URLhaus Database

You are currently viewing the URLhaus database entry for https://klimabilgisi.com/op/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633557
URL: https://klimabilgisi.com/op/?1
URL Status:Offline
Host: klimabilgisi.com
Date added:2023-05-16 11:25:17 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 11:26:32 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 9 hours, 47 minutes Poor (down since 2023-05-18 21:14:12 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Ciuyyd.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Ghmzaxt.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Jlayrvm.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Nqrp.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Yigadau.jsjs fcb55bc56ccea5fb8e29241c65e0cf5ad794554ed14753bba89de15d6c805767n/a 
2023-05-18Gjgxnkn.jsjs 00662b73e2bd3a971290d1314c7c89f0f6d0d7244ebb8fde1721be20fa50a8daVirustotal results 30.51% 
2023-05-18Roxpk.jsjs 7ace3a86b7ee25c1f0e953e1c7228cc835205c53e5ed210b4f3b7fc4291a75ebVirustotal results 31.67% Quakbot
2023-05-18Gljtal.jsjs 27544c60ff36a51e0dae2573402a63de5c6ae28c1c7160377a0d3787272d74bbn/a Quakbot
2023-05-18Ypyzohj.jsjs 1f26839da60e55672a1ff564cacf4050f50673ab46f7c13ece884b64e8db290en/a Quakbot
2023-05-18Slexh.jsjs deeae69c4717d775bf5fa189632028d3bea8fff66b068f15bb1c163430d3fb84Virustotal results 28.81% 
2023-05-18Zrkkuxc.jsjs 148425d44762a381cbc5cf7c9e0e7fb44d71f7162439e78b219929274f34d19fVirustotal results 25.86% Quakbot
2023-05-18Czinvvf.jsjs cc1399eba326d79dc397363937989a81822144dc05e184cd6d904bbf2617e9f7Virustotal results 22.41% Quakbot
2023-05-18Rufo.jsjs 3b3714312b9a47880e50308268338b4ce72011e082b2bb4bd94f2fbe7f738e56Virustotal results 15.38% Quakbot
2023-05-17Tccodnk.jsjs ecb53b7bd1821908e3358a50f35b5cc1aa92c43f7c190eaa7e0e473ca199dfa6n/a Quakbot
2023-05-17Xxeptya.jsjs 0f8aac75339d21d38c89f545a30c35990759d0f0123017fad73ed0c8ce34b51cVirustotal results 25.86% 
2023-05-17Xktsmbhu.jsjs f0071ab8efac63f43a57e5ce10cebfd8f2d18f0b8df63002a484d4acdc24b4dfn/a Quakbot
2023-05-17Ftoz.jsjs 07cd66f1c775da49daf409f335ec5d0189ba991d2e66c33b01708efe1934e0dfVirustotal results 27.12% Quakbot
2023-05-17Ogxnsho.jsjs 784d0c23a7299fe8f5a79ce4f83765cd48535cf1afc25d542a0f854f8049d149Virustotal results 27.12% 
2023-05-17Rnqt.jsjs b64790ef2bb214bf0fea83cb0aff305cd66dd38f065ab3cc62b9ddf5d3570eecn/a Quakbot
2023-05-17Vsblkvs.jsjs ea84f700c5132b793e8bbc20dd9383bd71e86ffe8be7ec16ec7fd5ada9cfb33en/a 
2023-05-17Bpiqm.jsjs 03055a4c682cad534781bf5ab5f9acd59dbd0eba2855cf6cec6cb98e4b956104n/a Quakbot
2023-05-17Zaeqe.jsjs 2fba15d0c4925270f46ce02fe9ebb11d0231dc52988f61e5d9044ac65da2b116n/a Quakbot
2023-05-17Lmrl.jsjs 3a18c0e384eed6d8716d9fb37c87736299a66de3e1ebecb73072d49e5409e1b7n/a Quakbot
2023-05-17Vebzbrbc.jsjs bf357bf4cb804dacfa12f3ea28b019f03b89b759d1760bda67b5af4e1f88247cn/a Quakbot
2023-05-17Tcvzih.jsjs 0f29695eb174af762be4cd6aea48cd07e8e1f9d597e80f1536bd9adc3fed4d69n/a Quakbot
2023-05-17Tzzfb.jsjs f4db82c3ec95139710f54d12b8cfa44999a36ea5111a5fab5c91992771c89775n/a Quakbot
2023-05-17Jsnx.jsjs c397452cdceb1846e87acff0cc5abf81efc929202f6ad948d3e6c8bca03d99dcn/a Quakbot
2023-05-16Uefqtav.jsjs 7f54d9ced95dffd76b32b76d688df8bbdcc55500a9d59119539cf8331b59fd2en/a Quakbot
2023-05-16Omwdc.jsjs 2a956c456d0371a948797e0725f8ed1b98942d29a61cc420428440cf71ad9f5fn/a Quakbot
2023-05-16Pgmpi.jsjs a1550ff25492fce36f1cde1ba98a05441f9121d84e7d643f76109952fd14077cn/a Quakbot
2023-05-16Qqzcy.jsjs bd757b4a221a13868d0b1e87173afc9270fd78e8ae5ba472a67cc98af308b32dn/a Quakbot
2023-05-16Xlmtl.jsjs cf21e078775adb147aaa9ea71eb32be21efc95e20620689b4705bc495c803967n/a Quakbot
2023-05-16Meuvtrj.jsjs 7618d13a01cfad38108d94c2dae7b1e21397cf056b8f39808f61e8910ae0d47bn/a Quakbot
2023-05-16Fdcgpc.jsjs a31a5da4eff54bfb16a6c8e21a57482df92e5cf806ea15095833baaf3b086e70n/a Quakbot
2023-05-16Mirgxknm.jsjs 627684aaf5822da4edd63a881fe2b855f5c96bc2ae032d6ac3cf7ce433bc660en/a Quakbot
2023-05-16Gcok.jsjs 12107d1216cca2013593cb5b1d8ba944776517c095df0d3b4b93e1e9597960fbn/a