URLhaus Database

You are currently viewing the URLhaus database entry for https://itstoreindia.com/ntm/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2650110
URL: https://itstoreindia.com/ntm/
URL Status:Offline
Host: itstoreindia.com
Date added:2023-06-02 11:43:20 UTC
Last online:2023-06-05 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-02 11:44:29 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 12 hours, 20 minutes Poor (down since 2023-06-05 00:04:56 UTC)
Tags:BB30 geofenced js Qakbot link Quakbot link TR USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-04document_C908_Jun_2.zipzip 94ef1a9aa0a676bb78cef6bb6ef9e86b898150837a38be029bc8407b779e332aVirustotal results 19.35% 
2023-06-04document_C531_Jun_2.zipzip d50a23b399ea723e72e6f3daae139054199546c7c7bb4b3a113de527f398d486n/a 
2023-06-03document_A297_Jun_2.zipzip 409a66c7557d2c3058dd343bfc38a659d8e8ecfeca29cd4e0fcad4eb51c97dd4Virustotal results 20.00% 
2023-06-02document_E643_Jun_2.zipzip 531d506138b0809164404b1faf98d75d7ed00e5b4b4fda3a2a30d333b6877165n/a 
2023-06-02document_B312_Jun_2.zipzip 18dd57178acc49377650e4990b51fa26c8c82dd584ba9e97315c7683a17517f7n/a Quakbot
2023-06-02document_D710_Jun_2.zipzip 910b3d026eb5e151bf4d9201e8b9f0770627cc0ab54e7b6769c7648c89347273n/a Quakbot