URLhaus Database

You are currently viewing the URLhaus database entry for https://nladfk.com/timn/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2650524
URL: https://nladfk.com/timn/
URL Status:Offline
Host: nladfk.com
Date added:2023-06-02 17:33:12 UTC
Last online:2023-06-05 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-02 17:34:13 UTC to abuse{at}axgn[dot]com[dot]sg)
Takedown time:2 days, 12 hours, 6 minutes Poor (down since 2023-06-05 05:40:18 UTC)
Tags:BB30 geofenced js Qakbot link TR USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-04document_A529_Jun_2.zipzip ff117c74efa8ce0d0f07eb9f8e7a7380c0d5e6a62431ea67bbe3089b8a099726Virustotal results 24.19% 
2023-06-04document_B573_Jun_2.zipzip b9d40575a9fb0287bff6141184f25809c451ad42d3ca85d0dfbcde3accb1a3fcVirustotal results 19.35% 
2023-06-03document_D948_Jun_2.zipzip 5c16218d759ca0880b6db3fdc74304ed32f0b7788d4a1f6aec3884743e03390cn/a 
2023-06-03document_D087_Jun_2.zipzip 82b888a58d6449fa57a87c90f625b1d3ad3ee468dcfd943a9148e31f9d47e07bVirustotal results 20.00% 
2023-06-02document_A425_Jun_2.zipzip 865cc3d789ca5277670bbefb897486bb5979936ba7289427b2241a753c07570fVirustotal results 17.74% 
2023-06-02document_D518_Jun_2.zipzip d2a1011d3f135644bb469ecff73ca9a00afbdee5aa2f3eb080c32384ac788031Virustotal results 19.35%