URLhaus Database

You are currently viewing the URLhaus database entry for http://www.openbookingapp.com/aquqz/v1/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	437706
URL:	http://www.openbookingapp.com/aquqz/v1/
URL Status:	Offline
Host:	www.openbookingapp.com
Date added:	2020-08-20 22:39:18 UTC
Last online:	2020-08-21 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-08-20 22:40:04 UTC to abuse{at}publicdomainregistry[dot]com)
Takedown time:	14 hours, 32 minutes (down since 2020-08-21 13:12:46 UTC)
Tags:	emotet epoch1 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-21	SagjS7HzGqcn.exe	exe	a540dd28b65a0f8cd1a3a888f8a5f253857a2031eff9be89cfeda5a4a6b0a1b1	n/a	Heodo
2020-08-21	niizAz7TbkSMw.exe	exe	a259e59da4152c8948d714015dda68f4891420ed9c6652e8c00fc26d535327ef	n/a	Heodo
2020-08-21	Uf6LC.exe	exe	223cffbaf63477701f2b1a52cfd936834ae3f5911d669d08a3e38ae53dfd4022	n/a	Heodo
2020-08-21	zgdc5rj2TBhxZf.exe	exe	872e2fc15243c8647087a9d61d1d90dc9332623500c64af1c5499e680f1b3c15	n/a	Heodo
2020-08-21	CD53VMlEzcBqSH.exe	exe	251f3c6ae7a0284c5ca152f741db066f5221c58308359d8aab498b8614ee49d5	n/a	Heodo
2020-08-21	4fdYc4ZCiv63BNw.exe	exe	56477b899e3013c0e419f2c72bf151b703309ca167db568236bc90a9c9635a0e	n/a	Heodo
2020-08-21	VZdoi84iZU6vNc6.exe	exe	5032e47c57ea5b628b8e51b929de2f95f32ca82355428b114a9ab5f1671854fc	n/a	Heodo
2020-08-21	IXBGeNj7KmdM5MRx.exe	exe	cbdb5bae4e0681c4c3b313c75e55b27ce865286af5e20a12b7715b9156ca1c97	n/a	Heodo
2020-08-21	y9AByYot9eXVWG3.exe	exe	aa07a9a8416983525f6e42eb2fd183ba190c08db57245a0f40cb8fca929fa20d	n/a	Heodo
2020-08-21	kObKpw67n7SyY00NKZbsL.exe	exe	47348ec3a6c95c112b99c8c49616b7a0225a2c9b290742820530379ca04c31a2	n/a	Heodo
2020-08-21	B2nDDxqlgx.exe	exe	104b514cab8e703aba99c5795155d5027fa3474dbf11edb849ab8f5da28df756	n/a	Heodo
2020-08-21	ppidpINpHWowXue.exe	exe	9f24095b5ac2ed60a3501dceb505ad51691568f2be033a10a93f8dfcf4c32053	n/a	Heodo
2020-08-21	6fwj.exe	exe	4e5689a1eda3d3546d96f0a3fb895e206b97578a0972b818117fe5e905aac675	n/a	Heodo
2020-08-21	G2EPDoqEQ8wvWUDr.exe	exe	9a81b17273d57fc9aeef7e705cd5f5d839be73cb39a05b9720a1eb92dc9095ea	n/a	Heodo
2020-08-21	prXvtlxekFmVpB4duZkJP.exe	exe	bd699b40a3d25ace1b7f93339cc3373d9abbf9e2a25a0034ef92899314e48e3c	n/a	Heodo
2020-08-21	ab8CREHYHrLyKVKQc.exe	exe	d9e3ec6e0ea29065c745730e57488d4748184a1367092bca24d8922f0471975a	n/a	Heodo
2020-08-21	rlKnwK1785GZOaQKui.exe	exe	733ef5bedf2f50cb95e7889e15211d7f11e7692aa906cbbdedf403aaab353d5f	n/a	Heodo
2020-08-21	s2GkCnwROj71D96QhfK.exe	exe	4833820505e5599be0789b30e5849360ba64dc9ab4251c54811e13ff88d84881	n/a	Heodo
2020-08-21	8Zk84FKzzWStrWD.exe	exe	1c639cfdae64a1c7257cc109d314bfbc6bf01e5e6b726e4f5ea92ad293c7ae3d	n/a	Heodo
2020-08-21	1KLgLFRzQV0Vu.exe	exe	03eacd9d32affcd68011b094441cf7af12a8175641e5fc396deb7a84ffab66e3	n/a	Heodo
2020-08-21	4bFOSWYnyPtyuTn7YIz8B.exe	exe	562eff86330ade0b08fc20dbd0f2ee331b0f7ac954e21919256edfc3c3ec457f	n/a	Heodo
2020-08-21	skEt8.exe	exe	f7fa8b5c69743260e429f2aa61a51ed35d0c5f235131c40521218ebc08ef8240	n/a	Heodo
2020-08-21	vd8252JN7j.exe	exe	2d71227966ca1cbf6e96ae81e59082c26a062753b9331627bb0250212d25d799	7.14%	Heodo
2020-08-21	FaR6C4qK24.exe	exe	534d6401b0fd18810569c586fa0a67efd7c98d6b49b0109548669565928d3759	n/a	Heodo
2020-08-21	92343.exe	exe	6dd741614eff8134d9a9eb98fc7be7f33105561ea0476074ee37fce77cf3942c	7.25%	Heodo
2020-08-21	eCFuczuwCAFRSa8JC.exe	exe	5e84b2d7f6f307bb3ffa3d8231087f15217077a6d7364c5f03bb64c230cb3c42	10.29%	Heodo
2020-08-21	XUo6npSj6DS.exe	exe	f82716d4fd2df722fa856b07bda1dac5601df68fbfedf1e7a4865790df4a2583	n/a	Heodo
2020-08-21	sMicfqBIokKUR.exe	exe	0f381cbc1ba67ebf5abc6521b38f16bc9dcb7474cfbdde987c2283ce685290b0	5.80%	Heodo
2020-08-21	mAOaeihhjeaqcUV9PCs.exe	exe	b690c36c08a0aee43be7155f391369d60cf13dc141b684f59631860f9afe5319	n/a	Heodo
2020-08-20	be4kmtg5hB7e31lz43i.exe	exe	4958592fdc63adcdb51006090a2a3b4453db15a8a581f11bcfdee000ff6544cc	n/a	Heodo
2020-08-20	jzyO7P5f.exe	exe	60c41b760cbba983f463b716748668856652885ce25817b14d3602a0f9540133	n/a	Heodo
2020-08-20	ZoILvr5XLd.exe	exe	6622f82392a4c297b6980ebfa2646348f7306f6391672e5f2251978d0f69ca2f	n/a	Heodo
2020-08-20	dX2.exe	exe	97676258b9f0cbd9fdbfeee9e79944f2ff19f74e0327b386dd47f8220633f92c	n/a	Heodo