URLhaus Database

You are currently viewing the URLhaus database entry for https://yarrowenterprise.com/qai/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2646186
URL:	https://yarrowenterprise.com/qai/?1
URL Status:	Offline
Host:	yarrowenterprise.com
Date added:	2023-05-30 16:50:29 UTC
Last online:	2023-06-01 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-30 16:54:37 UTC to abuse{at}godaddy[dot]com)
Takedown time:	2 days, 5 hours, 3 minutes (down since 2023-06-01 21:58:06 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-01	document_A325_Jun_1.zip	zip	f169b55e3c8ebc633a33b2a3cbadf2fb63355bbc576ca151350a3ab9bfb856d2	22.58%	Quakbot
2023-06-01	document_C821_Jun_1.zip	zip	92d3b776a015eb53af3c9881767dcc41853042b6e679e5bb31198e18e06b7612	20.97%	Quakbot
2023-06-01	document_B910_Jun_1.zip	zip	caa89f25131c430ddb971ab334fa78750f900505dfff4352c2756b56a9d664e6	19.67%	Quakbot
2023-06-01	document_B104_Jun_1.zip	zip	797b826447715de2b29cce89708428f28b89de76fbf03c85a3ba2d89877d3612	20.97%
2023-06-01	document_A048_Jun_1.zip	zip	26d3e1d38991dd1299c967891e4c9b6a81fffc10bb56671b5f03576f248d07e4	n/a	Quakbot
2023-06-01	document_F163_Jun_1.zip	zip	9e252d701a138198d85be9da26334d2bea3e0364922134d27945bc1ac054f910	25.00%	Quakbot
2023-06-01	document_C782_Jun_1.zip	zip	ba46a3253264bae4ab3913bfb58df17a270e89ecb774bb022b72641755161603	n/a	Quakbot
2023-06-01	document_C238_Jun_1.zip	zip	55425a475c1f758166c1924a866ab48b9953edc60a4c4379d9e370cda33cff4b	n/a	Quakbot
2023-06-01	doc_C208_May_31.zip	zip	1441eec6e40587a7ced44eff7be28f51a02e518a8780f3ba354b702e739aa7f2	24.19%	Quakbot
2023-06-01	doc_C591_May_31.zip	zip	30fd7cdc0a6462152ba2339bab72e8c87ebed26836f03b30be77102fcd758e4a	20.97%	Quakbot
2023-06-01	doc_E243_May_31.zip	zip	596e510d96a565429832ebf2a2c8d3e68b6e57afe2a1760c75a62c6429b7395f	19.35%	Quakbot
2023-06-01	doc_A520_May_31.zip	zip	fff1ae6c5abf09e612fc1cacb83d7843640c22ae1634e79e5fdb13ecb47d3e6a	19.35%
2023-06-01	doc_A251_May_31.zip	zip	3481ea1607002255551cae5b9159ffe8031ecabd72c867a7f6319e8572254814	17.74%	Quakbot
2023-05-31	doc_D078_May_31.zip	zip	8770b232a57e9624c5b5d65d35c8ad8472c6f33bce0f15d85d6c0dd68db72398	18.03%	Quakbot
2023-05-31	doc_A054_May_31.zip	zip	693977223e6b8e17d16aeea5837abfb3f3b988eb08b070f4afdeca086cf68ba6	20.97%	Quakbot
2023-05-31	doc_B126_May_31.zip	zip	a8680c896bbfeeaf6a61492593bcb72b4fc01f33f22abf638adee70d9d4e6f40	22.58%	Quakbot
2023-05-31	doc_D958_May_31.zip	zip	5d315734f3fe0daaef2522985443aeb1653206ad48ad7e5dccd564bb5f073dd8	20.97%	Quakbot
2023-05-31	doc_F368_May_31.zip	zip	066c9b00d05b5a6caca804775e94ff0e10d7cce31d4a48cb88f22ee1aab45ec6	n/a	Quakbot
2023-05-31	doc_A935_May_31.zip	zip	29ea738339f0a0970e8df05e38b7e1fd1f5f4d16ded192bbf3f6df3eb1edf03e	24.19%	Quakbot
2023-05-31	doc_D672_May_31.zip	zip	252659fbb19dfd3e66bc8e67989f14820d103b77909ea2b55f367228b50a294e	22.58%	Quakbot
2023-05-31	doc_B816_May_30.zip	zip	89812bc4c210fa8a8cbea311e13675402ee30150fb085bc8b87919b2bceb54a7	19.35%	Quakbot
2023-05-31	doc_F698_May_30.zip	zip	066ff3863df405821b8684784a75bd2b06193d84a32cc39fc5d1d0574b4d1cf4	24.19%	Quakbot
2023-05-31	doc_D371_May_30.zip	zip	27150a0b85b99c482b3c5a7bd4440528e1cf4d682a62de41815878623e8a24c1	19.35%	Quakbot
2023-05-31	doc_A936_May_30.zip	zip	0c4cf3ff1076b219af415c80b933335a7b3bd67201ce27f25c31602a50e51f96	19.35%	Quakbot
2023-05-31	doc_B018_May_30.zip	zip	c34a1e13ecb62c5c68348fb3fb27dc204a084ff68d1e0b25925251b843c4ac29	21.67%
2023-05-31	doc_D427_May_30.zip	zip	86050c985b01ccf5053f2ee2f95d567f0fdef39ee7d39b2371e9202f8f8ac432	19.35%	Quakbot
2023-05-31	doc_D586_May_30.zip	zip	6b3f2d88859dae404a50a1c37b4e1e42fe74054ba00386a9815cc8d2e08670d2	20.97%	Quakbot
2023-05-30	doc_F918_May_30.zip	zip	cedbc298fa04e25b4874e018189c08adb0aaa4b5daae5fd4a30847cd629b7a4e	17.74%
2023-05-30	doc_C034_May_30.zip	zip	eaab0588f030d1042387c0a0da83a0b9afda5e58d24548356c2bd88b1de7f1ed	20.00%	Quakbot
2023-05-30	doc_C792_May_30.zip	zip	d6376efffb23799c409931cabed23dd46a60f12311907af201a615d2d4180d45	n/a	Quakbot