URLhaus Database

You are currently viewing the URLhaus database entry for https://usapva.com/su/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2645664
URL:	https://usapva.com/su/?1
URL Status:	Offline
Host:	usapva.com
Date added:	2023-05-30 12:09:21 UTC
Last online:	2023-05-31 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-30 12:11:03 UTC to abuse{at}hivelocity[dot]net)
Takedown time:	1 day, 9 hours, 49 minutes (down since 2023-05-31 22:00:37 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-31	doc_E892_May_31.zip	zip	3ae6efc7fbd6b74a3c072f7b8f4ff2afbf37ac9e8cc288d219641e09c11590b4	17.86%	Quakbot
2023-05-31	doc_B724_May_31.zip	zip	7badaebb575fd8bc4174b137b99f618218b8d79e55c042372b0751e9e5dd1558	n/a	Quakbot
2023-05-31	doc_C920_May_31.zip	zip	091b58511fa80b0cd12e8b471ffb0dc51cad0135977e617fdbf9aa87a8d2d2bb	n/a	Quakbot
2023-05-31	doc_E413_May_31.zip	zip	8a150d8d9fdd056d01c894da322bc3b7bab38f769e7080e70733806f529143c3	n/a	Quakbot
2023-05-31	doc_C185_May_31.zip	zip	83ad539e2c8d487f727f4ec24c0dad21b2353ae97959951ce6ae1d5677b30ce8	24.19%	Quakbot
2023-05-31	doc_D415_May_31.zip	zip	d5bbc7f92b5ac4ac8feb745ebccc17767766a7448656a78ed31c7bebed1daa04	n/a	Quakbot
2023-05-31	doc_E612_May_30.zip	zip	5358f71cdb7746bf6e90aefd8d46dd5a549694be73538d75998397756795051b	18.03%	Quakbot
2023-05-31	doc_A430_May_30.zip	zip	da4835e1087b88a9b80caa1bb9f7f019d93a5253e12033e33bf9f4a23db1940e	20.97%	Quakbot
2023-05-31	doc_A574_May_30.zip	zip	5bb1fe4630e6b47b4fa11ea9e771e79f2b0b1e70c5d8a8db4ac9b7d85bcf8b6b	20.97%	Quakbot
2023-05-31	doc_E574_May_30.zip	zip	3e3018a606627fcb9f2e29a904c20a148a8644693d8d9c92981833dc103ede6f	21.67%	Quakbot
2023-05-31	doc_C135_May_30.zip	zip	a6055e5b1e86fd6b23ed1e4c19e0173651a8977a206e533c620eca0ae84dc091	19.35%	Quakbot
2023-05-30	doc_D574_May_30.zip	zip	1424223b2c5285652263eec3bcf4001b71c2bd7645c9508e11adc9d00330da0d	18.33%	Quakbot
2023-05-30	doc_A529_May_30.zip	zip	4a86e26c72850f668615162eca236c9f27e83a0fa7744fc9a98164759bda0916	17.74%	Quakbot
2023-05-30	doc_F391_May_30.zip	zip	9f4639a7575d36b29b7db6421051a04a908f9dcd1212a5bfd0f3bf1263c536bb	17.74%	Quakbot
2023-05-30	doc_D879_May_30.zip	zip	bd59bb7b811420cd53c359ae3cfad5be067bc29492bcd0d1982bf04473c0d79f	n/a	Quakbot
2023-05-30	doc_B527_May_30.zip	zip	3e78f2b3ffeef6fdc56a8cd5ccad7336a67bd32cbb127c2bebfe95f5024ebba2	n/a	Quakbot
2023-05-30	doc_B462_May_30.zip	zip	d4c160dd6203deeac37d8e272b1e3abbacc8da04b8e1b010ef7d73a1894cc975	n/a	Quakbot
2023-05-30	doc_F625_May_30.zip	zip	ea4fb4489e14539e4803b5753065eb99562e2f4023564bf359cc7a643669936e	n/a	Quakbot