URLhaus Database

You are currently viewing the URLhaus database entry for https://batsamco.com/crn/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2650416
URL: https://batsamco.com/crn/
URL Status:Offline
Host: batsamco.com
Date added:2023-06-02 15:37:38 UTC
Last online:2023-06-05 04:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-02 15:40:22 UTC to abuse{at}hostgator[dot]com)
Takedown time:2 days, 12 hours, 41 minutes Poor (down since 2023-06-05 04:21:35 UTC)
Tags:BB30 geofenced js Qakbot link TR USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-04document_A209_Jun_2.zipzip 99e791496bdd05cf6429c35a67732714fd13e3c5e0af9395e7a3af1a572effaaVirustotal results 27.42% 
2023-06-04document_D014_Jun_2.zipzip bb2263da4bd6f1b50748cd457f95a52ebdd9aa12a45a8407273ad22d794ea609Virustotal results 27.42% 
2023-06-03document_D918_Jun_2.zipzip 8efa480a9376249009188bef2433321f77a65c6b2814c61b05b68f02ec7b9f4cVirustotal results 17.74% 
2023-06-03document_C938_Jun_2.zipzip e56baac8e0f34faab2f0bb47734f4d0ca2185baa727eaeb9a7f4a5682da51db5Virustotal results 20.00% 
2023-06-02document_B039_Jun_2.zipzip 29470b2dd66cec04fe6801a5bed035dd0bc8d257069e3b05790a15f069cc39adn/a 
2023-06-02document_F954_Jun_2.zipzip 9f8b57b72288c66792958e5f41527443afbf1f506491459fd5d2cd1d4d0ea289n/a