URLhaus Database

You are currently viewing the URLhaus database entry for https://casadabateria.com/tsui/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2647868
URL:	https://casadabateria.com/tsui/
URL Status:	Offline
Host:	casadabateria.com
Date added:	2023-05-31 14:29:20 UTC
Last online:	2023-06-02 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU100125657 created on 2023-05-31 14:30:12 UTC)
Takedown time:	2 days, 6 hours, 37 minutes (down since 2023-06-02 21:07:33 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-02	document_C018_Jun_2.zip	zip	852ec14b856482a674c1a4ea80dd0f65c9dcb4cea77b8bc89bcc17b62057cb88	n/a
2023-06-02	document_C254_Jun_2.zip	zip	a3a3a4e5254f590b161bfcbf65c18b3377db898a07b8fe4dbdfdd57509dfdb73	n/a
2023-06-02	document_E438_Jun_2.zip	zip	1162eedada902e2342ac495f2bfa82fea531c8f6f253a83288dfef611a02adb6	19.35%
2023-06-02	document_B759_Jun_2.zip	zip	c8f9941af16d7e0ed42d361975c1f4f5a284053c5450647c02fe777c261a90b8	19.35%
2023-06-02	document_F134_Jun_2.zip	zip	baa2a50bc63e7ce1bc6534647be72bb3964c7f43b9c0822ea6ea77bfd465c644	n/a	Quakbot
2023-06-02	document_D094_Jun_2.zip	zip	577c1f5fff3d1758f1fc435dd0f3ffc9c66d0d04926a5687c83716a68a238ed4	n/a	Quakbot
2023-06-02	document_A352_Jun_1.zip	zip	6fec274130b19aa1f8eb286e9ff0e51650a5baa526d7b47df098f73eaed43e4b	20.97%	Quakbot
2023-06-02	document_E518_Jun_1.zip	zip	323bb41131f7ddf9cb00866b23d6b30e8382fc7dc351342e1c2a9569e42a084f	22.95%	Quakbot
2023-06-02	document_D026_Jun_1.zip	zip	99a806c53691e1860f161cff3d680a97080ada5e9810c2b7d43179cea9d5c1bb	21.67%	Quakbot
2023-06-02	document_A395_Jun_1.zip	zip	34ce7510d90783c21a4c43d1f97f72c225889aa40a9bc2172f6182f0037b4c68	22.58%	Quakbot
2023-06-02	document_C678_Jun_1.zip	zip	c97d86a7166ed4936eabfb1cc6c9cbbd8a22903b9feaec623ccdd73e862a58f5	21.67%
2023-06-02	document_D924_Jun_1.zip	zip	31fbdce596d1dfa1ed963a75e5ca7e2a1eb8cb0f8a2aca207f2c050483d9d2b0	19.35%	Quakbot
2023-06-02	document_F820_Jun_1.zip	zip	c7b34b9cda1b4fa81454f8a46a73cb6bfd7650e74c2a88f0c7a86d9173f5cfec	19.35%	Quakbot
2023-06-01	document_B013_Jun_1.zip	zip	a2839251f07b51b5ad14fc66556088b5e8efd835042aa676e402ae32c19b32fe	22.58%	Quakbot
2023-06-01	document_D930_Jun_1.zip	zip	b826bfb186869411fe39ee511333fdb94dafd911b6e63c1aa77ef5188cb03df9	19.67%	Quakbot
2023-06-01	document_B405_Jun_1.zip	zip	4c25a3cd2806c37e9f145a824e6f689b1c503c8211e0f0365404ef9d0590b70b	22.58%	Quakbot
2023-06-01	document_F845_Jun_1.zip	zip	2706522df447f3e7d1bf637be8c60e11cac97d889f2d725f7e696e06f177ae54	n/a	Quakbot
2023-06-01	document_C310_Jun_1.zip	zip	bb0f90f23b65702768531f3577bddbae7de9d78758b77d7bf4d9503bf383279c	n/a	Quakbot
2023-06-01	document_E058_Jun_1.zip	zip	0d3b7035391821fbfad51ada0287c771ba3da94a622778f687604c05cad38b29	n/a	Quakbot
2023-06-01	document_E691_Jun_1.zip	zip	ecd9343879f32462f94a235ff419b801d0598705dda0332cf961bcb55fd6addb	n/a	Quakbot
2023-06-01	document_B258_Jun_1.zip	zip	52ad77acb3b4fde6cd4f31eb89421390f03c3992ab01f65c1377b677f932ad5b	20.97%	Quakbot
2023-06-01	document_E562_Jun_1.zip	zip	6904e605206c1e5729086a0aa3dcd97d5659b7a38e91da1026e6ced9d3a9fbef	n/a	Quakbot
2023-06-01	doc_B857_May_31.zip	zip	9e5d0ec8366038b2dbc43f6996188f8d7fcf98e1aa746ab07458c9e550fbbf9f	19.35%	Quakbot
2023-06-01	doc_A540_May_31.zip	zip	f5118d29abe32b326751f49b44623d9d091ccc5bf0ba85f44b0098ddd5de58e9	30.00%	Quakbot
2023-06-01	doc_B041_May_31.zip	zip	f9620bf4a32717f1663ff27c9f4383c46f495540895a3ef8a29b4da5a51f1a35	20.00%	Quakbot
2023-06-01	doc_A476_May_31.zip	zip	e015b6e7ce85968d47768ba81d67e273bb85bbdeeadac230a7cf460e7f11ec59	19.35%	Quakbot
2023-06-01	doc_A601_May_31.zip	zip	86f19a945b2874d7f6add092cd919d70eca88af3b173e3e50832f0cf1e168ea6	22.58%	Quakbot
2023-06-01	doc_A498_May_31.zip	zip	0bf3113ea2c803b6a6ca111fa64b4415230062301c635a600aecaf86ee0830b2	18.03%	Quakbot
2023-06-01	doc_D103_May_31.zip	zip	e1745b282246e96869545fe229b037b14aaa2c58937bde8ab9b1e3113ab366d2	17.74%	Quakbot
2023-05-31	doc_D130_May_31.zip	zip	2fa2a280257f8de1e7824d4731a707c4b99a6cfa3240f721cfe8ac01ece72fea	19.35%	Quakbot
2023-05-31	doc_F308_May_31.zip	zip	180e77779445268eb09765d22324df07092e8df8f7a29e0b209f49776bcaadfb	19.67%	Quakbot
2023-05-31	doc_F380_May_31.zip	zip	c9a018fbe9ba2493d4ac82c13719f3b9529416523640e22d03bea5413e22b728	17.74%	Quakbot
2023-05-31	doc_E153_May_31.zip	zip	d3d6a1236ffa99b436ded7707eb51a895cfa503e58a9218595dea17a4a16ce1c	n/a	Quakbot
2023-05-31	doc_D270_May_31.zip	zip	c64cf4843c2769d130723710a5dc17a74be48c6390f3af85458ef0ec0046c6bf	22.58%	Quakbot
2023-05-31	doc_D561_May_31.zip	zip	cb40f16a4a3c11ac06516efe02f96c98754c43fd5c5aeb3653c053a0edb05cbc	22.58%	Quakbot