URLhaus Database

You are currently viewing the URLhaus database entry for https://lares17.com/ri/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2645888
URL:	https://lares17.com/ri/?1
URL Status:	Offline
Host:	lares17.com
Date added:	2023-05-30 14:42:06 UTC
Last online:	2023-06-01 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-30 14:43:25 UTC to abuse{at}godaddy[dot]com)
Takedown time:	2 days, 6 hours, 55 minutes (down since 2023-06-01 21:39:08 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-01	document_A184_Jun_1.zip	zip	8d46c4948a9a8b5a9d89b4d59c60b088d08f629d1e4182d81712dd2b06a5628a	n/a	Quakbot
2023-06-01	document_F641_Jun_1.zip	zip	5c07598d65e374bd68226a17c94b1e5e578ed607e5264848c031435321cecefe	19.64%	Quakbot
2023-06-01	document_D764_Jun_1.zip	zip	e6f848a56278fd7e87f7a3d33f0008493adfbc18e0ad6e7784c8c5a2e0d0f4ca	20.97%	Quakbot
2023-06-01	document_B826_Jun_1.zip	zip	fb33077d38e34a2d3b8a9ff20fd0a687e5f90ee62649836fdbf3bc6a2cbfba59	20.97%	Quakbot
2023-06-01	document_D870_Jun_1.zip	zip	5293b4e5efd7f8dcd08cc4b5aae88a48913daefa3956556aa7d9f902829f12ad	n/a	Quakbot
2023-06-01	document_E238_Jun_1.zip	zip	bca4f109c23c050152d869974c05c8cd073bb8adfaf8546f9565032c33086a09	n/a	Quakbot
2023-06-01	doc_C517_May_31.zip	zip	b2f3c5e72016770918cc9e558c7a9a12ae591f17f757dc8c68a3bc4cc780560c	19.35%	Quakbot
2023-06-01	doc_C514_May_31.zip	zip	a78bb58446fd25e799751ac375cde81965668c80deb715a30e400ff0e6e5c1aa	8.89%	Quakbot
2023-06-01	doc_B640_May_31.zip	zip	fe9b40b46268f44b1fc9cc3febee3638a592b83f505d9cbf88e936aa16e90a2e	20.83%	Quakbot
2023-06-01	doc_F917_May_31.zip	zip	bd8019571bc28a46750499d521ee706fdf8c76958501ce07be56bb22c11f5d0e	22.41%	Quakbot
2023-06-01	doc_D753_May_31.zip	zip	3891948ade96eac10250f67741a2885de842679a24ad1be8df630837727986a8	24.19%	Quakbot
2023-06-01	doc_F208_May_31.zip	zip	e2d3044913a4aa922d4ba77f2138268db5091261a8a58c1db8ef598a74950a61	19.35%	Quakbot
2023-06-01	doc_C358_May_31.zip	zip	ee253f3889b378b4ec282606d0992e588ec0c3b6e027efef61d974f5134d0cac	21.67%	Quakbot
2023-05-31	doc_D372_May_31.zip	zip	7f87e87869cc7ace906bdaee99c270449b8e6f4933320a5a230dd86f728f884c	19.35%	Quakbot
2023-05-31	doc_A469_May_31.zip	zip	fe2702c7fba6f805b882937698957392771d62f50f455595a7fc385d7daa2ce2	n/a	Quakbot
2023-05-31	doc_F538_May_31.zip	zip	b2025ad24693dc84dc308bcdd97f17309d3fece2b0a999ed549def37a6751122	21.67%	Quakbot
2023-05-31	doc_C647_May_31.zip	zip	76fa9bd27a9e6a34e1ec209942da9b05c2b2cced4b9a3fba631e7c71bc4cfe0a	19.35%	Quakbot
2023-05-31	doc_C460_May_31.zip	zip	3515634a86222d10e0e328372a6b1a59280b692eed020f8d82c322df1229fd68	17.74%	Quakbot
2023-05-31	doc_A259_May_31.zip	zip	8d82a1a779e80cdafcd0dcd2cb5bc5bd8aa7fe6c95332636a84e2d3fb77bf508	20.97%	Quakbot
2023-05-31	doc_D619_May_31.zip	zip	9750394a0fd5f646e3d3180e7382e3abf230b0fd57748685993cece8f6cc680b	n/a	Quakbot
2023-05-31	doc_D045_May_31.zip	zip	4d8a0cea033129f3248d2b0d8c63b6022c9ad9de17b9c4624ddf0553e0156a95	n/a	Quakbot
2023-05-31	doc_C642_May_30.zip	zip	b221e76386a4002ec52b4b7a24351464e0d784b7b7d0ce8b8303c547c37292b8	19.35%	Quakbot
2023-05-31	doc_F762_May_30.zip	zip	95b8730bb7f6bfe3da3cd79d3b2e0811d7de3ccc83265d0daa8b076e01228197	19.35%	Quakbot
2023-05-31	doc_E640_May_30.zip	zip	4d7373a35e11edaff2f5df6f4c5d0ab35f1702e7aacf8ebc54f7fc38a7e0130c	19.35%
2023-05-31	doc_F928_May_30.zip	zip	188916b372280dd9e62b94475de419c1c7d7e65123682f417e071ec0522aa9e6	20.97%	Quakbot
2023-05-31	doc_D568_May_30.zip	zip	fd650b9d0b11e680979091b8b1f9cb52be7033cb1c60719a9da0bec85660040b	18.03%	Quakbot
2023-05-31	doc_E204_May_30.zip	zip	660c646201804550a2dab89440cc14f7f24717c350d8b3d1a502c4f740020797	19.35%	Quakbot
2023-05-30	doc_E709_May_30.zip	zip	7aeb2cbe19771f23aacf08ee6b346f42fc7f3354525983214177c2957af7d31d	19.67%	Quakbot
2023-05-30	doc_F234_May_30.zip	zip	07a93bfa12c7eacf9656232b39d2df45a41a8b1401b0a254ba9edf3e30a8ac5b	20.00%	Quakbot
2023-05-30	doc_E372_May_30.zip	zip	87c221861f779eed8cd26962d92da438f1c2edd5627480f6335e5094c533615b	17.74%	Quakbot
2023-05-30	doc_A239_May_30.zip	zip	18a9667ed8104a065758f303f577b63782e148bf1fc5992b9b45bb36e3b0c0af	17.74%	Quakbot
2023-05-30	Cancellation 579590 May 30.js	js	d1718b59a989340d49306740bdc314ad1706b0a597947a1f80010ba0760a97e1	n/a	Quakbot