URLhaus Database

You are currently viewing the URLhaus database entry for https://bibianos.com/iexn/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2646341
URL:	https://bibianos.com/iexn/?1
URL Status:	Offline
Host:	bibianos.com
Date added:	2023-05-30 16:50:46 UTC
Last online:	2023-05-31 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-30 16:54:18 UTC to abuse{at}hostgator[dot]com)
Takedown time:	1 day, 5 hours, 15 minutes (down since 2023-05-31 22:09:28 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-31	doc_C532_May_31.zip	zip	25bb295580b41f9e6d885f656ef7c9875b26567c72a88a0305388017959746b6	19.35%	Quakbot
2023-05-31	doc_F320_May_31.zip	zip	7c5ec503e2436c6f379ad2f3f779aa779e10666b8e8e96609b2e7137e6f3caa5	16.36%	Quakbot
2023-05-31	doc_C760_May_31.zip	zip	dc5defee69d6d01b1ee773546d24f94858c902da9bb6caf378e594a8194e2494	21.67%	Quakbot
2023-05-31	doc_D857_May_31.zip	zip	411766af4fd2b35c390fdcf9d6a64e32012d1f8790f2fed0e1530af669b34c53	24.19%	Quakbot
2023-05-31	doc_D697_May_31.zip	zip	968107362e5865f53d29c9c6b897136477a5e0fd828654b2971126c840f996b5	24.19%	Quakbot
2023-05-31	doc_D473_May_30.zip	zip	6bfa0c27f6c10eab1f76f6629f424fc5ec647b55bcd73e011c328f228cb1d572	20.00%	Quakbot
2023-05-31	doc_B172_May_30.zip	zip	0b43dd26d9f3a13d42a12c7acea01e9c1b190a6e9ad0aa8c45d18c4e616cec2b	20.00%	Quakbot
2023-05-31	doc_A516_May_30.zip	zip	b1c573ccccdcb0a8f5be0c03200a9ba42140f103fc9cb9996e380698385b9cf1	19.35%	Quakbot
2023-05-31	doc_C642_May_30.zip	zip	b221e76386a4002ec52b4b7a24351464e0d784b7b7d0ce8b8303c547c37292b8	19.35%	Quakbot
2023-05-31	doc_C351_May_30.zip	zip	62b66d8fb1fe9ab6dd31ad511806a73726e852c03e6b58130e29399432a68966	18.03%	Quakbot
2023-05-31	doc_F218_May_30.zip	zip	a04e1747b7227d321cfcd7d02b540d9dbb33726afc50a32251aa01bef70471af	17.74%	Quakbot
2023-05-31	doc_B283_May_30.zip	zip	5231937222e1757dab815ae57457942a9e5b942fa8caaa63bd099f184e222b2a	20.00%	Quakbot
2023-05-31	doc_F621_May_30.zip	zip	87228a3fb8cbde2da85b64652174f639965bd8a8e243afdafcafa084026751ce	19.67%	Quakbot
2023-05-30	doc_C026_May_30.zip	zip	b662b29812f034c2419c13cc619e5651446386eeedd4b1ed58462e042745a752	n/a	Quakbot
2023-05-30	doc_F057_May_30.zip	zip	9dee3b478038f3a5c97126e5fd425ed1ec562534c9c076f533db0f6e8c3b36f1	20.00%	Quakbot
2023-05-30	doc_A714_May_30.zip	zip	d7ca6203b7bbfc29c2b673458f586f92bc26c60699b33d4b2baaac180f8a2271	20.97%	Quakbot
2023-05-30	doc_D906_May_30.zip	zip	9d32c9c97412bd5a0c24220259597088e1c95b867c3b02fda52d503f27624787	n/a	Quakbot