URLhaus Database

You are currently viewing the URLhaus database entry for https://sirinatureroost.com/tu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2632620
URL: https://sirinatureroost.com/tu/?1
URL Status:Offline
Host: sirinatureroost.com
Date added:2023-05-15 15:14:32 UTC
Last online:2023-05-17 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100115898 created on 2023-05-15 15:15:13 UTC)
Takedown time:2 days, 6 hours, 45 minutes Poor (down since 2023-05-17 22:01:07 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-17Rvlveje.jsjs 55958c9aef4b48e1d2648546d04249950dc900677dbaa6883bf95cc5db2df09aVirustotal results 23.73% Quakbot
2023-05-17Iruoaqy.jsjs 6d9b8f4761b3d2b4e1c031cece4e6ae593e6a9e7de18a01dd28c1235bf7900d7n/a Quakbot
2023-05-17Cjdhsghd.jsjs 3bb4e5803055d8c3ad6250df56ce21b663c3da855bc32daa9ecf204060498681Virustotal results 31.03% Quakbot
2023-05-17Vfip.jsjs 70a531a610e47641bb1c9aa721282178341c6ccae5578f0ba31a38cfc5cad76eVirustotal results 25.42% Quakbot
2023-05-17Ykidh.jsjs 4fe762f3bef37ff2896345d647489f0ee60515aaf5da2c93572e1088e91adf79n/a 
2023-05-17Xuhqmi.jsjs 7304a37fa9af81be1faf5c6cc9781933f55435f1ddf6f2e4ea854b2899e4d0bfn/a Quakbot
2023-05-17Rycmhfqq.jsjs 0f995632b7eed08b632becb5c081a7b4d8f6f3eca16967740b999f33f46981e5n/a Quakbot
2023-05-17Doodbcym.jsjs 365b1faf79f0cf3cb7bf3377541e9323415a3378e138434596354a2471682be7n/a Quakbot
2023-05-17Aanlie.jsjs 95f9bc619ca638215729bcc5496fe84ccae7c36ee7b7388e689498f4bfbece17n/a Quakbot
2023-05-17Zmwjlt.jsjs c475bd85b8468dce8749c5371e4f13fa6dd4f665dddf7e39ac1f1d0c78daf43an/a Quakbot
2023-05-17Luhd.jsjs 9ec31d1fa1d8f449509c975d9797a87e1efa41c435a91bcb149f116b0118baben/a Quakbot
2023-05-17Dsumihy.jsjs 16292075bfc511a34616b769ea19e999da7d297a6579e75dd69252f52e3bec35n/a 
2023-05-16Dhadgt.jsjs 4ac53c4f95588c9813d837c2f089f00d7a9ca4e37b21b80da143ea2250ab0a78n/a Quakbot
2023-05-16Ukqhjjf.jsjs 9ecc81c55af1d806d6979aba18f24477e03c7bb72b6a3b69915248ed33aa500cn/a Quakbot
2023-05-16Hhijplk.jsjs a4eb65083f6b56cd0821c885af1f79e77832bec4c34e883ff1e60fe272e00e8en/a Quakbot
2023-05-16Hdjuf.jsjs b95a831f268ba9b11be64966833a2ccace8acdae530e6ba1751125fe329b372an/a 
2023-05-16Lhxqo.jsjs f4f88b6d226f52bcb61d9d079519963ad8cd55ce0980d7e67c29e35f14e8e620n/a Quakbot
2023-05-16Meplf.jsjs 0b2ce1e336172a4e5179960ae207f225de882a343bd5c7caac3aa74f905c0040n/a Quakbot
2023-05-16Isndinf.jsjs b5ea71b0028e64c925ac121675aee3ebe121b4ef6ee427df70c127ce08a39bb9n/a Quakbot
2023-05-16Jjoufezo.jsjs 086aacea34bec39b909b81722bfbf676d088165f8649cf488d2a18242cf0fa20n/a Quakbot
2023-05-16Tgdj.jsjs 9e0538efd893859c13faba8cd733db2de1c0fd500d8adea1f4e011bac7d529bcn/a Quakbot
2023-05-16Grex.jsjs 65ddff3d3a524338409e80bb7841b988d326bad2c84f4422de83a04bd3874adcn/a Quakbot
2023-05-16Vqyeiyue.jsjs ffab1073f7e2fb2b9a48124a9ee0c2b1d66e61ec678af8ed79858a47f6d6476bn/a Quakbot
2023-05-16Fsxsq.jsjs a7c710698b6492f3891dfc92f839294173ad26300e8960029ccc22024f22220en/a 
2023-05-16Xnabzqq.jsjs 763fbf3788b78abc2f7670b621e9556742c0e23f0c4de54c94d4019894a651adn/a Quakbot
2023-05-15Qeplp.jsjs d0a999a29e9f8849af651139a878ddab2c3e76dacff489528b4d1431f2e8662cn/a Quakbot
2023-05-15Mrkprua.jsjs 0e5114c4eceea2d23155b404e07d787a90016e3b31cd316382051118217721f3n/a Quakbot
2023-05-15Jwywqjk.jsjs b98c7492e039e3ef2eaef4f679cdfa256d0c7b45eecc131f99c51f0afae4a0e1n/a Quakbot
2023-05-15Yhoiah.jsjs 4dcb66f7d045c29a8f399da79a3d6928ef661f4da7f6f3b8e451818a7e88eed1n/a Quakbot
2023-05-15Savwspy.jsjs c140f28380b210480d82ae9d2cb9ab8daa8ac3df05a18db35da7e421ec44ad28n/a Quakbot
2023-05-15Arqzrvtu.jsjs 9871f6b13beac9d48823461c869698f2368254dac8ca8bf119c8810b4783acc0n/a Quakbot