URLhaus Database

You are currently viewing the URLhaus database entry for https://ninetofab.com/iu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2632627
URL: https://ninetofab.com/iu/?1
URL Status:Offline
Host: ninetofab.com
Date added:2023-05-15 15:14:34 UTC
Last online:2023-05-17 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100115899 created on 2023-05-15 15:15:14 UTC)
Takedown time:2 days, 7 hours, 5 minutes Poor (down since 2023-05-17 22:21:10 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-17Ljjs.jsjs 2570cf55120f499263bb8841172328a59101385bd1804bb919458e9bf167319bVirustotal results 25.86% Quakbot
2023-05-17Ptbtaccu.jsjs 176082ec2166a938b76477a4d42d940987b38d787c43628c9e17e75057338dc2Virustotal results 10.17% Quakbot
2023-05-17Kcwlms.jsjs 5382511d86a2d24fb5f8fcb921bbfd21b64b9c071494bcfd096e738c2464ebdfVirustotal results 26.32% Quakbot
2023-05-17Druwa.jsjs bf6a2013ee6092e2d291a06d2f69e617b318a1e842a0d559b91fa1b8f8ea1a1dVirustotal results 25.42% Quakbot
2023-05-17Xiip.jsjs 19add01de5eb9fa85d7bed9badc8daf24f0083faf06b7eaecd8b1efb21be5428Virustotal results 25.42% Quakbot
2023-05-17Ygutz.jsjs 5cf5a460458dbbeb9dc56a1055cc11cf9105c55fae9b828a1884c3899001033en/a 
2023-05-17Jnksmsg.jsjs 504bafbd49416bdd0ee226e61b560555aa5a9b26c6bb9808cdb4ca469c27e9cen/a 
2023-05-17Nwutua.jsjs 75d5e3518f3b3b824b28712189930737693208a325103fbbfe50b48d854536a5n/a Quakbot
2023-05-17Xxvxsnaq.jsjs 3552093d08c9be95058dd1c70786d5b962eb2e63af12d7cbaebf7807c4847cf9n/a Quakbot
2023-05-17Whkhn.jsjs f137046fccc0dc7d24de1c770707536397614822e69e977ab44a757e593b194en/a Quakbot
2023-05-17Jcxtfy.jsjs 433a851631137d5c12512a2395a48c341710cf122eca5a14968242c0e426fbcfn/a Quakbot
2023-05-17Cmxtnuik.jsjs 73df12493579560d50a2df977bb97041a4e4a2d16110e884e3292701a078a4d4n/a Quakbot
2023-05-17Srsos.jsjs 390cc93e6a9214bc7423275a01a0167865eed6435cbbb7c989ff957d1f4b115cn/a Quakbot
2023-05-17Keiyeqo.jsjs 5df5771a288c892dd6683828c83d44312889dc8085ef54ad64991f0470b477fdn/a Quakbot
2023-05-16Phdj.jsjs 8cdc5d0b2ac97b90d4ccdd59ef92c670ceb75abd0dcb3e3d391c6ba22b23cdadn/a Quakbot
2023-05-16Szpt.jsjs 52e639b42bd8a5ea7c9cf65b5b96a863c8c9d29afe225761df7c72d75139d20cn/a Quakbot
2023-05-16Ylrl.jsjs 927698eec82eb49fea9f12ccaec67b0eb634c3846a46d5ef9a13c1764971ca29n/a Quakbot
2023-05-16Wuilo.jsjs b04f1b3801b57c732aff2942bd4ec416aed282f4776140705c67e8a5d7f85b1dn/a Quakbot
2023-05-16Gwrbdo.jsjs a1fd7aef6bbe4403253a7e6196eab2e770f67ab220b2a466ad8a2aeeeaeda3een/a Quakbot
2023-05-16Kfoopdp.jsjs e471e476375860e3c0677946ec7d0ecb230a3e5fdfb473a3c1be35222b8997d7n/a Quakbot
2023-05-16Lxgl.jsjs 37a93e5e4b5a99bc8cc00f6d940d5e6f85cd77828bc8d566ff673f003c8c4746n/a 
2023-05-16Oymgiar.jsjs 2bd07a3a16597b89bd7fe9bcca94254a58fe19852e2ae25d04ef125c369ef584n/a Quakbot
2023-05-16Tijky.jsjs be8ded194bbd2ab6f160ddedf3740a7b2950630659e2728d546375c84ea25bf4n/a 
2023-05-16Xuqc.jsjs ffcf2dc3bc111fd7e0fcce3da45e243e278ff93b2ff2bb5a04578d59470afe54n/a Quakbot
2023-05-16Vxypw.jsjs a779364c7325bbef1e0a5584e7601ec0717fb839325953699ffad38085c340fen/a Quakbot
2023-05-16Nvbn.jsjs 9ed0cff5f706a1256bfc7f14d4a6a52de70b8e316d3bf472d966a5646ed17a26n/a Quakbot
2023-05-16Bhdqskea.jsjs 8e3138beedfea340fbddc54d0c03e71f91fe5b4cf4eba8818f74165143fbed6dn/a Quakbot
2023-05-16Pcvcxhjk.jsjs 025f511fb4f5d2303fd96f86428e57d5546d58740e52f90bc2d8492bbaa79ba1n/a Quakbot
2023-05-15Gsos.jsjs fa8013057aec665c6b5824a54a113ef68ea0cd528d89392373f6b2c37dd842ben/a 
2023-05-15Iofr.jsjs eedce360fd255900dbaf4b6971171ced7fbcd2db33e8b241fedaecd57661cb6dn/a Quakbot
2023-05-15Omyn.jsjs 9c7e9f67b4927ef4afdb65da1d2493583195a5b0c9afb0c1dadb52ef30ee9ac1n/a Quakbot
2023-05-15Uemg.jsjs 79d70cb00489befe4a4a105e1f0212b662672a0d0b43dc8bd88257887a06e8fbn/a Quakbot
2023-05-15Xcgbl.jsjs 194acc51aef1190545385eecfcd14febdb69b86870ea0568968492adb42b3194n/a Quakbot