URLhaus Database

You are currently viewing the URLhaus database entry for http://emoto.mk/purple/rain.zip which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2619991
URL:	http://emoto.mk/purple/rain.zip
URL Status:	Offline
Host:	emoto.mk
Date added:	2023-04-28 12:31:13 UTC
Last online:	2025-10-03 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2025-10-03 11:44:11 UTC to abuse{at}hetzner[dot]com)
Takedown time:	3 years, 1 months, 16 days, 13 hours, 18 minutes (down since 2026-05-29 01:50:34 UTC)
Tags:	geofenced obama258 Qakbot qbot Quakbot USA wsf zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-10-03	rain.zip	html	00be7f643a12ac2221c9ba8df4fb34b3701c336fa830d24fe906c55364ef7b35	22.58%
2023-04-29	rain.zip	zip	035b155df1232e363ddbbc75f3317a13fbfcae5aa430becea1cafdb8cfbe1219	13.11%		Quakbot
2023-04-29	rain.zip	zip	a2bfc19da3c302e399c796f5c51d3a2afecec0f15512cb144776e75fb4566e6d	n/a		Quakbot
2023-04-29	rain.zip	zip	15482cce867f50161cb7e0c70862b17aa6504326b6d86da1efb8639128158be7	9.68%		Quakbot
2023-04-29	rain.zip	zip	c1de477556fb8a58080674449838de861ab6c323d19cc6f92e38d5d798b38554	n/a		Quakbot
2023-04-29	rain.zip	zip	5809bb51b71606b476b71f08b365c402294f07c62466b478be1a8d3dc6d97d12	n/a		Quakbot
2023-04-29	rain.zip	zip	7c6be2da887c564fc056b9e6085d431ff0a26d0cc3d24b250a50c927ca9539b9	n/a		Quakbot
2023-04-29	rain.zip	zip	4b4690ae6706208c54318b9aa231e752ba0f99bf317fc7f8183a6966f3bd4f5b	n/a		Quakbot
2023-04-29	rain.zip	zip	78a8f5725f1a68d674c34e3d69f1a42b68b0ed6e18224c60dfbda00f973d0428	n/a		Quakbot
2023-04-29	rain.zip	zip	7c19f4cf0ebff720f4602b5840e395871e4ba5e22bd4b2dda77fc666457c6ddd	11.29%		Quakbot
2023-04-28	rain.zip	zip	485f7288dbf23ec30e20411959698b12627ef60661498ece1ad218e63c9a3c39	n/a		Quakbot
2023-04-28	rain.zip	zip	ab2b510dd8ca6a800d23ec5437a5de6235204e95c7180d51b12a87dcf23324ef	n/a		Quakbot
2023-04-28	rain.zip	zip	9cffad3fd872af32e7ddc1cf8f8fc6ea0b8c7b2acd452360338c4f7b8cf5a7b8	n/a		Quakbot
2023-04-28	rain.zip	zip	44738f15cf8ba446cfc43f8c416489b7de284e3438f1f536ff2af0aa72e567ec	n/a		Quakbot
2023-04-28	rain.zip	zip	a58b1a50f58e6ca4a624c05cb5c954e116e1a9f3f053ad5722755e2a160a3f83	n/a
2023-04-28	rain.zip	zip	489c6cf25e2ce484dada0db317d58acc61f7257a37cbc6f658a3db16a27d2692	n/a		Quakbot