URLhaus Database

You are currently viewing the URLhaus database entry for https://ninetofab.com/iui/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2646564
URL: https://ninetofab.com/iui/?1
URL Status:Offline
Host: ninetofab.com
Date added:2023-05-30 16:51:11 UTC
Last online:2023-06-01 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-30 17:00:01 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 5 hours, 23 minutes Poor (down since 2023-06-01 22:23:40 UTC)
Tags:BB30 geofenced js Qakbot link Quakbot link USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-01document_C239_Jun_1.zipzip bdd2c72c9f04de52b5f9b97b8ea89496c6f33dbdb85b8448cd3d42815d9cc305Virustotal results 19.35% Quakbot
2023-06-01document_F254_Jun_1.zipzip c2a8a2978d17c2a93b00b54328554070e6687f520e2491cba272fb2439efe2c6Virustotal results 20.97% Quakbot
2023-06-01document_B207_Jun_1.zipzip 51f703fe26c05019536839facc8582ce24c78f966b758835163de884f7aa89f6Virustotal results 19.35% Quakbot
2023-06-01document_E203_Jun_1.zipzip 09a9282ea8fca30123bb2c6234305ba62bae98f03a49c889c2e3526a2c2d477bn/a Quakbot
2023-06-01document_E371_Jun_1.zipzip 5767f1b80664ed0703f21627e5709780de907dffc524ba30542d5eba6c8d0740Virustotal results 22.58% Quakbot
2023-06-01document_D842_Jun_1.zipzip ddff766f154da1f065a7b290c6c4dd32d840b80f1403dbd9383109c5ad4264fcVirustotal results 22.58% Quakbot
2023-06-01document_A061_Jun_1.zipzip 234b6d190f9b34542a5d4e7d8e35119150ab5f5046a9dcd22aa22e3c4a3ef1bbn/a Quakbot
2023-06-01document_B497_Jun_1.zipzip fd13509782b8999a43c221db3adde40d2d61e381ba554c903fe05c8e3b1d5061n/a Quakbot
2023-06-01doc_C379_May_31.zipzip 53c4f92f96be83914a503487438037f3b4958004ed9a2d36b631708407a94770Virustotal results 19.35% Quakbot
2023-06-01doc_E123_May_31.zipzip 011e47c478be958768f13367f6ce1c941544d5e7c8db0199e3c0d9ed85ed5b67Virustotal results 17.74% Quakbot
2023-06-01doc_A527_May_31.zipzip e30a5cf8040d1f3c4a5dabf992b6dc694f13bbb67826c909a3f4807ac083add0Virustotal results 20.00% Quakbot
2023-06-01doc_D658_May_31.zipzip 61ab3cb0902d626ab3a7e2518779baab143344f446416f07de5c652ec8fe1407Virustotal results 27.87% Quakbot
2023-06-01doc_E168_May_31.zipzip 506325bfeedd81e76be15866943bd17670d34e715025d6d6abe6caa7cc75b6faVirustotal results 17.74% Quakbot
2023-06-01doc_D120_May_31.zipzip d1e96f48c0a6696530b05f9526ff0cd3e2e9a63658421f60913c977f9dcc261fVirustotal results 19.35% Quakbot
2023-05-31doc_B780_May_31.zipzip 56dec9d2cc2a9f32482bc8006f8858fec204151b6de3b8603958e57c37a5fcd3Virustotal results 17.74% Quakbot
2023-05-31doc_F296_May_31.zipzip b745197aaa79eb8c42e3a95ef8738a3cc14a285568eb112867be70f6f37c37d6Virustotal results 17.74% Quakbot
2023-05-31doc_C350_May_31.zipzip ceaa2a6a7bd4c6c5343c06cc650ab6723628c5b72f4e5a26af09a12cfb367095Virustotal results 20.97% Quakbot
2023-05-31doc_C728_May_31.zipzip 7046c2a0de101a078dc3aaaa864da95dd1f1d6541ffa3a294aadca4c3f232d33n/a Quakbot
2023-05-31doc_C493_May_31.zipzip 84dc718e6a8ac6c0040d304c24b0e76f308f101b2ff8cd3fc7c61c5f252eaf08Virustotal results 21.31% Quakbot
2023-05-31doc_C127_May_31.zipzip 242fa968ecf4bf3980534e6548c0b695e9c12a6edd5c6d265da49339ef2446b7Virustotal results 20.69% Quakbot
2023-05-31doc_A098_May_31.zipzip 4286c141567c7d5f13bb897a200b5348a8720c98f140bf19ad08c74b1668fc98n/a Quakbot
2023-05-31doc_E591_May_30.zipzip 1d42be85ccf9fa534c0c2e6e125bc8b9742a50280592846935a034009f6e17aeVirustotal results 19.35% Quakbot
2023-05-31doc_D487_May_30.zipzip a0d4141d0e02d28d7d0c46038a711393ec0837f5f83778b6ea644088294cf3f3Virustotal results 19.67% Quakbot
2023-05-31doc_D172_May_30.zipzip 9c5e9d183bcadd4b7a89a6b61d8632cef79b2ab5e89b2d53b6b44a3ff2ea0eceVirustotal results 19.35% Quakbot
2023-05-31doc_B071_May_30.zipzip 985061ad6c6ea4d4a69b31dbc1d8564e6225c85e60c07a01479a9ce3786901ecVirustotal results 21.67% Quakbot
2023-05-31doc_C350_May_30.zipzip b1b6be4d52db91660f88dce015fc68fa948f5c8d580933572aa9c6079134fd94Virustotal results 19.35% Quakbot
2023-05-31doc_B816_May_30.zipzip 89812bc4c210fa8a8cbea311e13675402ee30150fb085bc8b87919b2bceb54a7Virustotal results 19.64% Quakbot
2023-05-30doc_A095_May_30.zipzip feecedd121bbcb92afddb472669ab39aa3bd6dd1b2272862638895585d57f8e6Virustotal results 17.86% Quakbot
2023-05-30doc_D275_May_30.zipzip b9b80097876c242100bddc0510713058ee21792beb7715bb79aca8140ff2bf79Virustotal results 19.35% Quakbot
2023-05-30doc_A907_May_30.zipzip bd17c24e57fbbea39f615a1560957a5ed8e575279908db09a3e398d988463961Virustotal results 16.07% Quakbot