URLhaus Database

You are currently viewing the URLhaus database entry for https://kapuas88medan.com/it/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633610
URL: https://kapuas88medan.com/it/?1
URL Status:Offline
Host: kapuas88medan.com
Date added:2023-05-16 11:25:34 UTC
Last online:2023-05-18 06:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-17 07:05:11 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 9 hours, 48 minutes Poor (down since 2023-05-18 21:15:23 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Lkkbgf.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Utjftj.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Kkuawgd.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Vjfa.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Sqqoo.jsjs 803b6f5fb74096efbf4344ef97d81dff7fdb8368c9357c7b6e2ba457a786f2ean/a 
2023-05-18Fong.jsjs 32786105579d9ee90c2b3e3c5c1aa115af93c9931e8629901c02b41150fa1636Virustotal results 27.59% Quakbot
2023-05-18Uwjcy.jsjs f1cd10870a25ff5450774a8498966cb5bddf350a269b79fee66a198f6cf3b7a6n/a Quakbot
2023-05-18Kteqn.jsjs ca42f27ebd7d4d5472c9652e26b5cd7d9f089e838ea85a8ac5f1c51b37e83e30n/a Quakbot
2023-05-18Obhntpvz.jsjs 76b1f9267eb932c85c8717778e7399af2196f31c3f1ee4b76d83a2cc5f2e486cVirustotal results 25.42% Quakbot
2023-05-18Zrxbbnu.jsjs 5e2610a338e8ef5c3c882966366fdd36d988d79233ad84071b96fe04a7ea18cbVirustotal results 30.51% Quakbot
2023-05-18Maxla.jsjs 8d8b15db563271d51b6caabd1d280fdd09e2262383534714503ad6903b1dd6fcVirustotal results 31.03% Quakbot
2023-05-18Zlpumy.jsjs 37dfc4f0a00904e349fd56b330748fba27b43ebad14ce22ba20df17809091c27n/a 
2023-05-17Ffyn.jsjs 185a635c927d918ae74aea58092eb9ecedc06bed0129605f9c210f1a3ad2d63dn/a Quakbot
2023-05-17Klcpahv.jsjs 4a91fb2765da3056fe04bf5254fac9eb72f1fb4f8026845d71ffe672d4daac8cn/a Quakbot
2023-05-17Vqgm.jsjs 5526b208f51ee2b6adbf6b588401d5c1e058973988c16897fef27cdf25f2a51an/a Quakbot
2023-05-17Gpec.jsjs 31bfb0e9f32a6891aa3b4bb9c1caeefec664295de95b74eccecf9eb67a2b84cbn/a Quakbot
2023-05-17Fxku.jsjs c7f9d6c56a28ecc44744a1c617778af39179d5869bca0ccd518016eae401078en/a Quakbot
2023-05-17Uqgtih.jsjs ceb8cce48cb241bf1dbcb587ed7d6d8d4c9fdeb5f87bea993602228464eaf9a5Virustotal results 11.86% Quakbot
2023-05-17Huztagmy.jsjs 7f2be16fe7cc7d8502ae20c7169578e1f795f15ed0f88cbe7c8a98ab4585d012n/a Quakbot
2023-05-17Yjolinff.jsjs e3086e125c0def5547c4247942eaf8cdeb0e4e581562f9cef5e20b6978761c61n/a Quakbot
2023-05-17Vqimym.jsjs 653f255937bcd8bba906de09018ca1bab325b484c4829706ad38f8569407fc47n/a 
2023-05-17Jjfpl.jsjs 8832a401431bbf31268d5ef6c3891c3e25a84d07c972ef9d908a091fedab6d96n/a 
2023-05-17Ssvaac.jsjs 5675f7f65f035a9fe636aab949d6e3f0b260926968dd48bd041ff07e629d5331n/a Quakbot
2023-05-17Fbwgqro.jsjs 6b5923c080ca126e97c53394343ad18f8e03d0568a807a3e5557b6713104d03an/a 
2023-05-17Jkaagqh.jsjs 947d02f7a074c479dd9f3155747d3498a99dd1381f4d503c8b1a24eef3936a0dn/a Quakbot
2023-05-17Hxqrkwsx.jsjs 847794e098a5ce1d2325889b6ca03534f3c87c0998e47620973ab6dd4fc256e5n/a Quakbot
2023-05-17Xarcolh.jsjs c62ba0208a293dc1464df5682bb98a70ebbc61fce7d581ae75842134f4e272f5n/a Quakbot
2023-05-17Aeyoqqw.jsjs 8f900859ef8ba81f07e76fea97a1f3fc273d3880658ae5a0cc3e19161ee251bbn/a 
2023-05-16Stuxqnl.jsjs a30aec34c906924bcc9e6057cbde3fc3bee9988ab90edc3395279ba7d030ee40n/a Quakbot
2023-05-16Pobgr.jsjs 086d66afabe0f47f1aff7061b4a8d917a6a0e6cca4dd4b4ee558ffc77a973a77n/a Quakbot
2023-05-16Fmhfjxp.jsjs ab2bd9a5638d6ec2b5d31e0dedf8907fece092389cb3e69d058eac129ce3dea3n/a Quakbot
2023-05-16Xlje.jsjs e4981597b5341e5ae399d8a1fbef1b650223ef0bb41f08d9b51f01dade3cd98cn/a 
2023-05-16Ruzfxcxi.jsjs b579729ccb9be24c5f68653b913a52e0d0adc1ee79118945d2fb008f8d377c58n/a Quakbot
2023-05-16Deptqkx.jsjs 3204f0a3f448a546a9a392a9d63ec1bd6cca9a0a92b85b9f7bf97d3879434197n/a Quakbot
2023-05-16Cflmy.jsjs 6ff87bb6be2f4a9ee576534e620c3ca4bee94456515bef9fd3ca01fa523e82fdn/a Quakbot