URLhaus Database

You are currently viewing the URLhaus database entry for https://grupo-cala.com/ncmi/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2647820
URL:	https://grupo-cala.com/ncmi/
URL Status:	Offline
Host:	grupo-cala.com
Date added:	2023-05-31 14:29:11 UTC
Last online:	2023-06-02 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU100125652 created on 2023-05-31 14:30:05 UTC)
Takedown time:	2 days, 7 hours, 56 minutes (down since 2023-06-02 22:26:23 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-02	document_C709_Jun_2.zip	zip	ab7dbf494c503c5d5b12198904005f22d5a9706c89d0c396c1eede1ad9a2730f	19.35%
2023-06-02	document_E973_Jun_2.zip	zip	125b915f7ea8b4b1bff9d3050dd5666b8fcae98b04e4e3b10d928ac325a9fab2	n/a
2023-06-02	document_C107_Jun_2.zip	zip	ffa26166de6336e088bb18a2514c0271d3f88950b34e4c8b7fed3488734cd89b	n/a
2023-06-02	document_A742_Jun_2.zip	zip	948d8bd7a88aebc7fbeacac67aed552ddfc02d3d4a3f09c84f87e80d8dd6483d	n/a
2023-06-02	document_F250_Jun_2.zip	zip	d86d0b8d5fca7cfcf6e2b668eb0f0c9acf48fb57f706450c5fe68a33c3be7ab7	n/a
2023-06-02	document_B974_Jun_2.zip	zip	aad160dc4277965908f1bc57a4d8adda65898706888dff34d59bf77d54e7e4f9	n/a
2023-06-02	document_D539_Jun_2.zip	zip	ec4101236462ee13b791885722c285dd6100a32e96d51f813d9c3bd03216af71	20.00%	Quakbot
2023-06-02	document_C821_Jun_1.zip	zip	92d3b776a015eb53af3c9881767dcc41853042b6e679e5bb31198e18e06b7612	20.97%	Quakbot
2023-06-02	document_D362_Jun_1.zip	zip	aaa9e6afc5314dd2f9afa780f0cf3b1f9874aeedde359f0b7ae082468acd7481	19.35%	Quakbot
2023-06-02	document_A483_Jun_1.zip	zip	2a558ab2720c220fa3e98d5dfe48905939af5898950ba75fa5782fb407cbc5a8	21.67%	Quakbot
2023-06-02	document_B837_Jun_1.zip	zip	96b837370c9babd613a9d4e20bb0b0f6df0a2f75a5bfcab305d8e7bcb2b5bda2	20.97%	Quakbot
2023-06-02	document_C841_Jun_1.zip	zip	995181d957d9f34c5d2c0b166ab8cb0dffcc0d192414cde2360551a06f8e0f0d	19.67%	Quakbot
2023-06-02	document_E986_Jun_1.zip	zip	acd5eec8fd98da4ff4aaf154427a4be18489f677aef0372261e661f7f1f6994b	20.97%	Quakbot
2023-06-01	document_B103_Jun_1.zip	zip	d694225b7692dc65f4229ab11363cad9d7b14228c82304135e484341397c9038	20.97%	Quakbot
2023-06-01	document_A250_Jun_1.zip	zip	3f218ee41134fc4d842d4a51641289e9b398d2ac887849bf1c90c30f8f90fd4e	22.58%	Quakbot
2023-06-01	document_D759_Jun_1.zip	zip	d2d9765aa5a52887c44afdd41164a645b5d08d2c106ef5653c62ceb1ca3d5a7a	20.97%	Quakbot
2023-06-01	document_C485_Jun_1.zip	zip	72c4ee1b31458241deac61c1c6d995a4a7bcb8e525678befbe322655301bac64	19.35%	Quakbot
2023-06-01	document_F681_Jun_1.zip	zip	7b70d75c02df5561631e8b8c1f1680473b3eaf9ec2c7516ec5cc94dc39d61ce0	n/a	Quakbot
2023-06-01	document_D263_Jun_1.zip	zip	ac2cac2fba3cfb09660af6304ba8bf5bf211e7a3ba87294d5f977210d8e22a75	n/a	Quakbot
2023-06-01	document_B457_Jun_1.zip	zip	0c849f3e64eacae4fe82daa4f5da374196933044d02419c8311f70209dec9b02	24.19%	Quakbot
2023-06-01	document_C973_Jun_1.zip	zip	322720f5dd39c0f277821fd56e390e88926ee33a7f2a6428202efafc1dc6b148	20.97%	Quakbot
2023-06-01	doc_C243_May_31.zip	zip	b7de524919fed12b3ce0b7bdcdd7b818e7c8fea03a4a032f23c8520661981f41	19.35%	Quakbot
2023-06-01	doc_A479_May_31.zip	zip	61c52facf84c2c084393953b66c7d0893377f5a21d08e508f506d25a71cdd1af	17.74%	Quakbot
2023-06-01	doc_F572_May_31.zip	zip	70f900a321924ebb71a13c1af1081b5bcd954e3ffcc7f3c46609e779143632e3	17.74%	Quakbot
2023-06-01	doc_F357_May_31.zip	zip	b950519c15ae900aca4d9ec301dd40551ed4c7490101e6a99a83d6834490e707	17.74%	Quakbot
2023-06-01	doc_A675_May_31.zip	zip	362974a022ecc3db0898c35cb40f0b769fa144f82faa4788234549324348e175	19.35%	Quakbot
2023-06-01	doc_A527_May_31.zip	zip	e30a5cf8040d1f3c4a5dabf992b6dc694f13bbb67826c909a3f4807ac083add0	20.00%	Quakbot
2023-05-31	doc_D278_May_31.zip	zip	f81d5562b7ea60ecc55918befb028bfe7833ddfcc6f625669af64dcd223057cd	19.35%	Quakbot
2023-05-31	doc_D861_May_31.zip	zip	959cdbb839766f26b23347cf917df0f7256d31e648d03bfd42b30c0207734bf5	20.97%	Quakbot
2023-05-31	doc_E307_May_31.zip	zip	9c50d12bf120c96968fb6b966ba381d67796895c6a9154dc38f28ccbda5dfd68	n/a	Quakbot
2023-05-31	doc_E638_May_31.zip	zip	d93b2a88b77e6a72f889f131161e78e6005eb74731b89729fca4a328342bb5b0	n/a	Quakbot
2023-05-31	doc_C671_May_31.zip	zip	c5a01240625e312543e309f01a63106f2e6bf887eedbb538bf99aa2e7556e6a9	n/a	Quakbot
2023-05-31	doc_D274_May_31.zip	zip	99c87ad672d20537dcb1e3980fcd533fedaace3b6297beeb4b8535f5e1e8c15d	25.00%	Quakbot