URLhaus Database

You are currently viewing the URLhaus database entry for https://nutrivalegastronomia.com.br/pn/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2659396
URL:	https://nutrivalegastronomia.com.br/pn/
URL Status:	Offline
Host:	nutrivalegastronomia.com.br
Date added:	2023-06-13 17:52:29 UTC
Last online:	2023-06-15 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-06-13 17:54:16 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:	1 day, 22 hours, 20 minutes (down since 2023-06-15 16:14:50 UTC)
Tags:	BB32 geofenced js Qakbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-15	document_CF024_Jun_15.zip	zip	7048e8c33589d857f431478e25dda8f427ec2fc27e396e6c70cd11a8f4f58f81	6.45%	Quakbot
2023-06-15	document_AC035_Jun_15.zip	zip	20fefa1ac5cad9693ddc98511e64961eba0eeaadb3cc9521b2351f9df988cc29	n/a	Quakbot
2023-06-15	Uwhrrn7Up0XbCA.js	js	b7baa27aaccbc073c4968dda8ccb4f46ff77c4834414ffc023fd0a7ed7e94748	15.52%	Quakbot
2023-06-15	g49yhaShkaSum.js	js	306b192aaa8fd752e0456f7fc9e1796cab52e85a2984cb8f41b182568812e448	18.64%
2023-06-15	MmXb28zhMwdOo2.js	js	8f3bd4e17689d2b006f8a38efdc9b3adf04820765b4d256ece9afed2936a24b5	28.81%	Quakbot
2023-06-15	2cSue9qQW8ZubR.js	js	3f2ce1fa77ff965d10bce3bea9a68dfa3b4d6be8781cef0921ab92c606f54f21	15.25%	Quakbot
2023-06-15	78KFHlESDL5Y.js	js	2590f18548aec35d2df98ce665fd09c11d1be9a34b6122c3635ecac17238533c	18.64%	Quakbot
2023-06-14	1ssdvIHRhWL42.js	js	e0497594d4269e62a575a5305e1997eba146c899ca6f08ee59c2f6f862564ab7	0.00%	Quakbot
2023-06-14	PHQ0q7bcFtINe.js	js	b0d0104ab53364ae97bfad1cf7d7aa2d0ce16093dd2e27545cd8a7b1e2a03b66	0.00%	Quakbot
2023-06-14	dCJaHI3nz83l.js	js	c86b0d6aca6e60abf1330a5a34d784e00bc6b74e556752ae37fa49a7d96ef49f	n/a	Quakbot
2023-06-14	docu_BA348_Jun_14.zip	zip	2c33e109ba2eeaebe06463320fded9a92d7e052d4f8743fdd8e543ee0c364479	n/a	Quakbot
2023-06-14	0JqQdA8yvxy7t.js	js	9fd3b77d7695ef59f90d70b317d46c19b077ba1cb380dc1e981ae073514af1d6	1.69%	Quakbot
2023-06-14	FXuoxGxnufIOmz.js	js	0065c4b752d4ad2eadca283d889a5df13e6e2182b62e5700a55ae168fbb29b33	0.00%	Quakbot
2023-06-14	e1JX17pDt8UYTk.js	js	95dcc193fb525ee98badcd4cef7d491bb44e80d4c770e638021c50615550d05c	0.00%	Quakbot
2023-06-14	Sjeq7vH8HEmx.js	js	155edabd201cd66924836287c83f653e09c7ced1cbd3af8084eb9bfad9680d0c	15.25%	Quakbot
2023-06-14	Bid1OwAkL90aJ.js	js	eb3ba4b20d30bce05a31ca9780e5f0bc381ae20b8f931ec2429b0382c8cb1d27	0.00%	Quakbot
2023-06-14	ksNQG9YYRS6bQ2.js	js	80182ebbd0226727615a05a922a28ff50f87cda46541fec803d3b07c90a9a142	n/a	Quakbot
2023-06-14	RMdBoYMV4lt8.js	js	af421ce80f44c8aa9ee3baa364b9e4b541e48198fe96894b39f62297eebf1427	0.00%	Quakbot
2023-06-14	Qpc6kNoMf3FZO.js	js	b47346d6ccad24ac4dfd9109016c3c3c9035effb8092e3f7fae79935768f436f	n/a	Quakbot
2023-06-14	Yy7EKlxmkcEj.js	js	2dc927c46ac6cd140d42396e6735b2fd513aceaee58df8abce585028c78d98eb	1.69%	Quakbot
2023-06-13	8qYZb3L0SSRS.js	js	d292e690a899da501ac006d5c0f960cbc8dcd3c667702181c194440eabd87e69	n/a	Quakbot
2023-06-13	pwkY4sF5s8sU.js	js	238902bace1022430ee259967c47d410e80f09b6d8365ddcc324146603f5a522	n/a	Quakbot
2023-06-13	j9U9ng2aC3nk.js	js	91ca0dd484a61948629b7b73ec89c55dd0431ee6bece9ee4d56d54b33dae0a5c	n/a	Quakbot
2023-06-13	SDE6rwvn0gPlmh.js	js	38366372c790cda6ca1c286ae922e290d34fc010d76004b18a9773f165e96b52	15.52%	Quakbot
2023-06-13	UT1hcionG3ul4U.js	js	39812c0ab253e75f4835c0da4cb08db82f3c7954ccfc3d9a989944c1ae295f8e	15.25%	Quakbot
2023-06-13	Iu6ik1xLTFwtw.js	js	4e7ae6670d4cfbf7eb507116ee2fe1dc7ff80eee0f1e442fa9453af1f4466514	n/a	Quakbot