-04-25	O.zip	zip	694e26c3ea2c1a2b9d918f04d2c0141a271f3e04f4832dfd0205a99eded466fc	n/a		Quakbot