URLhaus Database

You are currently viewing the URLhaus database entry for https://paaru.org/tm/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2625533
URL:	https://paaru.org/tm/
URL Status:	Offline
Host:	paaru.org
Date added:	2023-05-05 14:14:15 UTC
Last online:	2023-05-07 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-05 14:18:48 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	2 days, 7 hours, 46 minutes (down since 2023-05-07 22:04:49 UTC)
Tags:	BB26 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-07	Wybsbs.zip	zip	1d4360b5c644a1569a8ab41a5cc2fbc24628d8d79a3e53670382bf46e03503e1	4.92%	Quakbot
2023-05-07	Qnrhhzi.zip	zip	32bde2768ab60e6477571f6a639acb188768112eeb8da36522b528c17e24038a	5.00%	Quakbot
2023-05-07	Wrsipk.zip	zip	b187fe28d240399e22e83a084e3a1fb31bab88966cdcfb83289a6834cec1969e	4.92%	Quakbot
2023-05-07	Vjqfhjcc.zip	zip	b2099585ccc2d44b2ac6dabffd23655e0e6f478bfae4d7aaf952683649d0ec97	4.92%	Quakbot
2023-05-07	Vruxdp.zip	zip	3af21324f15bd76c01c42e46531e0d6685795c4dc67964468b3f783e9dab689a	4.92%	Quakbot
2023-05-07	Ehdb.zip	zip	818b60c9367018628320a5249b6101b7d723c30cc9306b687e9bddf642f3c59f	4.92%	Quakbot
2023-05-07	Nepkns.zip	zip	d582fe9bb08f8f2dd235d79cfa752720dcbefa9a141e460868585691e8256960	4.92%	Quakbot
2023-05-07	Ujmwdjf.zip	zip	a43fb70533906e9260d28882c6eeeca16aa78130469be2bedca08fd76f6677b0	5.00%	Quakbot
2023-05-07	Dagr.zip	zip	d84dd812f1f2400a76efc8f958c6430ec43ed6792d541d81db6efa0b63603b92	8.20%	Quakbot
2023-05-07	Hgkkrety.zip	zip	8cb0e99aa4d6a31ae0304b831323bd4a1cca29311b3d3891469ddcd2bfb65bab	8.20%	Quakbot
2023-05-07	Aaeywz.zip	zip	f5a9fcc85d59d0d6b4b31587d912d5b7a7f7f47338eb0aa46fcc7e4600f3afc2	4.92%	Quakbot
2023-05-07	Ngfrgu.zip	zip	20ddeb07a0f3e86311410edd2f507f425ea3c9a947f0ddad667648427bbee3f5	5.08%	Quakbot
2023-05-06	Mkib.zip	zip	b0a0472ced2b7d32ed1223a2476b431ea6afb370e3a32dc85f3cbae85785c6dd	8.20%	Quakbot
2023-05-06	Dhci.zip	zip	98b821c66a127846bf6efbda35f547a4ade7cf2be78cb055d93f843b3a5fc79b	5.08%	Quakbot
2023-05-06	Qoud.zip	zip	d866882efb4175a039e7ce82c91bfc2b3b10af063607273ee5d664dcec98417f	4.92%	Quakbot
2023-05-06	Jvje.zip	zip	a882ab541d36d9d6eead9e720f22904d17d3aaec460eab09cc64ad0711f3e204	5.08%	Quakbot
2023-05-06	Rxqa.zip	zip	2ca7cc9b03266bd06ddc6bcdff4eddcee51618581408f8a8fc6d8c7736a1c66c	5.08%	Quakbot
2023-05-06	Jwmwqxfl.zip	zip	c190530dcb41ed76e796a1fdaf02623df3f71d4906e1ce5c46f61a8fb76adcf4	4.92%	Quakbot
2023-05-06	Syksexpg.zip	zip	7e7097c25ba0059b6075e4a1921f7f92a62380a557300946ee3a6da33bab6d81	8.20%	Quakbot
2023-05-06	Bvcqfu.zip	zip	b70f066530253a90812a2791faa4fba0b6005f70081c59bfcbbc6219bc5f66cb	4.92%	Quakbot
2023-05-06	Mtytdce.zip	zip	3c02b0de789e0e5b8d385db457f9cddde4eb4826bcac273473338f8c10665359	10.00%	Quakbot
2023-05-06	Jglwmf.zip	zip	129b90bd04fa9fe079447f49e7bd193453c889b7990b897061aef4ca877cc144	5.00%	Quakbot
2023-05-06	Rkwz.zip	zip	4ec87bc058cca2a52ac094466508ca892efe311df016afbb8eee291eeb653b27	4.92%	Quakbot
2023-05-06	Ehvwt.zip	zip	60fe71d42541dc608ec90caa355b6039f757305f548ef53df5ddeead90f986b0	4.92%	Quakbot
2023-05-06	Eulc.zip	zip	48ed459e01a78f51364d811f671785e429b2f079d917c7162faea7cbeed1d2e0	5.00%	Quakbot
2023-05-06	Cfpvbnd.zip	zip	93285fca62100095c90a37a1844921275f8f1507e9c622084f4342040c844760	4.92%	Quakbot
2023-05-05	Dlypmo.zip	zip	0b8ccbe570ca417390dab04b3acac1c35578b2cc7488a339f1f36770f3f578b9	4.92%	Quakbot
2023-05-05	Slacsnwo.zip	zip	dec43d50043485d0a48b65c5f70b04b5fac30c74fa6e09df91d6c4a3b6392b1d	5.08%	Quakbot
2023-05-05	Jnhau.zip	zip	ecd978d2649fc97cbbec4aa9ca194f9d238f231c2521908c2f6ee1f2498ef696	4.92%	Quakbot
2023-05-05	Ghwtjq.zip	zip	59aec6c101681a4ef54cb6339679bf38c072e641e78270f41300c6e84dd5b50c	6.56%	Quakbot
2023-05-05	Pbbfxr.zip	zip	012ad1e0674f60de3bbd363e27c942adf8db95eef4cf92be82ea26b31128aed9	n/a	Quakbot