URLhaus Database

You are currently viewing the URLhaus database entry for https://elsassdestination.fr/uu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2647964
URL:	https://elsassdestination.fr/uu/
URL Status:	Offline
Host:	elsassdestination.fr
Date added:	2023-05-31 15:57:13 UTC
Last online:	2023-06-02 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-31 17:06:08 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	2 days, 6 hours, 54 minutes (down since 2023-06-02 22:52:54 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-02	document_E650_Jun_2.zip	zip	7328d7e1f55d27ef1caa34ae6c5ad7ee2f13c59426a889762e1649b8b6012942	n/a
2023-06-02	document_B405_Jun_2.zip	zip	18a519c53dfa1d8532892df978d85de6a39ed5fb4243cc89e7c4cbffc94ef23f	n/a
2023-06-02	document_E518_Jun_2.zip	zip	2d9255457e3861f42d576fab24438bf4add1195bd468b32280ac4b011f02f8ac	n/a
2023-06-02	document_B415_Jun_2.zip	zip	3fc78f0e482fb48ef88136ca690bf2566f2decef07554362e39f8c409b6d61ee	n/a
2023-06-02	document_A069_Jun_2.zip	zip	f5e38ef51d7129ef7df225733682d0e83b5e23654335a4908f849ef3776fde26	n/a
2023-06-02	document_A635_Jun_2.zip	zip	5500bb16d62b97b9b4816639c9eea0f470b93eff6522e94fcec508a3eff3163d	17.54%	Quakbot
2023-06-02	document_B654_Jun_2.zip	zip	55d609ec3a1181d2607a0eaa2f372699e23af9b00b495323834fec5e2cab3536	n/a	Quakbot
2023-06-02	document_E567_Jun_1.zip	zip	418d8f47063a5daaea0dde1a68a39ccb32471035a0e942c49c9b1b6326459843	20.97%	Quakbot
2023-06-02	document_D254_Jun_1.zip	zip	7144ced6537bcefbeb70a5cbe54a2033ec44536ec607b26a0f192d15416d7362	22.58%	Quakbot
2023-06-02	document_A840_Jun_1.zip	zip	f0aa1f2ac0981e917c6c8dd9ff7c9330bb7b2ab8f9053c7d6dd93ea84bf3ddc7	20.97%	Quakbot
2023-06-02	document_C914_Jun_1.zip	zip	754136d2beeaa512c035ec660a4e663bd131ec78872ee6f3e8cf8d8b262d27c0	19.67%	Quakbot
2023-06-02	document_F120_Jun_1.zip	zip	e7eb4c4f33ca4d8d3dcf9921dd158cfcd71eeff037ba7841f65ea643efe7bc41	25.81%	Quakbot
2023-06-02	document_E075_Jun_1.zip	zip	6ccef167f60f7885a48a340db90e1db5c78e297f5104b86cc8b9a55ff664fe44	19.35%	Quakbot
2023-06-02	document_A482_Jun_1.zip	zip	1a8d4439eef5683ac99eaffb809c73189759f4912effc3de098041fe4fdb427f	22.58%	Quakbot
2023-06-02	document_A210_Jun_1.zip	zip	fe74bcc0499dbbcfbfc3ad05a80945670619b64684b2fe37f5f2287b4392533c	20.97%	Quakbot
2023-06-01	document_A490_Jun_1.zip	zip	2d17a580f3315836f6ad4998ae469d617acd0cbc564c1f7f006e6011ef6fe6cb	21.67%	Quakbot
2023-06-01	document_A698_Jun_1.zip	zip	1575d2b5747652acd89d7ee9500bce2e9038859a0e76056be1e6b8edcc6cf968	20.97%	Quakbot
2023-06-01	document_D249_Jun_1.zip	zip	f122d693ead1ed9d5773be980a98691f973bdb5636ce84fe73e3705b554eadcb	19.35%	Quakbot
2023-06-01	document_D759_Jun_1.zip	zip	d2d9765aa5a52887c44afdd41164a645b5d08d2c106ef5653c62ceb1ca3d5a7a	20.97%	Quakbot
2023-06-01	document_C350_Jun_1.zip	zip	d508262e642ee12c5ca5fbba7f8e76ffa10d778362bb3bf32709561678f8b78d	22.95%	Quakbot
2023-06-01	document_E891_Jun_1.zip	zip	b8ea42f06117f10a7e2d6221b72a5232fdf82fc124e8f6fdebac2db1482348fe	n/a	Quakbot
2023-06-01	document_F867_Jun_1.zip	zip	2d5c3c793bdd84025fde67729c3d8dfcb9de0bf2be05fae2e3f6d94af00dd338	20.97%	Quakbot
2023-06-01	document_A098_Jun_1.zip	zip	b1d0c7b40917dd269155c1dfe782e8c72191ba98ea38f76f948392f4e08f71e8	20.97%	Quakbot
2023-06-01	document_F620_Jun_1.zip	zip	a3f69451296e6821cd35452a7e258f5fc353ba52d7c349ed10356948103e2cce	n/a	Quakbot
2023-06-01	doc_A392_May_31.zip	zip	d623db85530512ce463ef5fe18224de8680d03479cccbaa47d27c8f6ac265194	11.11%
2023-06-01	doc_A845_May_31.zip	zip	4d3894291a7136e8bbee5c04c7fd5b3308c36cc84c5d8f80f4d6cd07ef02ebfa	20.97%	Quakbot
2023-06-01	doc_A236_May_31.zip	zip	0f69252047645f6e3c7b66915299ce7b89cfd79a314998f659ab27b06c9cf5d6	18.03%	Quakbot
2023-06-01	doc_E975_May_31.zip	zip	41cd4dd37809e88ebf03724eae8dc4190df65e27cba75ce357067cef289b0ce4	17.74%	Quakbot
2023-06-01	doc_D561_May_31.zip	zip	655dbd3ef954a309adc127d182b520543441c9dc96f644c92535a13198df5c23	19.67%	Quakbot
2023-06-01	doc_D825_May_31.zip	zip	53f2ea56730d164f57ae5dfb62e10cd93544a4ab98bc30a9b73c266e36b6a379	19.35%	Quakbot
2023-05-31	doc_F296_May_31.zip	zip	b745197aaa79eb8c42e3a95ef8738a3cc14a285568eb112867be70f6f37c37d6	17.74%	Quakbot
2023-05-31	doc_A971_May_31.zip	zip	58bea2a796185489d784100faaeb9887791f3b39fca66b330503e8b630b97478	n/a	Quakbot
2023-05-31	doc_C651_May_31.zip	zip	229065da344d25581cdc47fe748c977ae54a46d20113890000dd73003c7e4f1c	19.35%	Quakbot
2023-05-31	doc_C369_May_31.zip	zip	2eaa757b311618aad086e43c229e58cfa4bf5729497d23feffe0ae0268ad7a38	n/a	Quakbot
2023-05-31	doc_B052_May_31.zip	zip	116aa409caaf829c36aa7d4e7ec86f5b25dcd67d6225f3f5b6d69970a752b32b	24.19%	Quakbot