URLhaus Database

You are currently viewing the URLhaus database entry for https://elsassdestination.fr/snut/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2646540
URL:	https://elsassdestination.fr/snut/?1
URL Status:	Offline
Host:	elsassdestination.fr
Date added:	2023-05-30 16:51:08 UTC
Last online:	2023-06-01 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-31 17:06:08 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	2 days, 6 hours, 4 minutes (down since 2023-06-01 22:56:21 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-01	document_B096_Jun_1.zip	zip	677051c707b836620b214972db238a7462b7f46f8993badce5f541b3d4d35375	21.31%	Quakbot
2023-06-01	document_D507_Jun_1.zip	zip	1191dd98c4f3873bc81833c6d83237dc5339adc9849248a3713a8047b7f47f8f	22.03%	Quakbot
2023-06-01	document_B159_Jun_1.zip	zip	564de1e85cf8280b704dbebfcba2dae0935d3425780b0c2e40ce40af391b59ae	n/a	Quakbot
2023-06-01	document_D731_Jun_1.zip	zip	09803f72cea335408db8f21ee9889bebc60547be3f55e03ab0bb61e6af236a1d	n/a	Quakbot
2023-06-01	document_A410_Jun_1.zip	zip	eb99e4e1df8c2b49b406650f93b2c1fe4a2b087d5bca28d71eae1e3f702d5650	n/a	Quakbot
2023-06-01	document_D085_Jun_1.zip	zip	888afd99c8973debb0bb96fb6eedb157c705c95177838122c62e008a3ebc7e7f	22.58%	Quakbot
2023-06-01	document_B650_Jun_1.zip	zip	38c41e908436ad751960c143abd08a0fe27b5ce4d970ad36b0b0ec2ff17c3237	n/a	Quakbot
2023-06-01	doc_A278_May_31.zip	zip	b751c22b2679cf009f3aab78a00bd34867778f73836077ba306df5d2e20541b6	19.35%	Quakbot
2023-06-01	doc_D718_May_31.zip	zip	b866297c0053537871f9f4692336db29a74a0c6e1567d0dcf2f80f8ca962a6c7	27.42%	Quakbot
2023-06-01	doc_A524_May_31.zip	zip	12ec73ad0e2160bfd7870a630f1591d78bdd591fd64358a4d4f98ec937ad0f30	19.35%	Quakbot
2023-06-01	doc_E572_May_31.zip	zip	ad87980d63d3681403ba2750644e2bd29a1e844c10c3baf864af49bb9f74f496	19.67%	Quakbot
2023-06-01	doc_A347_May_31.zip	zip	569fc5ac63d53c916b5c89880b4caeb29988876351c22f2d70182ca11ef45b19	20.00%	Quakbot
2023-05-31	doc_D490_May_31.zip	zip	53b899c26179c2ce22673d57df6b0e5797d5a1b2399c6fc6b4c6a7809d895ee9	19.35%	Quakbot
2023-05-31	doc_B934_May_31.zip	zip	1ea99f3a54222af795667955ced8074d4586a5c04abd6e2d07e892d3c154b16c	20.97%	Quakbot
2023-05-31	doc_C692_May_31.zip	zip	00f2132fe8194afe2404e65ce5987d3113dd7274e3180c329e27ac72a5531557	19.67%	Quakbot
2023-05-31	doc_C635_May_31.zip	zip	cf173c08e14cac7d4ce6d502859ced972d270de42251f7b597e5329e9fab4f47	n/a	Quakbot
2023-05-31	doc_D520_May_31.zip	zip	72bad30dc90b592204f1edd491e0f15c249a0c5fa3e22df5f188608351523399	n/a	Quakbot
2023-05-31	doc_A527_May_31.zip	zip	e30a5cf8040d1f3c4a5dabf992b6dc694f13bbb67826c909a3f4807ac083add0	n/a	Quakbot
2023-05-31	doc_C079_May_31.zip	zip	fad1a4ce441a60a9ef45fe7eb6b9b2b59599789dc5a35684eab299ec7f2ab024	n/a	Quakbot
2023-05-31	doc_D487_May_30.zip	zip	a0d4141d0e02d28d7d0c46038a711393ec0837f5f83778b6ea644088294cf3f3	19.67%	Quakbot
2023-05-31	doc_F640_May_30.zip	zip	d65e2cc3c6c924c2c6fe3a64f1dc01b0d55d5e3316a8eac3f60c980d9e478096	19.35%	Quakbot
2023-05-31	doc_C904_May_30.zip	zip	9184a33024151da37774a5aac1986ee02c4140c9c7cbe9357121fc0a09007ae6	19.35%	Quakbot
2023-05-31	doc_B726_May_30.zip	zip	bb6e5bd0ce383bcdb08f6b6577e293d75882828514389da541e440a44848fe9c	17.74%
2023-05-31	doc_A529_May_30.zip	zip	4a86e26c72850f668615162eca236c9f27e83a0fa7744fc9a98164759bda0916	17.74%	Quakbot
2023-05-31	doc_F602_May_30.zip	zip	9caaccac4ba9c8ef8691c21080e445865e785e7eab5191e947db168eb590a7b2	20.00%	Quakbot
2023-05-30	doc_E749_May_30.zip	zip	9b29ffbf8d68ad3edff5b43af1e5acb545ceb78cebbc6a4042b3ad6a88ab82ae	18.03%	Quakbot
2023-05-30	doc_D615_May_30.zip	zip	7dbc1546b9051c5167d9481a3ee83ab12ae4a31c48e152f423c1d0881e239718	20.34%	Quakbot
2023-05-30	doc_F341_May_30.zip	zip	48217a711c9d88696bba7b2520b724fbb2b7361904aec13289df1fd07d871c0c	n/a	Quakbot
2023-05-30	doc_A710_May_30.zip	zip	d00749fdb01a585559d6ae842bde9375b42acc1fb191b5e0b7ddec629f65831e	20.00%	Quakbot