URLhaus Database

You are currently viewing the URLhaus database entry for https://mambulaocabletv.com/su/autaut.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2618091
URL: https://mambulaocabletv.com/su/autaut.php
URL Status:Offline
Host: mambulaocabletv.com
Date added:2023-04-25 17:03:09 UTC
Last online:2023-04-28 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-04-25 17:04:10 UTC to abuse{at}networktransit[dot]net)
Takedown time:2 days, 12 hours, 8 minutes Poor (down since 2023-04-28 05:12:25 UTC)
Tags:bb25 geofenced Qakbot link qbot link Quakbot link TR USA wsf zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-04-27Ecpd.zipzip d0dc3dbb699cf9d20dd9a073404d329804ed34858b742ffed28d646ce83fa5c7Virustotal results 24.19% Quakbot
2023-04-27Fjfs.zipzip 3e0eafe9f3aa027a52892a2cf92a5a261fc4f805ac5e7aaef581e67fe7e98557Virustotal results 11.29% Quakbot
2023-04-26X.zipzip 0e5606fa91945899e8045f1c77cc1124af4f7c66c85f7fba83281852586aae32n/a 
2023-04-26Cr.zipzip de5b9767436580ff28611e589a52d0bf115073e4e294d22af7b384f49f1ee824n/a Quakbot
2023-04-25Fr.zipzip 5067ff3cf48b3b23f73a300710aa647cb23f8e765841fedd7703b868119d01dcn/a 
2023-04-25Vb.zipzip f47e2d188a6c8d767ff2d617902adbd4a327ff7d10a8d69856253bd741347671Virustotal results 0.00%