URLhaus Database

You are currently viewing the URLhaus database entry for https://maragiaexpress.com/nnr/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2648254
URL:	https://maragiaexpress.com/nnr/
URL Status:	Offline
Host:	maragiaexpress.com
Date added:	2023-05-31 21:05:26 UTC
Last online:	2023-06-02 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-31 21:07:23 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	2 days, 0 hours, 17 minutes (down since 2023-06-02 21:24:50 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-02	document_C976_Jun_2.zip	zip	7cb9ef357bf3a574040c8961a2d378a889a529c3cded0229310a6186e077711c	20.00%
2023-06-02	document_B768_Jun_2.zip	zip	86b82c1586b14f7929252ad2229bce46e2109ae7368d6eb742d68fc680778187	n/a
2023-06-02	document_A394_Jun_2.zip	zip	d1fd8445768a660d2e43d115c93a01554225c268a6f1f860d7a5c7b55342e759	16.95%
2023-06-02	document_E512_Jun_2.zip	zip	0c030626741f9c4770e5193eedf520aa68aa0a0fbf58970e95ff8a74d8aab7c6	n/a
2023-06-02	document_B968_Jun_2.zip	zip	3bd578f78383b458e6a74d3e4b2a692e3b61d602fd5bb058e83294596cb9d88a	n/a
2023-06-02	document_E516_Jun_2.zip	zip	010662a5606aeebb65af59a2d26df075a07cad5d3ad420633901ef45134ea51a	n/a	Quakbot
2023-06-02	document_E450_Jun_2.zip	zip	d19362b9c00ebedfad40b76af2ff05215d43d7d66677a4a4ac0e7275c30a5e17	n/a	Quakbot
2023-06-02	document_F102_Jun_1.zip	zip	4fa9d2ea3f7981e52ba030eb3011861b6cec3f643b53eb51b5efb55f8248d8a9	20.97%	Quakbot
2023-06-02	document_C809_Jun_1.zip	zip	38735116b94d946d3b8fea7e0e6cbcc00e2d9a1e0efb9e74b51fa0b90650ef8d	20.97%	Quakbot
2023-06-02	document_B504_Jun_1.zip	zip	5c6639f44c9526b4f4d8a17c84de9caee60449ed7a0234e77c26407535273473	19.35%
2023-06-02	document_D840_Jun_1.zip	zip	48ffc7247807d593ade3fb50553af240ada035ae93e820daaae26820e2f02d1f	19.35%	Quakbot
2023-06-02	document_A415_Jun_1.zip	zip	9a009dffb8d23716bfdf471cb9d830be6eb0a8566cebb2850b93605154628e09	20.97%	Quakbot
2023-06-02	document_E617_Jun_1.zip	zip	2711384183b821de0dccaa2727da95ff8a77b88cac160dbce0ba53287e99b884	20.97%	Quakbot
2023-06-02	document_E359_Jun_1.zip	zip	cc1cd7b813fd38ed732009a84f0d5834d8e6c2f2e0c5bd42a58d62e082f0ac5a	19.35%	Quakbot
2023-06-02	document_A912_Jun_1.zip	zip	84e0ba2150789f82e073dd241dd4d2aee849f377a183e9061b77ad47c5fea171	20.34%	Quakbot
2023-06-02	document_B056_Jun_1.zip	zip	8c5ff7a5d68f159b12b252abee2c050e3e65474ca50f6c00ca6bdc65e6eb1b96	23.33%	Quakbot
2023-06-01	document_F691_Jun_1.zip	zip	8822a42acf6db1c1beb71162b6ff97af8ee5ee8fdf8938a093679ff55830932b	20.97%	Quakbot
2023-06-01	document_A942_Jun_1.zip	zip	8b05404ba69ce33ee24fd71b6af63b1c578b9c7107a7325bbc90d6dcdf98643b	22.58%	Quakbot
2023-06-01	document_C248_Jun_1.zip	zip	2181f4d85a82b4af910ec3370b7c43d82be428c51184bef12b8fd5146decbb05	21.31%	Quakbot
2023-06-01	document_F537_Jun_1.zip	zip	2d38df28063d080020c3517aed9bb326e5c9413b9e08752194bcfcadaba0e9ba	20.97%	Quakbot
2023-06-01	document_C594_Jun_1.zip	zip	ff98b49a63107577a760453625a472fa01dc48c82fb8497c6ce588fcd10aa465	n/a	Quakbot
2023-06-01	document_E378_Jun_1.zip	zip	8c545212e59e4f2bfbf601ab783da8fdcea9d0f64adec68369ed594bb22b3906	20.97%	Quakbot
2023-06-01	document_C130_Jun_1.zip	zip	ff0c90d9ee3bef92205434c658a9da9a0e3a75fdea45354563d7295423475ce8	19.35%	Quakbot
2023-06-01	document_C730_Jun_1.zip	zip	342792411e19fae2e0441c938bc292a1a8d4ec5bcf651ba08edd9a8b9ed0985c	22.58%	Quakbot
2023-06-01	document_D471_Jun_1.zip	zip	bd9a04c32d80aebc7ccfe044a669a6eac3cbfe3e5d418bf1d1262038cf660487	n/a	Quakbot
2023-06-01	doc_C092_May_31.zip	zip	6195ce5bce92c1b7f3f68c26c506ef95485ab56ac77733880ee8ec0d6dd0782f	22.58%	Quakbot
2023-06-01	doc_D013_May_31.zip	zip	c2db85a2b95cf9638d39994f5afc97618824d235d4299b2a7b9f4f3e617ebfc1	19.35%	Quakbot
2023-06-01	doc_A031_May_31.zip	zip	30e2cb4f0820b530ab465ed8ccf06f34b6b52fcc671d0a0c0b919cbdbde009a4	19.67%	Quakbot
2023-06-01	doc_E051_May_31.zip	zip	c75b2974932c2708a6a2b3dc72ebf3d48b80403b7ba0ba9a98208930cd0bb790	19.67%	Quakbot
2023-06-01	doc_D319_May_31.zip	zip	2f23adcbe2673e7c3367f10e877b1b6f333852f7066b85ac4b44b8a17e80afa7	20.97%
2023-06-01	doc_C852_May_31.zip	zip	b0cdc8da3e3195e4f7501f0b7d13c4031096dd8c0251da59a22a075fe7a920e9	22.58%	Quakbot
2023-06-01	doc_F420_May_31.zip	zip	7f30a4ee4f19fae2fe0ae9fafb0f6a3208b7091df659b75165ab47d3bba8a2f9	22.58%	Quakbot
2023-05-31	doc_E014_May_31.zip	zip	c43635beb4825f63a795a0c051fb0c4062230e7ccbbcb1b6952ced4632d96699	20.97%	Quakbot
2023-05-31	doc_B243_May_31.zip	zip	cbe68df7a512d91e419d5bb2ac9c4331bcf8dedca1945fd05ccaf0f1f50ca273	n/a	Quakbot