URLhaus Database

You are currently viewing the URLhaus database entry for https://heplahinfectioncleanser.com/iuet/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633624
URL: https://heplahinfectioncleanser.com/iuet/?1
URL Status:Offline
Host: heplahinfectioncleanser.com
Date added:2023-05-16 11:25:38 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 11:27:38 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 10 hours, 5 minutes Poor (down since 2023-05-18 21:32:41 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Rllkum.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8n/a 
2023-05-18Moyfy.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Dqaak.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Czzj.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Mdmir.jsjs 6461d31271b55d2cda9bfd57b6993dc4b11250652512fb34cd4126b671a9b7f9n/a 
2023-05-18Bawaagfj.jsjs 743cf712f367f3c69cc6bfc3a3734a66d19bef6e76aabcc6a8b97c534a3b5557Virustotal results 30.51% Quakbot
2023-05-18Slysdcf.jsjs 26a9ccdd2cb5bd68aea8b06532a4945f8f6585f5ee8e03fd64c7dd7ba9bde535Virustotal results 25.86% Quakbot
2023-05-18Cioto.jsjs efc10c85b0f60f774980c7250e0358ab61ded2a4d2f8fed854bf14d05af6908eVirustotal results 6.90% Quakbot
2023-05-18Sxlhzt.jsjs 78a09834bde88bcf04dd934a793540b810b090e90efb96a977c2477be294fc75n/a Quakbot
2023-05-18Nkepgvci.jsjs 479435405ce11b58fbf16a8d7d4f3f1b2d8952718a2dd79f8c0e4ecb91176be8Virustotal results 32.20% Quakbot
2023-05-18Anqt.jsjs 64b83f23408d2a7227fa4c862e4bafcc65ec650c57113690f264fd64d4b9bfceVirustotal results 27.12% Quakbot
2023-05-18Zhdu.jsjs 973858251132d0779245a2e9dd301914a73702dadb9512759bce343a0fa1cb23n/a Quakbot
2023-05-18Dwfmpbia.jsjs b3455e378aa4106c5a643052bdcc324c67382149a5eb84a546fdc26f4b5f412en/a Quakbot
2023-05-18Fktu.jsjs 3f81d638187365133a7541ec95cc8cdedd33693b4fd6331e5fddb2281147b873Virustotal results 29.31% Quakbot
2023-05-17Cjgxua.jsjs fcd00b353c980d48983a4a2533eb482d632935a343b2034ea119d3a4a74f3841Virustotal results 27.12% Quakbot
2023-05-17Avph.jsjs 3d234411a958948cb4805e18eb29cd95fbd93086ffda9ed636c6d322523b5e80n/a Quakbot
2023-05-17Yomuozt.jsjs d2087d9119d773d88b9ed612b2300de62865eab8a6dfbab02955c20d0bd11582n/a Quakbot
2023-05-17Srypcrl.jsjs 3e294b83a7ced7203c04c79e0e2893c636344ba211f59ff49a66d91a93fe3bc4n/a Quakbot
2023-05-17Rbwkwb.jsjs bb62ccf9fa803df4844b790350de975a1f8ea136f9334e3563a5e8ecf4d9b601n/a 
2023-05-17Qgnb.jsjs e34af5d0c51c9f5403ca9b2aad48f7f772322fade0dff21b839a90ac6420cd87n/a Quakbot
2023-05-17Ntzgubaa.jsjs 956883acefb0b31ecf5fe135de4944d1923864deba9206a62a59c0dba8928395n/a Quakbot
2023-05-17Khpbq.jsjs 49b83e3af6252cab18b2a740b262d98421a4ad447b435064089d710a0d194586n/a Quakbot
2023-05-17Idao.jsjs db5b61957ae1768fc2bd7e57f9da45a3d15f4986e73ad9183e0cda1b174b620cn/a Quakbot
2023-05-17Vgmwk.jsjs 5ee63bbf011213c3f3162e9a8de5e7418b924403fcf5242c4a48bb7301af2f03n/a 
2023-05-17Pvbkv.jsjs 9912a0021a7ebb4859c74835a6879f718e15ba40b2339239f6d2c0070a9fe8cen/a Quakbot
2023-05-17Ighh.jsjs 61c8a484fa9a2343b7c5f9b5edee0e18c4854954677bda6a00c9418b6557a27dn/a Quakbot
2023-05-17Zxbkgfh.jsjs f6ad1b7bce1f738f588bf2a4e818da955974ce37a25a71eae5a094caeacdf8a4n/a Quakbot
2023-05-17Rqwjrf.jsjs 679bb9a475347574f150d197101db67c5ddb07bcdd9df5ce92fa79fc995a851fn/a Quakbot
2023-05-16Buurrg.jsjs 77184b966c102be8d988358f1e6d246ade1935a7a9fe034b7911d635848515fcn/a Quakbot
2023-05-16Rqagk.jsjs ef70b3e8219dc8ddb666dddf03a95b5bfe6a66bbd0c1c6652f528d6d9ac7c4b2n/a Quakbot
2023-05-16Yfgymgw.jsjs b76a52bd6c2c5a9692b0e530018df65be2cd983bbed013a5badaf951a26dbcd5n/a Quakbot
2023-05-16Shctz.jsjs 7455dc4edec13693d349f55120397c3765055e19cc8c898386e8d046c2742148n/a Quakbot
2023-05-16Wfyj.jsjs 1f63bb01a602d3bdff606916774d3ffacb8d53a34502b1f8c5d1e131711f6e0an/a Quakbot
2023-05-16Dmhjgtp.jsjs 5e319b08eef3f1a044b4303027b8d97ebeb1e555d7f2bee0691f5b2b08f0c7c6n/a 
2023-05-16Vudgqpsu.jsjs 89f3d3c8269a8d5fa17f8d0d7d977785a364d79915c1aab2b2753446ef24b1d2n/a Quakbot