URLhaus Database

You are currently viewing the URLhaus database entry for https://allerorts.de/ultq/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2647605
URL:	https://allerorts.de/ultq/
URL Status:	Offline
Host:	allerorts.de
Date added:	2023-05-31 13:31:08 UTC
Last online:	2023-06-02 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-31 13:32:52 UTC to abuse{at}space[dot]net)
Takedown time:	2 days, 7 hours, 30 minutes (down since 2023-06-02 21:03:36 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-02	document_D864_Jun_2.zip	zip	b9d9ad2283acfe3130b8980dd0b69f6e3199117b325cf6992acecfb56c2f72ef	19.35%
2023-06-02	document_D652_Jun_2.zip	zip	c82c5c7ed19355de43e37e12840cc0e06b0882cb5109dd37eaf610b152df6e9c	19.35%
2023-06-02	document_A756_Jun_2.zip	zip	e4294ebaf8f0a286b18f365f6921ffc07c0fed9fd899958d6e9fa3dfa93cac82	n/a
2023-06-02	document_B139_Jun_2.zip	zip	afef1c985decbeef1a61f24bfe5e1f5e7ed8bbcb4be3e4ed3e0bc44184668bd5	19.35%
2023-06-02	document_C895_Jun_2.zip	zip	d970b46adaea48a1ea8ce879ac557b0028e0ac48d823aea9db68165847de4aa4	19.35%
2023-06-02	document_E217_Jun_2.zip	zip	3563e963cc4dd69336900362d61fae667ba26fd327e899d2e025f550efad44fb	17.74%	Quakbot
2023-06-02	document_F078_Jun_2.zip	zip	9d1ddbec56a78900d8fc11ceef12d4826183befec92fb9bab3473258f04b77d5	n/a	Quakbot
2023-06-02	document_F012_Jun_1.zip	zip	440b9034a43f9094107fa012566c69713dfc0232ea7cbc52cf584ed88be54465	19.35%	Quakbot
2023-06-02	document_C680_Jun_1.zip	zip	61daba7ea0cfcb98497102a8f4cbc21f36c6afe824e752ff51cc8e5b4b2c60a1	20.97%	Quakbot
2023-06-02	document_A387_Jun_1.zip	zip	9bd35fed511d6890b2d2e991a243fb6318e69eb2ab26c8b74dfe419263588553	20.97%	Quakbot
2023-06-02	document_B941_Jun_1.zip	zip	2ee8cc23d87da52d36d0b1a0fe1c12c81b0b0134a04e1abe420d607920163855	20.97%	Quakbot
2023-06-01	document_A927_Jun_1.zip	zip	213e6365e5f423d117106b1336b183c2c727d76c03fbaa79ccf1e537a4b1145c	19.67%	Quakbot
2023-06-01	document_B842_Jun_1.zip	zip	bc59402da8a16bd56b148eedf24a06ccac4fac24d944b1df269144739ac33a5d	20.97%	Quakbot
2023-06-01	document_D512_Jun_1.zip	zip	ffde76ed6942149a4371d1760f1010bb64f5dce56b732d82b2dd02e0f92cd20a	20.97%	Quakbot
2023-06-01	document_A513_Jun_1.zip	zip	ffaf3f6ac82d4f11d8d2dfa1ab4e08ea9d8029c842caccfd05bef63c7933d138	19.35%	Quakbot
2023-06-01	document_E301_Jun_1.zip	zip	12d715d01fb0036839d046aa0ff39ab2c1532322754d94dd2cec8aa8f8d0731e	20.97%	Quakbot
2023-06-01	document_D325_Jun_1.zip	zip	048a38ca515e4e0518d5d3563a6c97e62900373dc692ff6dd0c3b6c3c984f7d4	21.67%	Quakbot
2023-06-01	document_F784_Jun_1.zip	zip	a9f729ef83e095a37d342e58377b54055908653bfc9388964c90cd7cb792e307	22.58%	Quakbot
2023-06-01	document_C307_Jun_1.zip	zip	1ba52ec71b05156015555d441f3f18ead5a2d8cb8d80ff4e158d0037ef6858e7	21.31%	Quakbot
2023-06-01	document_F163_Jun_1.zip	zip	9e252d701a138198d85be9da26334d2bea3e0364922134d27945bc1ac054f910	n/a	Quakbot
2023-06-01	doc_E379_May_31.zip	zip	ad71eb171e28d20e8830f95e9ff1dab88beaaf8ff4160aa0a3a7bc84351a8718	19.35%	Quakbot
2023-06-01	doc_D652_May_31.zip	zip	378a919acea43214f20c855c0cdaa67403c38dc89eb65b03420f078944400b8c	19.35%	Quakbot
2023-06-01	doc_D761_May_31.zip	zip	1f58258e3c92e3772f1c8367dd05cb4c9bf5f074a8d522c548af515e36990cda	20.00%	Quakbot
2023-06-01	doc_D791_May_31.zip	zip	cbe4de80d3a7f894ec50b9b566002889656f27710a677c877c7b2c63828558a6	19.67%	Quakbot
2023-05-31	doc_C915_May_31.zip	zip	966107b495df61e73caf3a3d6d541a34b7c338b4fc17fc50b9967264adc9cace	17.74%	Quakbot
2023-05-31	doc_C901_May_31.zip	zip	8cbc810699f77821a3c1e4383e89ef7088042993ff110d562ab011b268c4c74e	15.79%	Quakbot
2023-05-31	doc_F675_May_31.zip	zip	4c171a4f382f29a4e21965f19a385132d3c0eac789c456ff4495465895ff9302	n/a	Quakbot
2023-05-31	doc_A546_May_31.zip	zip	d96e218870df535028886fa421421c8ee7e6c13744537cfe0e7254973bd45a41	20.97%	Quakbot
2023-05-31	doc_A793_May_31.zip	zip	b10c7f34c25c168d4e8daa9af47aa927ebd22574d6314316945bd135edcad996	22.58%	Quakbot
2023-05-31	doc_B908_May_31.zip	zip	c89aee78410ce45d20244fe702f7ad45fff4f938cde1f78a9942bd1c583eab7d	n/a	Quakbot