URLhaus Database

You are currently viewing the URLhaus database entry for https://missredwine.com/squi/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2645899
URL:	https://missredwine.com/squi/?1
URL Status:	Offline
Host:	missredwine.com
Date added:	2023-05-30 14:42:07 UTC
Last online:	2023-06-01 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU100124322 created on 2023-05-30 14:43:06 UTC)
Takedown time:	2 days, 7 hours, 33 minutes (down since 2023-06-01 22:16:32 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-01	document_E209_Jun_1.zip	zip	9c98a0de4ab924bcbab61f2155822a875a599e23b797a51b1ae3ca7ce85e7e2e	20.97%	Quakbot
2023-06-01	document_F275_Jun_1.zip	zip	355455f3d0e82fae621b80fc2a397dd4948cc736237cabdf09bf8cd249c3cf26	19.67%	Quakbot
2023-06-01	document_D759_Jun_1.zip	zip	d2d9765aa5a52887c44afdd41164a645b5d08d2c106ef5653c62ceb1ca3d5a7a	20.97%	Quakbot
2023-06-01	document_E690_Jun_1.zip	zip	216db4382c3b7ad66abcc78bee2281121e82d15cef5a5505268a19463242b9fe	n/a	Quakbot
2023-06-01	document_C041_Jun_1.zip	zip	1dc24e9adae226a9ec97fdb286dadfc4c81f81977843818b294314611e15fdec	n/a	Quakbot
2023-06-01	document_D175_Jun_1.zip	zip	4f0f1edd6f91c47d485542265e03d121f72aed17d1558cb7c71eaed55ede3459	n/a	Quakbot
2023-06-01	document_F754_Jun_1.zip	zip	da48c5c83d98278a4d0c8ff57073f502ec499c3011c8a9d124e0cb6d8939d9b2	24.19%	Quakbot
2023-06-01	doc_C308_May_31.zip	zip	937d0241ea8dd7a0a404676489b239556ec1187729c8f9af2f7cf54ebff03ef1	19.35%	Quakbot
2023-06-01	doc_C961_May_31.zip	zip	4933c5af31878066a50af061094193fedad7943ab37746959e2b8a9d8e0540c9	19.35%	Quakbot
2023-06-01	doc_B209_May_31.zip	zip	57f96c40f0f3e6784b472503c750a272c0f814006c6e3386f817d97027ff8e40	20.97%	Quakbot
2023-06-01	doc_D368_May_31.zip	zip	094554d78420c20318839051c2072d93222b1c245e8ada58b4b93aab3c350cac	20.97%	Quakbot
2023-06-01	doc_E560_May_31.zip	zip	095f0e340f97367a357f347f6a3c321d70e49a6690da8b7b2585de301781892e	19.67%	Quakbot
2023-05-31	doc_D753_May_31.zip	zip	3891948ade96eac10250f67741a2885de842679a24ad1be8df630837727986a8	24.19%	Quakbot
2023-05-31	doc_C062_May_31.zip	zip	ea42ac1518d7d52880f05c327a3d7557c4c13b5e5b2483b69ef2680d6ce16117	19.35%	Quakbot
2023-05-31	doc_F186_May_31.zip	zip	4cdd6aabd5b9f60d42e9e84fe7d3dedc3f8d8bdda4f6de97b1c7d46581d24219	19.67%
2023-05-31	doc_F251_May_31.zip	zip	52935d9ae21dac892f15fe539de4fb6e2a38cd3bc3f09af2ebe07e14baeb44ed	n/a	Quakbot
2023-05-31	doc_B957_May_31.zip	zip	9b03c41b7b01416f06f58b7d4f612819d75b74fdc65fbb74e5ab77f654840e3e	20.00%	Quakbot
2023-05-31	doc_B253_May_31.zip	zip	122a4aa50e6298fd39cff512c1f9e989c2e1fec2425bb51b1e5f141beaf28403	n/a	Quakbot
2023-05-31	doc_F946_May_31.zip	zip	3da04e3230a24642227cb9f42bb3612ed4318f883e452a3c41664f56856bf46a	n/a	Quakbot
2023-05-31	doc_D692_May_30.zip	zip	df3556c0ce646a3b34fb2706b9807991069bb5df9dac2749c982c34c4276fb2f	19.35%	Quakbot
2023-05-31	doc_E372_May_30.zip	zip	87c221861f779eed8cd26962d92da438f1c2edd5627480f6335e5094c533615b	17.74%	Quakbot
2023-05-31	doc_D261_May_30.zip	zip	a4f5538b2f9aa081f60b2d61fa7ecf8606c15b1e65f61948dbfd94547ea55e5a	17.74%	Quakbot
2023-05-31	doc_B809_May_30.zip	zip	a762d00ae64c81563344c63475691ee1ba05f77026bd2cf452350d1ce7d40f64	17.74%	Quakbot
2023-05-31	doc_D350_May_30.zip	zip	4e11c5681e452b53d6709efe16a66ca70c9f10c55a0561fb2a85dd64c508e92e	19.35%	Quakbot
2023-05-31	doc_D879_May_30.zip	zip	bd59bb7b811420cd53c359ae3cfad5be067bc29492bcd0d1982bf04473c0d79f	19.67%	Quakbot
2023-05-30	doc_B958_May_30.zip	zip	67e123a0c67a7d7b0ec9032b0a97c7868172e845bd0fa4b7e890a5109955a013	19.35%	Quakbot
2023-05-30	doc_D527_May_30.zip	zip	5dce8daa78b58f5f4493c1827402de3346ba5a2186209f20f6c0ea8ea1f512a4	19.35%	Quakbot
2023-05-30	doc_C234_May_30.zip	zip	28727b148b1238f230769533f15c1b84f7335182d3cee218a07efd8fffe332e5	n/a	Quakbot
2023-05-30	doc_B302_May_30.zip	zip	c5d36ac85a17013425b57de666dc7e622e735d941c7d01358042f4b27e5b1f67	17.74%	Quakbot
2023-05-30	doc_B278_May_30.zip	zip	5ee2d18b6d98a401b8cf9a047ef2d93386c4c67ab36fddfc75789ec5a1e61847	19.67%	Quakbot
2023-05-30	Cancellation 58927 May 30.js	js	9a57b53e841027126b4d59f91cbea50a1762814137d20c745f00f0a2b9174b73	n/a	Quakbot