URLhaus Database

You are currently viewing the URLhaus database entry for https://batamtrading.com/dt/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2646574
URL:	https://batamtrading.com/dt/?1
URL Status:	Offline
Host:	batamtrading.com
Date added:	2023-05-30 16:51:12 UTC
Last online:	2023-05-31 19:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-30 17:00:10 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:	1 day, 2 hours, 20 minutes (down since 2023-05-31 19:20:15 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-31	doc_A328_May_31.zip	zip	fc5170b61e14986a67e6a6d833041434eb7f194cff16fd2406433c4e17a954da	n/a	Quakbot
2023-05-31	doc_E251_May_31.zip	zip	13e2e6fd44a1599710d8058cef8cf3986d84840e0c47e5aed0f4d830da0ab1ca	22.58%
2023-05-31	doc_D763_May_31.zip	zip	a304c4f5b22b0ded423520a717e8d7215f44925146442fcf8fe188174876bd98	n/a	Quakbot
2023-05-31	doc_B972_May_31.zip	zip	f9a8c133a242206bed5ff93182674227790c949ac7d8ceac5101b428e3e389ff	n/a	Quakbot
2023-05-31	doc_E270_May_30.zip	zip	87a1c848b7f288c65221b259b83e93dfb589c65ac7a85f46e499038bb0fa6a63	17.74%	Quakbot
2023-05-31	doc_D342_May_30.zip	zip	ab86fe02493e09669e3c211b8e333bf5408f390e05f9624f0f69e214b5b69feb	19.35%	Quakbot
2023-05-31	doc_E843_May_30.zip	zip	f88a02d7dde6317bd5c3c491f992ea9693c4ff625f28e81863da95f5d363883c	17.74%	Quakbot
2023-05-31	doc_A612_May_30.zip	zip	70984bb617d6ce5ab172af768dce35fdec6301e78d320db736b97c1f72547731	19.35%	Quakbot
2023-05-31	doc_E063_May_30.zip	zip	47cf1983d3b029b1e291cf69a5bf3dcd8694a6d08c4654072644a85fe901d2e1	19.35%	Quakbot
2023-05-31	doc_D345_May_30.zip	zip	718dbe354fc126eeb08be2005ce01022d37a65f8d40e7dee50387c65ce0dbe83	19.35%	Quakbot
2023-05-30	doc_E749_May_30.zip	zip	9b29ffbf8d68ad3edff5b43af1e5acb545ceb78cebbc6a4042b3ad6a88ab82ae	18.03%	Quakbot
2023-05-30	doc_F783_May_30.zip	zip	eb0f04ea890da288f2a87adf3b268f0d555970972c0b96cb65243f1a54b8a9ee	19.35%	Quakbot
2023-05-30	doc_A521_May_30.zip	zip	3c6be06b10d857130a2427c10632e65e5f9352a1c6f2cb813865faff01c58beb	20.97%	Quakbot
2023-05-30	doc_E316_May_30.zip	zip	9e90fa396766892082adefec4ee2dc1c350d6a589619cb24dfdeaa086a6a155c	17.74%	Quakbot
2023-05-30	doc_B039_May_30.zip	zip	ae335a1f48ccc0123d4e2de528317efa692d016d51217d4a3706a79b16209aca	19.35%	Quakbot