URLhaus Database

You are currently viewing the URLhaus database entry for https://mandastowing.com/ulo/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2646387
URL: https://mandastowing.com/ulo/?1
URL Status:Offline
Host: mandastowing.com
Date added:2023-05-30 16:50:51 UTC
Last online:2023-05-30 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-30 16:57:46 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 4 hours, 53 minutes Poor (down since 2023-06-01 21:51:43 UTC)
Tags:BB30 geofenced js Qakbot link Quakbot link USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-01document_A782_Jun_1.zipzip aad2c3ba257d1f6e33987f78094ae3b9a38a37e88b21dfaa700b2754646165bdVirustotal results 19.35% Quakbot
2023-06-01document_D786_Jun_1.zipzip 1dc037ee4767f300d197be32de2f9b2355ea2201cb411aec45f22896249fa358Virustotal results 20.97% Quakbot
2023-06-01document_E823_Jun_1.zipzip d18eca76eed128e84aa75e4b7c820642ed384819839ddff7abe9192b6477e6ean/a Quakbot
2023-06-01document_D264_Jun_1.zipzip f397930c678ee4081b73acdc5a1b2ee607d45bbfc4d050dd356f10406a196c7bn/a Quakbot
2023-06-01document_F479_Jun_1.zipzip 4a4e0a2b948ab0d0393ba63b15fe6fe240a4166c7b1718344c1cb4235c8f3e72n/a Quakbot
2023-06-01document_A016_Jun_1.zipzip ce2eb103e4a8c813408ce101f5adf53af07160407a68ebce46c26ed54de384d8n/a Quakbot
2023-06-01doc_C239_May_31.zipzip 8c538999412e3cd6f227d9f4293e3493a6d58561f04015ab5b847c490c8c3f03Virustotal results 19.35% Quakbot
2023-06-01doc_F982_May_31.zipzip dd11a990c52655bf625fec38337a7426a4914709f7a6bd980df492a23382ae46Virustotal results 19.67% Quakbot
2023-06-01doc_E053_May_31.zipzip ac963fb5fbefd60f3e363adfc259bd293a611198b308914efad94ce831e0f9c0Virustotal results 20.97% Quakbot
2023-06-01doc_C398_May_31.zipzip da6dca2235d2ed0c003abffc53e2de5176acfddb7cf4bbbc5ba6ddeab3a8c136Virustotal results 16.39% Quakbot
2023-06-01doc_A297_May_31.zipzip a44f9e0a9d15e0f02652fe61deae0e942871372b8edb0aefc7b5cda04a3dd815Virustotal results 19.35% Quakbot
2023-06-01doc_A013_May_31.zipzip 221fffbe07202c57270afb778fb565959a113f666f41684571079b7d19c773a8Virustotal results 19.35% Quakbot
2023-06-01doc_C806_May_31.zipzip 7a69deaecb3b846b060b08b6d36cccf978857b479b24b3802c1c4f254b4b1d03Virustotal results 18.03% Quakbot
2023-05-31doc_D849_May_31.zipzip fb3fd2b84478d0747986b17da80dcba69b8e19f08c095213b6fad88dc066bbb6Virustotal results 17.74% Quakbot
2023-05-31doc_C743_May_31.zipzip 81a20a324b114038ca2c44d445e32cf92af909691da488e830daebbc324b12e2Virustotal results 19.35% Quakbot
2023-05-31doc_D251_May_31.zipzip 79fd07e3afb88fcb5977490eb8bf80d7fed93213a2760d7b603b28b59dc3984fVirustotal results 17.65% Quakbot
2023-05-31doc_F125_May_31.zipzip 87ecc44d7fa1a25b5cc688b966bc0e0d809a6f6fd74b05cff563289ac66b0390Virustotal results 20.97% Quakbot
2023-05-31doc_E372_May_31.zipzip 689fdd8159a9c309fe484540bcd56484bed46c94c70dad660f509041699ecdc1n/a Quakbot
2023-05-31doc_F249_May_31.zipzip 0f78f2db5e8b2c32b47661ee56ae475fa4ac696be359cdf55592ebbc87921a99Virustotal results 22.58% Quakbot
2023-05-31doc_B021_May_31.zipzip 31cfad9e10eb3ddd44a33c48a0467aafa8bf7b9246022afdde473cd9159ebc02Virustotal results 21.31% Quakbot
2023-05-31doc_B527_May_30.zipzip 3e78f2b3ffeef6fdc56a8cd5ccad7336a67bd32cbb127c2bebfe95f5024ebba2Virustotal results 16.39% Quakbot
2023-05-31doc_E791_May_30.zipzip ae0c500dfc5eb8b3b940635f077fbfdf88df9c42b6bf7ff94d6f13181e3192b3Virustotal results 17.74% Quakbot
2023-05-31doc_F695_May_30.zipzip dd9269c730b8d2f6c4f1a3dd8402435bfd7320c245875da8069b44c4159a95ddVirustotal results 19.35% Quakbot
2023-05-31doc_F941_May_30.zipzip 0c27e8dd7b0621f1053d0221e705d6b9d2ecdab05dd92c2669d9ce64773d9421Virustotal results 19.35% Quakbot
2023-05-31doc_B018_May_30.zipzip c34a1e13ecb62c5c68348fb3fb27dc204a084ff68d1e0b25925251b843c4ac29Virustotal results 21.67% 
2023-05-31doc_E493_May_30.zipzip 65a651cfd78e5e006a1c59556d132203a52b2ffd8b36eaa806a42f32a1b07f4cVirustotal results 20.00% Quakbot
2023-05-31doc_F690_May_30.zipzip e89a147d161a4286aa4cf6abe96dcd8f68ff737aff25d140f9c0b35d193bee79Virustotal results 20.00% Quakbot
2023-05-30doc_C469_May_30.zipzip b29ce45faa874ca2ea0086265d533025b64555bec9883b0035c3d8f4bed1ffeaVirustotal results 19.35%Quakbot
2023-05-30doc_F835_May_30.zipzip ea5567c0d81ac349b02ef430838e668b2f3d98c5fddc9c2a6b9d4ddeb3c432b9Virustotal results 21.67% Quakbot
2023-05-30doc_E249_May_30.zipzip 3bcfe2d83021bff5053b765467f5e032a372d1883f9750b7881fd4a03aaed97dn/a Quakbot