URLhaus Database

You are currently viewing the URLhaus database entry for https://lokhandwalaminerva.com/odrt/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2645780
URL: https://lokhandwalaminerva.com/odrt/?1
URL Status:Offline
Host: lokhandwalaminerva.com
Date added:2023-05-30 12:09:46 UTC
Last online:2023-05-31 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100124248 created on 2023-05-30 12:10:25 UTC)
Takedown time:1 day, 9 hours, 41 minutes Poor (down since 2023-05-31 21:52:15 UTC)
Tags:BB30 geofenced js Qakbot link Quakbot link USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-31doc_C819_May_31.zipzip ad44aedf3a17789cfe167dd82b8c4d22f7a64d25fb695da0c30dbd048063f4b8Virustotal results 19.67% Quakbot
2023-05-31doc_D278_May_31.zipzip f81d5562b7ea60ecc55918befb028bfe7833ddfcc6f625669af64dcd223057cdVirustotal results 19.35% Quakbot
2023-05-31doc_C651_May_31.zipzip 229065da344d25581cdc47fe748c977ae54a46d20113890000dd73003c7e4f1cn/a Quakbot
2023-05-31doc_E543_May_31.zipzip e445f4f65444e05c686dd2d1d5b02d8d489fd669b30c8e6310203f3ea86a8e6en/a 
2023-05-31doc_B276_May_31.zipzip 25d605a81ee238185f1f42c14c157babe0e34bd85f39671e8f4fb57db08fef97n/a Quakbot
2023-05-31doc_C862_May_31.zipzip 6f1b021393fd350f623f58d024da1b53d561f29961e7cb89b6794790d1239dfdn/a Quakbot
2023-05-31doc_B473_May_30.zipzip 30074f7d3ea7d221de3bef746d9429513c86a2b10cba313c6566fcc75dd3934cVirustotal results 20.97% Quakbot
2023-05-31doc_E948_May_30.zipzip 97d228020b654d8fc499523744891c473cb30f305d73e0cb7d8ccb6769a0bac0Virustotal results 19.35% Quakbot
2023-05-31doc_C135_May_30.zipzip a6055e5b1e86fd6b23ed1e4c19e0173651a8977a206e533c620eca0ae84dc091Virustotal results 19.35% Quakbot
2023-05-31doc_A463_May_30.zipzip ca2fabf9e00e2607f4a51645f71378f36f90e978120dadc736766892f7201b76Virustotal results 19.35% Quakbot
2023-05-31doc_C627_May_30.zipzip 642f96f37d4da9a106a091200670bd918e47e7cdaf78cffd223a1e6d6c596ef0Virustotal results 17.74% Quakbot
2023-05-30doc_A205_May_30.zipzip 79b287d6430603e26a1efccb992ce8f7d61fa94d73e1510c7765402770dcc535Virustotal results 20.00% Quakbot
2023-05-30doc_D609_May_30.zipzip 59727a9db9d0b8c752fed96dc416d4978999e22555fca42003b2f6b39497576eVirustotal results 19.35% 
2023-05-30doc_A814_May_30.zipzip feefa43048841d8c82c33ac8258587199e6ad8c6379ddae57e476299f71dd45aVirustotal results 18.03% Quakbot
2023-05-30doc_D145_May_30.zipzip aa0d946d182924e6022dfb49f0d26ad3354cb1599198ed36b822d77bcb12986eVirustotal results 17.74% Quakbot
2023-05-30doc_B539_May_30.zipzip 25307cd983a4a6bc2eeaf40bfb2a5327df817e517724add9f4c52cf34c866f80n/a Quakbot
2023-05-30doc_A714_May_30.zipzip d7ca6203b7bbfc29c2b673458f586f92bc26c60699b33d4b2baaac180f8a2271n/a Quakbot
2023-05-30doc_A185_May_30.zipzip 140111facf9c44510fcaf45d0440615e7056bfc1815f9ce1996d019d64846dafn/a Quakbot
2023-05-30doc_A409_May_30.zipzip bb9b230315b9a3127de18e7ad2e1d832a4c106c733fb9a07e660b84d48ed59e2n/a Quakbot