URLhaus Database

You are currently viewing the URLhaus database entry for https://mario-klemz.de/qiim/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2645696
URL:	https://mario-klemz.de/qiim/?1
URL Status:	Offline
Host:	mario-klemz.de
Date added:	2023-05-30 12:09:29 UTC
Last online:	2023-05-31 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-30 12:11:58 UTC to abuse{at}contabo[dot]de)
Takedown time:	1 day, 10 hours, 5 minutes (down since 2023-05-31 22:17:41 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-31	doc_E804_May_31.zip	zip	03acafc879ceb382e38d8eef3e331bfeb94433595ac9e944ae20f23dbb8c2f9a	20.00%	Quakbot
2023-05-31	doc_E296_May_31.zip	zip	9bd066be1e9d003ca8d6dafa57527818346f3936cd7a74ebace2dbfa8123f6c6	21.31%	Quakbot
2023-05-31	doc_B790_May_31.zip	zip	627e89486dadb418ff2ec512e91e4211c547bc363bef9f6d17a7653f98bfa45a	19.35%	Quakbot
2023-05-31	doc_A702_May_31.zip	zip	1593fdafd4d815f0acf4c9394e39eefa3d3324558a661f07a6bf91c3bad6740b	n/a	Quakbot
2023-05-31	doc_A104_May_31.zip	zip	425043a1730b2af903e988c45c8f0cfa6ec5604a6c800133bf34055ae6c36cf8	22.58%	Quakbot
2023-05-31	doc_E216_May_30.zip	zip	aab031e9f3216501e2a08dedfdd7d67a89889304b79a46a9c1320d7e77c028d6	19.35%
2023-05-31	doc_E652_May_30.zip	zip	22ece2f26cc6603907ae51c8813f6e48504b50ea3964cf8c4b358e60d5f0db49	19.67%	Quakbot
2023-05-31	doc_D345_May_30.zip	zip	718dbe354fc126eeb08be2005ce01022d37a65f8d40e7dee50387c65ce0dbe83	19.35%	Quakbot
2023-05-31	doc_C469_May_30.zip	zip	b29ce45faa874ca2ea0086265d533025b64555bec9883b0035c3d8f4bed1ffea	19.35%	Quakbot
2023-05-31	doc_A412_May_30.zip	zip	8c0538089a97c041dce5df07b6b5c8518333e5a991b4dc05160c57968970e8d1	19.67%	Quakbot
2023-05-31	doc_D281_May_30.zip	zip	ff489fd8dbd188cd4b300827b89e194f277f628c06da66939038667b0d3f3b74	19.35%	Quakbot
2023-05-31	doc_B632_May_30.zip	zip	8a0054c6440458f8b8610a37a02171447c5376a1f6c249f19fd940b3d09a6649	19.35%	Quakbot
2023-05-31	doc_A576_May_30.zip	zip	2820220016f41be67ada0834f11eec435930c12165606272c9d62ee4b37f8d7f	19.35%	Quakbot
2023-05-30	doc_C046_May_30.zip	zip	ab562c4bb761619f933562694b93552d65627b61ba0b51356b79e39bac505042	17.74%	Quakbot
2023-05-30	doc_A240_May_30.zip	zip	1aa7b578351dba1de7d2a2c7cf2f5ac82db4e72c2f4017e9e424d2f081a6f3a0	17.74%	Quakbot
2023-05-30	doc_A751_May_30.zip	zip	b345b61adea43fb0ce27cc7f82c7c87c1031e2bbabfe8fe347d6e60b0200e3d6	19.35%	Quakbot
2023-05-30	doc_E048_May_30.zip	zip	7c0e092f9f81f38f1e8d3672e8825a9dd82d9e72a6a383d6a95e57b6690a164b	n/a	Quakbot
2023-05-30	Cancellation 744209 May 30.js	js	3c817bc4d7627e6c568e757044579cf39f4f801fac123c900b20033a083270f9	n/a	Quakbot
2023-05-30	Cancellation 157682 May 30.js	js	455ffad164c7ecab61b3a2fefae4f17a68da103a3d7c92bb2e4d91f35273fa45	n/a	Quakbot
2023-05-30	doc_F832_May_30.zip	zip	cd7f03eeccb9707209c2ffd07a09a60931c367c245c768f488e25b3f7e6be514	n/a	Quakbot