URLhaus Database

You are currently viewing the URLhaus database entry for https://klimabilgisi.com/uom/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2647737
URL:	https://klimabilgisi.com/uom/
URL Status:	Offline
Host:	klimabilgisi.com
Date added:	2023-05-31 13:31:22 UTC
Last online:	2023-06-02 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-31 13:34:47 UTC to abuse{at}godaddy[dot]com)
Takedown time:	2 days, 7 hours, 33 minutes (down since 2023-06-02 21:08:36 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-02	document_B573_Jun_2.zip	zip	b9d40575a9fb0287bff6141184f25809c451ad42d3ca85d0dfbcde3accb1a3fc	19.35%
2023-06-02	document_D016_Jun_2.zip	zip	a6b6ac0784029bd69d685630cfb6d92ef5f1f059486cc2d0f6293f975dbd1f3d	n/a
2023-06-02	document_F459_Jun_2.zip	zip	aad4e0549b000f020baae77e48cb4fd22a9da0b190611e152b2ccf316054f2c5	n/a
2023-06-02	document_C903_Jun_2.zip	zip	30033b784407dcf9b8547dec59dd73fd8ab9404f94c9329b22ae7a55c96da15e	20.00%
2023-06-02	document_D865_Jun_2.zip	zip	b629ddce4b60e28eefd657f574877b54e4388cd7799b918949981ab615ba9652	17.74%
2023-06-02	document_A273_Jun_2.zip	zip	9c40a4857909791594791c263a1901242732866a7beca60777a9167b86334e60	n/a
2023-06-02	document_F953_Jun_2.zip	zip	2785d579cb5d386f64b47e9b38b57d4c9c8516b700b820fd6b97fb6f7129c891	n/a	Quakbot
2023-06-02	document_A865_Jun_1.zip	zip	5ba8a3d15dad95ec1d12e698ff5e20b8eaed24891d70604db4955104772861a0	20.97%	Quakbot
2023-06-02	document_C753_Jun_1.zip	zip	805bda13b757cfe173230156d3030f684780182f10eb9ca93fc2834e1b346542	20.97%	Quakbot
2023-06-02	document_C693_Jun_1.zip	zip	53a75af138d45a688ad57445697985cc88734bd423046d1cbd4c0a1da5b10a0c	21.31%	Quakbot
2023-06-02	document_C347_Jun_1.zip	zip	eae4efd3d03069cf187662d95f4359d55e1b242602547d9ad51274d0e9bbe7d4	20.97%	Quakbot
2023-06-02	document_D504_Jun_1.zip	zip	d6497ef7f6afb6117494197bc6dcb6e4ad9f5a35d7abe3f178df04e7263efdea	20.97%	Quakbot
2023-06-02	document_F163_Jun_1.zip	zip	c78dd5a66088efb72c463a1c27ec09b6aab91062386fb85b8fb5733516bc43e2	20.00%	Quakbot
2023-06-01	document_F769_Jun_1.zip	zip	10f447a4145a50410ef7858286ce0bd5a62a27c289a2d06ce78b4040976c1276	20.97%	Quakbot
2023-06-01	document_E438_Jun_1.zip	zip	e696c1d897e538655d14c171ec8a45225a27e99d41f1b0645cddb63cff46b0b2	21.67%	Quakbot
2023-06-01	document_C504_Jun_1.zip	zip	dab84ebe99a1836b92e8fed90451e59f0ae94ed375b469017e05a8a50f669f5d	19.67%	Quakbot
2023-06-01	document_E062_Jun_1.zip	zip	c2bd611aec129d88745345f91b586dab1da45e3d7f64ca721bd32f940bc486e3	20.97%	Quakbot
2023-06-01	document_A489_Jun_1.zip	zip	54ffc1ef80832ae117273999656742e981f46ab1cba9a0d32514793dee79e9a9	20.97%	Quakbot
2023-06-01	document_C520_Jun_1.zip	zip	7a8944f9a9e4f7c4818f5932026a14c3556f3116e176914017987ac329cec7d7	n/a	Quakbot
2023-06-01	document_C973_Jun_1.zip	zip	322720f5dd39c0f277821fd56e390e88926ee33a7f2a6428202efafc1dc6b148	20.97%	Quakbot
2023-06-01	document_E831_Jun_1.zip	zip	c0700a948489ec33d19a69042558d55cc735503f777ae0aa56e5375a5420f061	22.58%	Quakbot
2023-06-01	doc_C627_May_31.zip	zip	933c85083a69efd058d75fa1b06b68fd253b26abbbaa10b6ba3aa19c2fba9b0c	21.31%	Quakbot
2023-06-01	doc_C062_May_31.zip	zip	ea42ac1518d7d52880f05c327a3d7557c4c13b5e5b2483b69ef2680d6ce16117	19.35%	Quakbot
2023-06-01	doc_C546_May_31.zip	zip	ba88ae5188fa649bf8cf6e338cf7b1051cf523e36d3bc400ca20e635479a0c1d	17.74%	Quakbot
2023-06-01	doc_E107_May_31.zip	zip	bf4f1bd33a669655e7078f837738d36371d83c9f42caefb2bcf4699c4557b4e7	19.35%	Quakbot
2023-06-01	doc_F468_May_31.zip	zip	a6c56d9174cabbca44d40dafad3290cbd98eb3edf0b7c2ea82039c127aa713e7	25.00%	Quakbot
2023-06-01	doc_E839_May_31.zip	zip	d7729f7ed0379f9b28da68ae1e9a5acdef5602761aac2964f85b985382e92cc9	15.79%	Quakbot
2023-06-01	doc_F386_May_31.zip	zip	c762c22463606bab9d393ae6dc3d8c02320463c7767946618969af08cb13ef12	19.35%	Quakbot
2023-05-31	doc_E215_May_31.zip	zip	9277f96ded37cdfdb122e18f77bbb0e14aabd69e4caf898b18647db156d04b50	19.35%	Quakbot
2023-05-31	doc_F217_May_31.zip	zip	d8328bd9fff4fb06b15c4e2f3226415e98537969270e87672e3fd48bb7e2c772	21.67%	Quakbot
2023-05-31	doc_A290_May_31.zip	zip	6a47aa32f8bda93503314da53e48874585bc91686b6dcc57c7dc94a179e00e95	19.35%	Quakbot
2023-05-31	doc_C790_May_31.zip	zip	2c1e348a97a9f865704374b2cc3c2c20ebb174d7ae577a837709364f169ca2e0	19.67%	Quakbot
2023-05-31	doc_C846_May_31.zip	zip	b51afa683f8ae69eff86f87cb3f834bd912d754a9c1db9a3a8b96e8f4df7d9c5	n/a
2023-05-31	doc_E518_May_31.zip	zip	482905771227ec22adfe63490951bcf68ffeebbeab30e656016405579f3dd9ec	22.58%	Quakbot
2023-05-31	doc_C653_May_31.zip	zip	b2f602fd7a7cae6fee7d3b9c696ccc904b5855f65d971ba4ab37a3455304310e	n/a	Quakbot