URLhaus Database

You are currently viewing the URLhaus database entry for https://hmtdtechvn.com/nstu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2645771
URL:	https://hmtdtechvn.com/nstu/?1
URL Status:	Offline
Host:	hmtdtechvn.com
Date added:	2023-05-30 12:09:45 UTC
Last online:	2023-05-31 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-30 12:13:17 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	1 day, 9 hours, 18 minutes (down since 2023-05-31 21:31:47 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-31	doc_B738_May_31.zip	zip	a8c93c9f3ae74697faa06d676e8320e61dbc2d008ec38b979e53c23d08ced715	20.97%	Quakbot
2023-05-31	doc_E423_May_31.zip	zip	5e03d8be67e086465f18f115df1fb7299668b20f35be63e9552d802ee27d148c	n/a	Quakbot
2023-05-31	doc_C240_May_31.zip	zip	d29460fe17490d0a96980351568dc356aed2681aacc747983b3c209f0f146b54	24.19%	Quakbot
2023-05-31	doc_E175_May_31.zip	zip	7b1419d970f5020796f7e682bf1a2665daf8533466c2d648517595e65a03600a	n/a	Quakbot
2023-05-31	doc_B514_May_31.zip	zip	e3a938361367f4e4d9db290be342e47f162a53e13f037a66c6fc49def602019a	n/a	Quakbot
2023-05-31	doc_F530_May_30.zip	zip	981366fdd3a0bfba4056361414d0fb8bbcaf22fa47c79724e948808dc4e185ff	19.35%	Quakbot
2023-05-31	doc_E193_May_30.zip	zip	9afdfd414ef9bc7f5af01bb617968d90ba47651b28395273479281d2bcb60858	17.74%	Quakbot
2023-05-31	doc_A726_May_30.zip	zip	cd57e66bb3864bfa0fda13fe4c9ad8d110e1cbd47f990e1529975da00d70f751	20.34%	Quakbot
2023-05-31	doc_F071_May_30.zip	zip	ad88fb8a6afbfd738d0281f03b75ace9fd546e0246b2af04e198b642b4d2721b	22.58%	Quakbot
2023-05-31	doc_E612_May_30.zip	zip	5358f71cdb7746bf6e90aefd8d46dd5a549694be73538d75998397756795051b	18.33%	Quakbot
2023-05-31	doc_E146_May_30.zip	zip	b416c95b366ad5661b04c28418d165e5761c6f31106be0fbfc4c713dbbee044a	18.03%	Quakbot
2023-05-31	doc_C627_May_30.zip	zip	642f96f37d4da9a106a091200670bd918e47e7cdaf78cffd223a1e6d6c596ef0	17.74%	Quakbot
2023-05-30	doc_E629_May_30.zip	zip	a34e8d0f0e0c8438d501b30907959d112a2996fbbcbc3c50847d8c17a40ce47e	19.35%	Quakbot
2023-05-30	doc_B302_May_30.zip	zip	c5d36ac85a17013425b57de666dc7e622e735d941c7d01358042f4b27e5b1f67	17.74%	Quakbot
2023-05-30	doc_D278_May_30.zip	zip	fef7ca1f96385da65ecd35455ad2b82176a33f9028d5a4157b0cdb3d7708e0ad	n/a	Quakbot
2023-05-30	doc_B587_May_30.zip	zip	0886b4ea3521e11c7e319cae968d8a79723a30b08fb5623cda5900e6263d5602	n/a	Quakbot
2023-05-30	Cancellation 346891 May 30.js	js	3b6908c0e6d32ff3e45610b8d1c4db567a80164d5b1a33624a8e3c9e6625a39a	n/a	Quakbot
2023-05-30	doc_A352_May_30.zip	zip	c86539a37756bf18583c122a6241c4d07f08fcf963f1fa7ea220a03adbae6c7c	n/a	Quakbot