URLhaus Database

You are currently viewing the URLhaus database entry for https://wefoundworld.com/vost/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2640134
URL:	https://wefoundworld.com/vost/?1
URL Status:	Offline
Host:	wefoundworld.com
Date added:	2023-05-24 14:13:10 UTC
Last online:	2023-05-26 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-24 18:02:08 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	2 days, 7 hours, 28 minutes (down since 2023-05-26 21:43:19 UTC)
Tags:	BB29 geofenced js Qakbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-26	364.zip	zip	990742f4a842a6b5a53f7a3c161bbc60660f2086607e74c2ff80b5a0a9b5282d	28.57%
2023-05-26	303.zip	zip	4807216864e3b5ac21d550f06da69a9867d55c5522044abfd437ccc4e649b376	19.35%
2023-05-26	116.zip	zip	b75a392c13a155f9a4d91a6d03043ddecc8b5e12e4b59473363439fe2609b18f	22.58%
2023-05-26	920.zip	zip	226a19f0547a03f0e08852e41fc6da60f21a034cfa59570b37d942c3d0687960	25.81%
2023-05-26	516.zip	zip	ea43fb89577d4e3c92bef86919bcf94ffb1338bfe9e2e25588c1236af8448fbc	20.97%
2023-05-26	282.zip	zip	a8e4cf7e06afe0f9b12d503d115e0f5d74c0effa901ca8922dbbe7ba8d37ae74	22.58%
2023-05-26	531.zip	zip	f5896ed7c132843ea87c45f30d6695f1ca77d3fd3fea4501e939ad3ac784877b	19.35%
2023-05-26	219.zip	zip	b4fca610365dcf635a20e3afc22c87f309c5eaefbe5475a73e75b838e6926832	24.19%
2023-05-26	513.zip	zip	a0869d073493a9e9776af4756470e5e4419d21194f2931b366827740d11b5d28	22.95%
2023-05-26	700.zip	zip	666efa3dd55a3ce67d31c3d57682a41e5b0cf2a3eb311ca94117de63f751f467	16.39%
2023-05-26	106.zip	zip	0d3c9a9628e5695d587a544ceb14c8081d83c1ecdda9e755fc3e13db8b2f3085	24.19%
2023-05-26	457.zip	zip	334530a1bed5c217708115d5275930005a515e6e0080dd1635904d4d779aabe7	21.67%
2023-05-25	247.zip	zip	03ccad8c215dd519a5a144b91d9d03006aacae75e7e2d7f8c93f1f0c8f28349f	22.95%
2023-05-25	59.zip	zip	40c80b5733134d01c2f40b645f95a14c8e21255f12d4a5d73543c46405e35621	23.33%
2023-05-25	103.zip	zip	1f7bdd83c8ef963800e98efd84907f7ef63e82f5f43031f79bc63e1cc8ac1553	19.35%
2023-05-25	333.zip	zip	d2b3705fe475094b0f0e46dfd059249fa1b0e744290bd863a32f549bbfd47fea	19.35%
2023-05-25	366.zip	zip	25c713a9145e968cd1a7f012d978ba4f7acaad4308df556671398a13672d0e23	n/a
2023-05-25	577.zip	zip	9b77d43f0ed10bac4ec4e5311ef7f45ae1d705d93995e453115c3a40531e3094	n/a
2023-05-25	588.zip	zip	95aa1cd5428a56423d948459d325451c2d5af6e59b3a14dd37921dec53af206c	n/a
2023-05-25	pentastichous.js	js	3bdf73fb4686c7e7161a484ce20558560e95277538a748dd1be1d554ac862efc	n/a
2023-05-25	FatteningMeteor.js	js	1e991fe369ea0a1bcef4005e04e188c3137bcfb2a2220f8b68869dc275f6c433	n/a
2023-05-25	Aarrghh.js	js	b55937df6cc606fd4a9dbef5dfb4c6718838a7c1f327d4e2da677588675f91b3	n/a
2023-05-25	Doyennes.js	js	ef0f9a3d5698dd64a476252f38ed8523e353ccca81c4b45f7a585a7d13a32bd9	n/a
2023-05-25	UnviolatedUnsed.js	js	6bf10f63343d216a891075eeac162a51c254f8dfa912c4fbb1d72bc8c529467c	n/a
2023-05-25	coruscateSheeps.js	js	10c1adf1df4a29b1fb5b3d1e182851312815f0ca0805c71d9608cbe57df50837	n/a
2023-05-25	disorderedness.js	js	7b9a42270bdca182a541fe40fa3bba9f349d657b658a612498caa905a84f3cbd	n/a
2023-05-25	SpirochaetalesP.js	js	10d17a263b46f1144854c02d75685de43e403734e357beee9365d6735b9aa382	n/a
2023-05-24	rhizotomiPropyl.js	js	c14c067b1ddc680bd4cc1af359caf39f90b501344205ef462da542605f7519a5	n/a
2023-05-24	orpins.js	js	23611627628e06baa6fa64e061bdc8a0d5d3ef2ccacbb203fc555674e28e4c41	n/a
2023-05-24	Occasional.js	js	1e9c4de50f7e1652a58efa9d935978b0a23bbbc36ef86c137450f19238ff91f9	n/a
2023-05-24	doc_A912.zip	zip	1e0cec3609b23fe82d9099136dd3f64ff1853ffc9af41585a0a5c7125e52bcb0	n/a	Quakbot