URLhaus Database

You are currently viewing the URLhaus database entry for https://grupo-cala.com/tno/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2650355
URL:	https://grupo-cala.com/tno/
URL Status:	Offline
Host:	grupo-cala.com
Date added:	2023-06-02 15:37:21 UTC
Last online:	2023-06-05 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU100127083 created on 2023-06-02 15:38:16 UTC)
Takedown time:	2 days, 12 hours, 38 minutes (down since 2023-06-05 04:16:53 UTC)
Tags:	BB30 geofenced js Qakbot TR USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2023-06-04	document_E839_Jun_2.zip	zip	9ee6a863e293d5ceecef5f34e95fb99c0b8a4520882de9f580033e8d9c6fc0c8	24.19%
2023-06-04	document_C485_Jun_2.zip	zip	1d9862ad463199588425bcf57af76b7eef49806486b563764f50a09f3f1f4a66	17.74%
2023-06-03	document_D386_Jun_2.zip	zip	5b617c6757a7c5377ee35604c8bc4913167c3680252563b583310c7fcb61be42	n/a
2023-06-03	document_C562_Jun_2.zip	zip	2bbd94f062f8d0157b0b8e3cf034892c7c3cd3509807100d8877fec4bd1ae55b	n/a
2023-06-02	document_F807_Jun_2.zip	zip	ac4de53b1cefc7547824bc8b757db699edf54bd1440cc7de266d15432c6f4b9d	n/a
2023-06-02	document_F475_Jun_2.zip	zip	651f22d9f0b257f147114f148e02cd6328e9909369cb714fe06e47d1c89fc9af	20.00%