URLhaus Database

You are currently viewing the URLhaus database entry for https://malpanipipes.com/nev/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2629154
URL: https://malpanipipes.com/nev/
URL Status:Offline
Host: malpanipipes.com
Date added:2023-05-10 17:14:12 UTC
Last online:2023-05-13 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-10 17:16:53 UTC to rajat{at}emaxglobal[dot]com)
Takedown time:2 days, 12 hours, 18 minutes Poor (down since 2023-05-13 05:35:22 UTC)
Tags:BB27 geofenced js Qakbot link qbot link Quakbot link TR USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-12Qiwduki.jsjs c175654d426c7c9363f4104de15c9bf890b24ce65d0bf9d4ece86c14caeb51adn/a Quakbot
2023-05-12Ugwgn.jsjs f64974f1d6b7d09de1f975fd0252e442233a3facc7af071e6eb8a84e48fe3ecfn/a Quakbot
2023-05-11Yjintwyb.jsjs 83b75b6cc83bf2dca4e195fad8179536d30c4a3259aa571ec0f83cf418a310e2n/a Quakbot
2023-05-11Yqdse.jsjs 6b52589cdc81313c3148f5aa35552b9abda8d8d2ad80888bbb5ead4eded5454cn/a Quakbot
2023-05-10Exmyl.jsjs 1535765cd20fbdd66de3093c750c92b1d55e0ec3279acaa05408702f5f7330abn/a Quakbot
2023-05-10Pgey.jsjs c56572d9af0d02b8751ad9a7185a109b7fa5c246687ad2af5d33ba00e1f9394an/a