URLhaus Database

You are currently viewing the URLhaus database entry for https://picc-penang.com/ridf/modimolestiae.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2618225
URL: https://picc-penang.com/ridf/modimolestiae.php
URL Status:Offline
Host: picc-penang.com
Date added:2023-04-25 17:22:10 UTC
Last online:2023-04-28 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-04-25 17:23:20 UTC to abuse_dci{at}tm[dot]com[dot]my)
Takedown time:2 days, 12 hours, 8 minutes Poor (down since 2023-04-28 05:32:09 UTC)
Tags:bb25 geofenced Qakbot link qbot link Quakbot link TR USA wsf zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-04-27L.zipzip 0df2eb834878942b5311bc765d88d9cba3495119f8c0b6de931ff49fffe2092bVirustotal results 0.00% Quakbot
2023-04-27Fyjv.zipzip 0c33a8e52fea28735aca31f4001e7d9e2c453e6a5a685111baeffca55deed96fVirustotal results 9.68% Quakbot
2023-04-26N.zipzip 74adeb495d3452bb4a81732f6b6fa24625fad0fc2bc7c3b2afbaaa2d2d837373n/a Quakbot
2023-04-26Ebfk.zipzip f693e5308d68b62718d960972739f1ac7d91ac081aee1285917cd49407ecd972n/a Quakbot
2023-04-25Dek.zipzip 66fc139dee06972b1cb0a55240093c0271f1489d5379962b7ac2eecc5dbf33b4n/a Quakbot
2023-04-25Eaof.zipzip 71eff7819fd3ebfb58ffa5af2a0917fb644c4d6ce97843ccb737eb182bcd3728Virustotal results 3.28% Quakbot