URLhaus Database

You are currently viewing the URLhaus database entry for https://yarrowenterprise.com/cu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2645697
URL:	https://yarrowenterprise.com/cu/?1
URL Status:	Offline
Host:	yarrowenterprise.com
Date added:	2023-05-30 12:09:29 UTC
Last online:	2023-05-31 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-30 12:11:59 UTC to abuse{at}godaddy[dot]com)
Takedown time:	1 day, 9 hours, 25 minutes (down since 2023-05-31 21:37:32 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-31	doc_C917_May_31.zip	zip	2cc1888ced0edc468a0cc6bfbf004fc18df13f7f43e9c247ac4696c3ae0465ec	19.35%	Quakbot
2023-05-31	doc_F281_May_31.zip	zip	8b609722d05a32aab714534308a93dcfae53a2a1b873d8a1bdcf5cea578f5dd6	n/a	Quakbot
2023-05-31	doc_A318_May_31.zip	zip	8c23746e97df03566204378abb90677e4f361de721e0888c891286600b984d3f	n/a	Quakbot
2023-05-31	doc_B093_May_31.zip	zip	aebebd3fcd89d4b0f47094f6331f1e86a2506ce228ffb81d4570c5aa3ae63157	23.73%	Quakbot
2023-05-31	doc_D032_May_30.zip	zip	e088b6dc4531cc53f8c5a1828918b13643dc6a5fc1686b62371efd6fdf04dff6	20.97%	Quakbot
2023-05-31	doc_C413_May_30.zip	zip	5ca8c9840cf72649809650b6439efaefd839c960ab31ffba92d79a7acef46831	19.35%	Quakbot
2023-05-31	doc_A421_May_30.zip	zip	0db879fa118176786026ae9f98cb448c37b98e04c8afce8e900010c318ed6b59	19.35%	Quakbot
2023-05-31	doc_F916_May_30.zip	zip	1e1726d3dca939b0a42b294c314e66406ad779ea55a7f423540fee5202f56922	17.74%	Quakbot
2023-05-31	doc_D298_May_30.zip	zip	49e47cc5ba896e6652423d5e158051b83a0d453d5c39c0444b211e3bd03112f0	20.00%	Quakbot
2023-05-30	doc_B507_May_30.zip	zip	d221c27df3d433e066eda231831487ed5612673838303e70d1b3b8361471c833	18.03%	Quakbot
2023-05-30	doc_E017_May_30.zip	zip	7b212476d346fc37847c81b6663009459f830019126e181bfd262308c386f002	n/a	Quakbot
2023-05-30	doc_B327_May_30.zip	zip	eca2ca496a77c2965de4680f2de3716549cf08539753ccc695d057bf341585a0	n/a	Quakbot
2023-05-30	doc_C213_May_30.zip	zip	f2cc710fc6bb31a749d42a237535e5295fba878212707c64fab808f387cca6c2	n/a	Quakbot
2023-05-30	doc_F846_May_30.zip	zip	ac6ef694101420364ba7183245f99971ab83576c4186ff3ced5dc1e63040d06a	n/a	Quakbot