URLhaus Database

You are currently viewing the URLhaus database entry for https://opencartar.com/esm/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2647623
URL:	https://opencartar.com/esm/
URL Status:	Offline
Host:	opencartar.com
Date added:	2023-05-31 13:31:09 UTC
Last online:	2023-06-02 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-31 13:32:42 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	2 days, 7 hours, 53 minutes (down since 2023-06-02 21:26:10 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-02	document_B346_Jun_2.zip	zip	497ace6044c4b39684d752543e605780e2a19dd50cfbed75826d9188b81815b0	18.64%
2023-06-02	document_A529_Jun_2.zip	zip	ff117c74efa8ce0d0f07eb9f8e7a7380c0d5e6a62431ea67bbe3089b8a099726	n/a
2023-06-02	document_D463_Jun_2.zip	zip	824ba672ae86ced93b5e4db5c8176e21aac3b3f533d6c105d7b760a1db3eafe1	17.74%
2023-06-02	document_D541_Jun_2.zip	zip	60a5f46e6963e07ec26a807d3732ae2edcc7ef9c88bd8cec642d546c8e4e0936	16.39%
2023-06-02	document_C621_Jun_2.zip	zip	ac93a7a58d900f2505d5d481a9ea337dfa68aa767c099d0c2f29c75cc9514399	n/a
2023-06-02	document_E649_Jun_1.zip	zip	74732269227d5ebb8f7aa57f7c2f7b35b4a8bd3522bf07eb6d90283fe74c519c	22.58%	Quakbot
2023-06-02	document_D497_Jun_1.zip	zip	039b8425aeaf8abb7a643ef0514c142bc1f7232aedaa91500d0ccd96309a2bf6	20.97%	Quakbot
2023-06-02	document_F349_Jun_1.zip	zip	6af4a79d3a7fc1d3bc1155a75402a05e3cfd9fec72ed98cd52b5301f3eeea290	20.97%	Quakbot
2023-06-02	document_A972_Jun_1.zip	zip	26af3948ad24fa29dea5523bb6a81c6904838ac5f8c65f1bdd26980053b4a966	20.97%	Quakbot
2023-06-02	document_F157_Jun_1.zip	zip	c5dc25c010c69e670981ee5cfbd705e03b11f0c5d7dcf984f5f0c6e754082e4f	20.97%	Quakbot
2023-06-02	document_E960_Jun_1.zip	zip	227592f02101bb24b388a2c2f30f865bb19987ff4ed3be7ab79c2fdb5416c6e3	20.00%	Quakbot
2023-06-02	document_F635_Jun_1.zip	zip	d7348d3ad5528e0232ba80ba28c60daa1c5b64cba560cb4529f762deef01bdff	22.58%	Quakbot
2023-06-02	document_C598_Jun_1.zip	zip	46fc7e8a17231f03694de1be9c46bc7e2f2eab974d9981c3e999cb01fc64f986	20.97%	Quakbot
2023-06-01	document_C496_Jun_1.zip	zip	0ebebef5d7c1f41775fc99f8bf5f631afacca1ca1908f6fde809ffb31255e053	20.97%	Quakbot
2023-06-01	document_B382_Jun_1.zip	zip	be729574f7c91c7b9304ff32790f2071c5bce0af8ce969f797135c49ccc48bf6	20.97%	Quakbot
2023-06-01	document_E581_Jun_1.zip	zip	6c90a711ac24651bc85c1d9eae61801ddf94d80ab0fd1dcc573a2ee468af9eac	21.67%	Quakbot
2023-06-01	document_B485_Jun_1.zip	zip	1626184c9001deaa24b7951484fc3b3d9445823f24c37336660ac8f76b2f5459	20.97%	Quakbot
2023-06-01	document_A057_Jun_1.zip	zip	e0ea34cd20c4a8736c52cd83e74b6fe9cc10621bc4918aaa62f7766e5d730f51	n/a	Quakbot
2023-06-01	document_D312_Jun_1.zip	zip	2bb94d357d80155ad77dabe680d1adb1101d97fbec735f1bc5d3c48d08dd1b54	26.23%	Quakbot
2023-06-01	document_C506_Jun_1.zip	zip	131ab6bd0958acf993abe11af02e997e8b3ae8b16e3c7576ad155f7a88d6c91f	n/a	Quakbot
2023-06-01	document_F320_Jun_1.zip	zip	2c4b3db6ae842ddb22d4f673ea08332f74a0095a125144baf75518b4823aa84d	n/a	Quakbot
2023-06-01	doc_C146_May_31.zip	zip	7b9972d4cd030332aeeeb980cf57f75512eae77024c858ad53c8cdf8aa94d484	19.35%	Quakbot
2023-06-01	doc_F860_May_31.zip	zip	a5539c79712ee67c85f4bf5f1e8fd979bc0e8e0d6f5052bcb35fe5d09c3cedc7	25.81%	Quakbot
2023-06-01	doc_B934_May_31.zip	zip	1ea99f3a54222af795667955ced8074d4586a5c04abd6e2d07e892d3c154b16c	20.97%	Quakbot
2023-06-01	doc_F629_May_31.zip	zip	5e079ded1cdee916f073cc21a2e658d9bbecdf4faede2a2b9a2ca6fd4e506226	24.19%	Quakbot
2023-06-01	doc_F913_May_31.zip	zip	09d6de5f0f1985358a1fe6ac70718ad9710e75d86a959b260ee4015f89b5ce74	20.00%	Quakbot
2023-06-01	doc_D240_May_31.zip	zip	51dc62d4cfa9477886035a361527df772c77405592dc908b90fb343264aebcc1	18.03%	Quakbot
2023-05-31	doc_D623_May_31.zip	zip	b7aa48888907b85d3a0236ccdbfdb6ee54e62f0329d3540ab5540fe82447df55	19.35%	Quakbot
2023-05-31	doc_C238_May_31.zip	zip	8863c3135541dae647526afa4ae3d886d4cfc8ab88c988a0b286c76137956f2b	19.35%	Quakbot
2023-05-31	doc_D791_May_31.zip	zip	cbe4de80d3a7f894ec50b9b566002889656f27710a677c877c7b2c63828558a6	19.67%	Quakbot
2023-05-31	doc_B974_May_31.zip	zip	d8b53d15ef0d2178151f6c4cdd5eb470bd6e45d50b9f59df2a962c23c6eaa2ae	20.97%	Quakbot
2023-05-31	doc_B689_May_31.zip	zip	9a117d5ebbe76e3bef6fe132c1226c9be9e48b0a64c358600885644090772f3b	17.74%	Quakbot
2023-05-31	doc_A102_May_31.zip	zip	0c97f415ab9452167e4fb92172598923ad8645bc1b430209e4dcba5df226dfc7	n/a	Quakbot
2023-05-31	doc_C028_May_31.zip	zip	25d9ed3a6767ecc17f435e41ab36944b02ade7c9a9d1d553d6d2ea84cf78313e	n/a	Quakbot