URLhaus Database

You are currently viewing the URLhaus database entry for https://xaydungmtcons.com/qust/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2647885
URL:	https://xaydungmtcons.com/qust/
URL Status:	Offline
Host:	xaydungmtcons.com
Date added:	2023-05-31 14:45:14 UTC
Last online:	2023-06-02 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-31 14:46:11 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	2 days, 7 hours, 37 minutes (down since 2023-06-02 22:23:52 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-02	document_D918_Jun_2.zip	zip	8efa480a9376249009188bef2433321f77a65c6b2814c61b05b68f02ec7b9f4c	17.74%
2023-06-02	document_F845_Jun_2.zip	zip	4863ad58bf969b1b73571fe54f2db41e4a68b0ece4a126bde43ff9c07b9f9699	n/a
2023-06-02	document_D309_Jun_2.zip	zip	e01436f647427127cfe9391672e63ff12df09071e4a708f2aaf2c56a9845daaa	n/a
2023-06-02	document_F058_Jun_2.zip	zip	079c610acf4dd9fa013f0041136b87361a0dddc1e21aaa9f496acfb18989fd10	19.35%
2023-06-02	document_C317_Jun_2.zip	zip	40b25d2dc73a373309b84b2c65cf18bc2dfacb00f940835095dc4cdbe2181589	n/a
2023-06-02	document_C172_Jun_2.zip	zip	acb85acd91ef67186666fd2ee6099ab52e922bdcafcd06bd4f8455af3b762a1e	n/a
2023-06-02	document_C829_Jun_2.zip	zip	4a481328d87e9974a00df611b74d65d07b14f3b5b48ceb49e106276567dbcc86	n/a
2023-06-02	document_C078_Jun_2.zip	zip	fdd3556e55ad997e5674212489bae171fc70313401d215807a356d2802c328d0	n/a	Quakbot
2023-06-02	document_D709_Jun_1.zip	zip	6054a727f9df62ae983666b64f76e9084cd6d5698b027d3f8fcfc48abdc8ee50	21.31%	Quakbot
2023-06-02	document_B056_Jun_1.zip	zip	8c5ff7a5d68f159b12b252abee2c050e3e65474ca50f6c00ca6bdc65e6eb1b96	23.33%	Quakbot
2023-06-02	document_A698_Jun_1.zip	zip	1575d2b5747652acd89d7ee9500bce2e9038859a0e76056be1e6b8edcc6cf968	20.97%	Quakbot
2023-06-02	document_A341_Jun_1.zip	zip	6fc3e080b57f8d54f910348ea51a42eaef09abaa55348433daa49518028ccc02	20.97%	Quakbot
2023-06-02	document_C953_Jun_1.zip	zip	6b525eea3fbfecc40ed40ffaf8eca4cb5ecc79115d9ac2851d1812a8ede79570	20.97%	Quakbot
2023-06-02	document_D274_Jun_1.zip	zip	f11e025a5cbe0a620b5d4995ac71c7e791331319f48e6371680c4bc4e91c9259	21.31%	Quakbot
2023-06-02	document_C935_Jun_1.zip	zip	21205ab2eea1b8b9cc90d8d1e33e18105f16bc36a7cabf54e95904f2fd8c3d59	19.67%	Quakbot
2023-06-02	document_D167_Jun_1.zip	zip	8be296c381b5c277bdc4257b7cc3a8c9ed3eb54ce4f8d02ef5f5a3d2d8773339	22.95%	Quakbot
2023-06-01	document_E149_Jun_1.zip	zip	6af12d2ce533dff3297ae1061a495b44edc3b6e88e236480ee7578cb6740a71d	19.67%	Quakbot
2023-06-01	document_A057_Jun_1.zip	zip	e0ea34cd20c4a8736c52cd83e74b6fe9cc10621bc4918aaa62f7766e5d730f51	20.97%	Quakbot
2023-06-01	document_D041_Jun_1.zip	zip	2945759e862de34ba84d8d9de2694babc08af4fe42b77214417f0805fdc4d2ca	20.97%	Quakbot
2023-06-01	document_C862_Jun_1.zip	zip	a9eea9b2635dab6ecb62096b7fa41bbbb81123be77c3396c1b37c23c016d1131	n/a	Quakbot
2023-06-01	document_D240_Jun_1.zip	zip	456fa083671ce55e3e376ea52d7e6dbe790de20ce392ba53859a7dbe5c4cb558	n/a	Quakbot
2023-06-01	document_F461_Jun_1.zip	zip	693e184ac7ae6a5a94c4f48acc78b35824a9f81411a3a56f86c487fc6ea54a6e	n/a	Quakbot
2023-06-01	document_E163_Jun_1.zip	zip	35f11b9fcef352f7e6ec6e83e962572fbac9e048e399915d19eddee6a48a7eb1	n/a	Quakbot
2023-06-01	document_F735_Jun_1.zip	zip	5dd2b09947db02973e12415bec204455a7a136db7a069c82d49ae6565d1548f9	n/a	Quakbot
2023-06-01	doc_A630_May_31.zip	zip	d127a8d7b2b2c4402b126eec3091acd249dde1301fffe6ac1f6bb937f8aaa5ae	20.00%	Quakbot
2023-06-01	doc_D623_May_31.zip	zip	b7aa48888907b85d3a0236ccdbfdb6ee54e62f0329d3540ab5540fe82447df55	19.35%	Quakbot
2023-06-01	doc_C025_May_31.zip	zip	964742183de9d100ddd978f0e7c4b9735380233757e89e79099f72f351a3851e	19.67%	Quakbot
2023-06-01	doc_D589_May_31.zip	zip	fa88b1003c26d2a57464f6b632430db8f5e6fa644be9b6f189b7b930e4cd44b8	19.35%	Quakbot
2023-06-01	doc_A542_May_31.zip	zip	7a96c03af56437e8e477d76ae3f5483772fa93ffbdcf93afed529f91bd04ac37	21.31%	Quakbot
2023-06-01	doc_F730_May_31.zip	zip	20da8ff2bc3ce7069d38f541ab87267ae0dbe01790b5871835f8c8d3ac5ba2cb	n/a	Quakbot
2023-05-31	doc_E862_May_31.zip	zip	8906e38d3abf112024515bb09c28327b7a35c671c40834f67109909ddabd2acf	n/a	Quakbot
2023-05-31	doc_C623_May_31.zip	zip	656403850048544218a1c98b189b3fd50ece25f63d98669a1f814bea7dd40c71	19.64%	Quakbot
2023-05-31	doc_E381_May_31.zip	zip	06b1008a014eb6d92fb538cf42beb8686b7a02f7fb909f14095e617087f4afdf	20.00%	Quakbot
2023-05-31	doc_A164_May_31.zip	zip	83b0ccb319c794846706fdd5f9cee708f97dc742e49f6931b01f474a365f4447	n/a	Quakbot
2023-05-31	doc_B514_May_31.zip	zip	e3a938361367f4e4d9db290be342e47f162a53e13f037a66c6fc49def602019a	13.51%	Quakbot