URLhaus Database

You are currently viewing the URLhaus database entry for https://nladfk.com/itn/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2650131
URL: https://nladfk.com/itn/
URL Status:Offline
Host: nladfk.com
Date added:2023-06-02 11:43:23 UTC
Last online:2023-06-05 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-02 11:45:28 UTC to abuse{at}axgn[dot]com[dot]sg)
Takedown time:2 days, 12 hours, 21 minutes Poor (down since 2023-06-05 00:07:19 UTC)
Tags:BB30 geofenced js Qakbot link Quakbot link TR USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-04document_D013_Jun_2.zipzip 63a2134437761d294330fd819e84bc2692fc20d863e79c0dea5e4f0a0d9c4a90Virustotal results 19.35% 
2023-06-04document_C742_Jun_2.zipzip 01d7fefc3107dc1e4a550fe548a5d0b12130de008688a79da620cb72a4d3aaafVirustotal results 17.74% 
2023-06-03document_C642_Jun_2.zipzip b4226389ccc9bc5772783d8949b0b05b47dede270feb956d7a84f326b585d47aVirustotal results 20.97% 
2023-06-03document_E715_Jun_2.zipzip f55412c18a488aa6017d83c2aa7a2ba5a5e506c03bf66042780c3e08dc7a99ebVirustotal results 20.00% 
2023-06-02document_C204_Jun_2.zipzip 24e03a66a9b63f86de82505454555c596bea5d22b7f7fd40bb64a6c16fc52943Virustotal results 18.64% Quakbot
2023-06-02document_D875_Jun_2.zipzip 9e162b473e9dee2e6a68b5f4d1a5b347cbd4aee1b49efc292c7162cbe8b9f60fn/a Quakbot