URLhaus Database

You are currently viewing the URLhaus database entry for https://orcirrus.com/rut/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2640746
URL:	https://orcirrus.com/rut/
URL Status:	Offline
Host:	orcirrus.com
Date added:	2023-05-25 12:00:21 UTC
Last online:	2023-05-27 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-25 12:01:24 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	2 days, 9 hours, 19 minutes (down since 2023-05-27 21:20:45 UTC)
Tags:	BB29 geofenced js Qakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2023-05-27	659.zip	zip	d75f0bcd50e06fcbe40950608726b3d9eb00d32e6d64325dad9b6087f7acaf36	19.35%
2023-05-27	477.zip	zip	6cafc660598f52c635b89456f8879e9c609c478f5863aa98dac35bb7e3029c4f	16.39%
2023-05-27	731.zip	zip	eb28a620b127eeec16417632b62e4a33000a6a9e5b7720fd08f6b0e46ab33947	19.35%
2023-05-27	32.zip	zip	e9a3845e4662486275212c47a6d9f36fcc239623edbaccdb4818eb732f2f34f8	33.33%
2023-05-27	26.zip	zip	adb2010a61becdf8827cedbf7059a9628fbef9e295998f58038a80671eaece32	27.42%
2023-05-27	726.zip	zip	069e5d686886895977b43113d5f48dcf14db64b7852ca8dc385d3f4fbc3c640c	19.35%
2023-05-27	316.zip	zip	386e6a95b28eb30f2cd995cbd6f45dff249724a9affe6acdf2869243d66a33e5	21.31%
2023-05-27	845.zip	zip	93d4354431b3e348d540575eb7ca40710ec6421ca3507a753a23027dfc6fd7e7	23.33%
2023-05-27	2.zip	zip	e131765d13c90243253a0d5ba09c4f90719129611a47af90b300312b917cbbf8	21.31%
2023-05-27	558.zip	zip	2877941a53898ed621d151c876f740a3f195e2bad9ae3b56c020bd6ff5d08be5	27.42%
2023-05-27	144.zip	zip	cec74aa885f9547086aade41a64f67fb4f979cbe145434b36bd4e9586f15b25a	16.39%
2023-05-27	541.zip	zip	485db78b9408f0655abe9c58a9380e0b68c2b70ccf301e8a55c345924b6b1e78	29.03%
2023-05-26	178.zip	zip	57679b4369cecd8dadb4a5b0f31f89674a35cd532bd04189a4cb189cb1a7b6cf	17.74%
2023-05-26	807.zip	zip	76124f9b4723a0136c3104a4a4d16f1ec9940df045345e1613fedbff64c4bbb7	22.58%
2023-05-26	718.zip	zip	a4e0d09c381c888b82a509413014ae11f5110ffd19026c746d9382ca7975e63d	17.74%
2023-05-26	404.zip	zip	bb4bd247544d5e2a0ec8c77485881feba468dc516bebb4180d8a78f253a3b7ef	21.67%
2023-05-26	80.zip	zip	02dd6c1fbd56b47235090f365112b8479905a06f3d0b7d21f0f9008d6be07ed1	20.97%
2023-05-26	862.zip	zip	643945c0f4575beb3aa89663d67407e128647e7864bb9e830b0877d09babd72f	22.58%
2023-05-26	672.zip	zip	49136866719cae0224a9fa209c71ef3449030d6a5706eb9718bc2c18f40ef840	23.33%
2023-05-26	609.zip	zip	3acd27275ee88578688df3d0a548c71a6329e40cbd03aa50a7557be1585c57a7	21.31%
2023-05-26	850.zip	zip	2aa00d299ea960a5c30a44faeedd17e9eb848d3aa04549c2dd28d8ee9643f381	22.58%
2023-05-26	520.zip	zip	90b4ff4e3c9ccc24a52f8767f422ab73d9ffdd8ae0753aa166efadbafa35ff08	19.67%
2023-05-26	922.zip	zip	758672a1fcf4ad51914dc6e289ec9aa714bece3e39fab71379645d55cc37cbd2	28.33%
2023-05-26	894.zip	zip	ba9c1164acca83f4211100b1933dd811a2ff5e00649c2fee0df0de2bb7bb6ec5	21.31%
2023-05-26	970.zip	zip	2f841ea135bfea1f73f4919dea9596dfbb51629dc57e223f21369193c89016b9	25.00%
2023-05-26	74.zip	zip	6df1359451c0648a01dc5365262849eca6845a0b02bdefb348533602465447d8	20.97%
2023-05-25	211.zip	zip	e29c80035e987b23df8ad63956044fb5395bebd590b122a972a4cf36fdf78be3	20.97%
2023-05-25	626.zip	zip	39cdc2f9dcd885bcdef486eda26b500d018ac0aba85e7b076e7549ea71b81b0e	20.97%
2023-05-25	378.zip	zip	cd90e4fa4e3f0281ad718c8f91d6ba764d99056d7850b1a7b3f27e0a7dd559a2	17.74%
2023-05-25	105.zip	zip	fbb7d2a0a25cce5703289d971cb3bf9722be9dff055f7aae57ec0f2d55781eb6	22.95%
2023-05-25	801.zip	zip	b0887ecec2ef198ba27e840d6bef13810f6e53af8376e928662f0b6584978d59	20.97%
2023-05-25	475.zip	zip	d61e8aefe1de0fa7df53a790207c9b646e7740015514568d6c8f984f9a03f213	17.74%
2023-05-25	391.zip	zip	8d1829cb96a42da8fb5f74c0666c3c43e64e7d5b84dcf1eea19764c8682ddf69	n/a
2023-05-25	767.zip	zip	34e9912e4cc8ab441910a3298a69f9cc08e184ef7e860b4a726bb3c322f197e9	n/a