URLhaus Database

You are currently viewing the URLhaus database entry for https://autobom.org/eao/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2629029
URL: https://autobom.org/eao/
URL Status:Offline
Host: autobom.org
Date added:2023-05-10 17:11:16 UTC
Last online:2023-05-13 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-10 17:12:44 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:2 days, 12 hours, 8 minutes Poor (down since 2023-05-13 05:21:18 UTC)
Tags:BB27 geofenced js Qakbot link qbot link Quakbot link TR USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-12Nqcfszrt.jsjs 941c6bfa170aacfd3fbe34bd047c3b35c29fc003c807b8391901be93d370159en/a Quakbot
2023-05-12Uhvatbd.jsjs 3ad1061c90e8e5aa9b6079e9710738a8bce951bdb2aafb2ef22ec63d9b7a7553n/a Quakbot
2023-05-11Awbd.jsjs ab8f7e086f94e630a1f6884d90fa41a47ab305f7a6ac6e79df4cbb8de714f3dbn/a Quakbot
2023-05-11Meqru.jsjs 00a46a0ce8c077a0b7f2aea1420a0428cbda9d4ab9fc1d9b7d52dae2b08539a2n/a Quakbot
2023-05-10Lzpyegz.jsjs 2d3469a264db93edf3c2aff83a65291ca01804d2855c5200f38821d63b295412n/a 
2023-05-10Nvsjppqn.jsjs 7816cc43aea26052c5dfe2800051f06873b8dc29311a6441eef25d50d37b8181n/a Quakbot