URLhaus Database

You are currently viewing the URLhaus database entry for https://ugssecurity.com/ill/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2625326
URL:	https://ugssecurity.com/ill/
URL Status:	Offline
Host:	ugssecurity.com
Date added:	2023-05-05 14:13:22 UTC
Last online:	2023-05-07 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-05 17:52:05 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:	2 days, 3 hours, 17 minutes (down since 2023-05-07 21:09:42 UTC)
Tags:	BB26 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-07	Duqrwfrs.zip	zip	7951ea26eda46b020e4ae4b05d18c9591a9f2dff1c4f6c04a5388c068acb2f9c	4.92%	Quakbot
2023-05-07	Dkmd.zip	zip	e461a4a1362777adb4c106301af159d0345c4ceae6b58862b66fae9e42cac951	4.92%	Quakbot
2023-05-07	Hodte.zip	zip	8840c53712721f54c83b3095133691c48805cbc46ccf456ea486efc775c7281b	8.33%	Quakbot
2023-05-07	Hqxdzt.zip	zip	bb1cae071f4e5c38a3b82204c72d29d592247e28428960ed0768c1ebb3908162	26.67%	Quakbot
2023-05-07	Sxtymcfx.zip	zip	9d6c2b0c97a0c231fb2eeee7c0c5291799ee16b4e3d46898bbaf577c6b480dc9	24.59%	Quakbot
2023-05-07	Tptal.zip	zip	7570590eb798e21d921c4b236bc5cb0b53808a95e16fd8d535c7d0d7b13a9c16	8.20%	Quakbot
2023-05-07	Aghmbe.zip	zip	2ca7cc9b03266bd06ddc6bcdff4eddcee51618581408f8a8fc6d8c7736a1c66c	5.08%	Quakbot
2023-05-07	Htuw.zip	zip	c1cbdc0d2aaa1d24373ae9ec16c1128a5f6f49d3d657808b4e3131e4b4d86630	8.47%	Quakbot
2023-05-07	Upijk.zip	zip	6ee9850e17d34115d2ab3677500ff793bac54e223346a6be935ab0a975dedb3d	5.08%	Quakbot
2023-05-07	Uyjo.zip	zip	fc4d23096a19594d60f02f4f1bec7379b6627917d9f99535bc59dfdd9a2d19b3	8.20%	Quakbot
2023-05-07	Dimeoioi.zip	zip	eba95b7cbca54f9b76200d8dc96eaa960f54b774d1fb4e80545e78eb8df53e4c	4.92%	Quakbot
2023-05-06	Sxkrdftu.zip	zip	23fab9359ca6d220af47017deb10c5932e6334bfb6234ba9e181e80ab1d6bcb1	5.00%	Quakbot
2023-05-06	Rawl.zip	zip	9f8d93267c94aff62a5e4dc037612ed28032f1a5910b62b3e6e604ad55a2c8e3	4.92%	Quakbot
2023-05-06	Bmjmqptk.zip	zip	e90f048fe4298b51374190bef3ba6e56ed58b39675f8dd2074a9fee950ec28c4	4.92%	Quakbot
2023-05-06	Fuweah.zip	zip	52fdba6a57bb53b2a238ab6ed5aff9ae594d7b1a7b6cfdfab71ed29c4141dd6f	5.00%	Quakbot
2023-05-06	Nlsin.zip	zip	38c56cb096880580a44d72fd7ce8f90ad1e93083766acd180192515fc328fdaa	4.92%	Quakbot
2023-05-06	Dcebhf.zip	zip	611e4e696208140ecb8fb80ec2dce8bd5a86ea7647771705b7850777cf1ca8da	4.92%	Quakbot
2023-05-06	Xdfpmnyv.zip	zip	867101ad83bddf6911db0cfa89cec06b9feea601ad74b822343f61175de7e87a	4.92%	Quakbot
2023-05-06	Cwrcdhzm.zip	zip	9f74f37644802bf0ef0614687d6be760f4fcbfc88ecefaafbdce6813bfaa7082	4.92%	Quakbot
2023-05-06	Lqlfj.zip	zip	a55fc3ead50442fa1958d0348b36711140d2a6ca197b9313aec69f023c9bca00	5.00%	Quakbot
2023-05-06	Tyqlgeo.zip	zip	f549c953232c0459328011d05e38115f6c95fd58d90100a033c3027aa2ae1e6d	1.69%	Quakbot
2023-05-06	Mdqf.zip	zip	857f789b93d5c55c86e90847f6f0a51286b3795e9ffe69d5b7098457a9b61057	4.92%	Quakbot
2023-05-06	Ujyyxnvs.zip	zip	7b6d42fe3f916b8d84dd1f14a4ba441741875e9409ad322ee4e73e7d8f00e9e1	8.20%	Quakbot
2023-05-06	Cgfpyze.zip	zip	9e2b45ec4c21134ac51b46deff75e823cc9465956d76a120f881c2957056dba2	4.92%	Quakbot
2023-05-06	Bsoeyn.zip	zip	fb1922ab2347a918324f8f719a60332337c8da9beef6699d494449c5f1d59d51	4.92%	Quakbot
2023-05-05	Divml.zip	zip	c7c20452735deb5b45e7a26fbe1602ffd9d87b8a776060989ee11634beba8e57	4.92%	Quakbot
2023-05-05	Cllije.zip	zip	ec56df692113fa834eb0e9611b7a3b5b6e8a7144bc133b882f66ed6f427ad1e7	8.20%	Quakbot
2023-05-05	Wdnivy.zip	zip	c190530dcb41ed76e796a1fdaf02623df3f71d4906e1ce5c46f61a8fb76adcf4	4.92%	Quakbot
2023-05-05	Aqvosoh.zip	zip	0a4ad8dbc3578dd6e3a3b2c9345ec87fde5f7880bdc7b67bd613addd3e19b808	5.00%	Quakbot
2023-05-05	Nyxva.zip	zip	a6338a719a0e7a7b50bf61470f41364b38e6a3569a93697618571555fd8b2abc	n/a	Quakbot