URLhaus Database

You are currently viewing the URLhaus database entry for https://ecotasar.com/tpon/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2645758
URL: https://ecotasar.com/tpon/?1
URL Status:Offline
Host: ecotasar.com
Date added:2023-05-30 12:09:43 UTC
Last online:2023-05-31 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100124246 created on 2023-05-30 12:10:23 UTC)
Takedown time:1 day, 9 hours, 16 minutes Poor (down since 2023-05-31 21:26:33 UTC)
Tags:BB30 geofenced js Qakbot link Quakbot link USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-31doc_D628_May_31.zipzip cc8ddd78f0b403fb9b1c5629d684530fcd5ff89e5983d791374e64394d9ebbf1n/a Quakbot
2023-05-31doc_D120_May_31.zipzip d1e96f48c0a6696530b05f9526ff0cd3e2e9a63658421f60913c977f9dcc261fVirustotal results 19.35% Quakbot
2023-05-31doc_D672_May_31.zipzip 252659fbb19dfd3e66bc8e67989f14820d103b77909ea2b55f367228b50a294eVirustotal results 22.58% Quakbot
2023-05-31doc_C250_May_31.zipzip eb00ee070bca2870a281022ceac9302bcee3cff823f3f46a574bbe4c57e82efbVirustotal results 22.41% Quakbot
2023-05-31doc_B893_May_31.zipzip 4de9e6e4052fc9b6e7cfb13e41da1785b7c4ff6ec9bf5a23c260da95e3caa47fn/a Quakbot
2023-05-31doc_C391_May_30.zipzip 9b821f749b830c0a4490e6ed5cf167f7785e12130d7aefc61d64128b4acd7354Virustotal results 17.74% 
2023-05-31doc_F647_May_30.zipzip 1da1360c51b2af0fad2c06f1bd1363b35b212873c7464f36eb1d897a1a9adb99Virustotal results 19.35% 
2023-05-31doc_A201_May_30.zipzip 16e498a67c4817dd2b30c9cb886faf3a60abe280840b54a60ea52f1b5cd7e961Virustotal results 19.35% Quakbot
2023-05-31doc_D120_May_30.zipzip 71d0c93a6df83b8c835dfb8a8267ebcad84745cb4d4e232979afa85a33e0f0f0Virustotal results 17.74% Quakbot
2023-05-31doc_D275_May_30.zipzip b9b80097876c242100bddc0510713058ee21792beb7715bb79aca8140ff2bf79Virustotal results 19.35% Quakbot
2023-05-31doc_F987_May_30.zipzip 6af3422f84ab1f60035f5b3ee9277213d51f341db1e88250ec15e4fbb78e38e2Virustotal results 18.03% Quakbot
2023-05-30doc_A239_May_30.zipzip 18a9667ed8104a065758f303f577b63782e148bf1fc5992b9b45bb36e3b0c0afVirustotal results 17.74% Quakbot
2023-05-30doc_D614_May_30.zipzip 6dc5b3cfff991dbf5b8935cfcd56fbcf26d922df56879b89929def26487d1511Virustotal results 20.00% Quakbot
2023-05-30doc_E986_May_30.zipzip f4d487c4f733dcc2d11bb8bd4459a0010512323cfbd911a963744a4948a5beacn/a Quakbot
2023-05-30doc_D690_May_30.zipzip fcb7d4daac7890afdba27611e7a0d36cbb3813b0086856b795254cb477efef04n/a Quakbot
2023-05-30doc_A508_May_30.zipzip 314bc535dce76b77e6ae88c4dfc22f7a6302b1625403e1ad2504ad3e843ac5d6n/a Quakbot
2023-05-30doc_A268_May_30.zipzip 159f7f10d269cfe63d994d2eac450d3a4ec078337eb1dbd584d2779b97d9b0c0n/a Quakbot