URLhaus Database

You are currently viewing the URLhaus database entry for https://u-portraits.com/ra/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633689
URL: https://u-portraits.com/ra/?1
URL Status:Offline
Host: u-portraits.com
Date added:2023-05-16 11:25:55 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 11:28:32 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:2 days, 11 hours, 25 minutes Poor (down since 2023-05-18 22:53:50 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Cohxx.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Reojhd.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Bnnyn.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Lajnogn.jsjs fddcd34987bef6b94a8aebcb0a58e189c372cb49cd848843c5def8a0369db772n/a 
2023-05-18Elvtx.jsjs fe38571546fce56178ef24eac652a6bdb02adb17817e8381824c1e1039b5f642n/a Quakbot
2023-05-18Fgrpcr.jsjs 42d74e9be0d442e0bbebc6134157922913abc72510b235bfa67b53092757a2f4Virustotal results 30.51% Quakbot
2023-05-18Douo.jsjs a957652292b9f2b69f858cd1f3221d9c4ae8b165a295b91459fd2bf2eedce715Virustotal results 25.86% Quakbot
2023-05-18Dlgqe.jsjs ff4f21489a82d5367cbd581c4dde86dc238f869b950e07bf20f3928f7e6c7567n/a Quakbot
2023-05-18Teaoqbxl.jsjs a9f2a0cb2e1331cb0fde62a0318a6e4666f4e283157690f3f7a1059aa73b2f71Virustotal results 30.51% Quakbot
2023-05-18Edheh.jsjs 66a44d6ecc0bff8550c4f8fd93b40851e019bac6297339dd180d268ed9bba451n/a 
2023-05-18Cbar.jsjs ef903a00f557175fbe1af9263796fbdaad81dc6578e948729821675219196f43n/a Quakbot
2023-05-18Phouzko.jsjs aaa4050b504cc828d80b7057106a778bca86d9e00c674992ba5ee3eddf1db803n/a Quakbot
2023-05-18Xzda.jsjs 0b7fccf63d874ff825b5a3e790311b7dd0923c82b142520db78f43a8191e9216Virustotal results 22.41% Quakbot
2023-05-17Fzjlabrt.jsjs 43b5fd987f46196b07b603e95e51b7c7676ad0784f913f1b136dcf29bb46e808n/a Quakbot
2023-05-17Ftgentd.jsjs 02caaf8685c239c1d2e1a5e8440a7c9b39c4b12921ba12cfce6caf0214ea2df6Virustotal results 15.25% Quakbot
2023-05-17Bepznfk.jsjs a0220d487566d1243b11c30ea5d37349418d84e8f6eb6013e0792aa4b11236c6n/a Quakbot
2023-05-17Svcetr.jsjs 6d5e3d77360658771bba4d35e8dd94a77d30f33a7c30ab86b66e271b54d2a638Virustotal results 20.69% Quakbot
2023-05-17Hgfuajuc.jsjs 92bcab1aebfd8fc6b8ed37048bab5574189469b98f8152e71b4c41106be5e52en/a Quakbot
2023-05-17Pdwgkhr.jsjs c2c29ea19d16a1a70e365c2161d223994c0610958fe527bfcb605ed47c4a4d44Virustotal results 32.20% Quakbot
2023-05-17Wzjzcps.jsjs aa49eea2c5b828df4f85742d3d76bc365ee6c18721795dfe567bd8be0b360d61n/a Quakbot
2023-05-17Tfkz.jsjs 9700f381578e6a7bef1b983c8365ce80903a111ae507a48b82bda18d06383af1n/a Quakbot
2023-05-17Mvxc.jsjs 3335f4dbda1dee713ece098ee6734c1b0a14c47006acbde381a5a265a8d3b2e5n/a Quakbot
2023-05-17Chveqji.jsjs f0e7f8663bd297095064f1c46200608b61f2df6c7249a5e12aca46806e874245n/a 
2023-05-17Aafmiris.jsjs ccd9b3e1dc09afa55a40e8a3f29dbaff089e9c210cf220818920e27c8973c3b4n/a Quakbot
2023-05-17Mkgccp.jsjs 5b40c463c8b88c2c4d6e0121ea979426807569a3a55f87ba5b82ff1fb46feb3fn/a Quakbot
2023-05-17Zxlhkk.jsjs 877034d485476c719bd61909fee27debc1fc16d309b752a8c8c51ef962c88fffn/a Quakbot
2023-05-16Wpgy.jsjs 3e1f299e80e16a762ae3ddcbd158b2a1faf8d8c0ac561190e93aa891b6bd3563n/a Quakbot
2023-05-16Cprte.jsjs 144359f455f59df0c118890ae68c0a8a76ff978f3af1b3e88c598603732bd63cn/a Quakbot
2023-05-16Nrrmzeb.jsjs 9a634b6c60816cc98e7e3d53292050f424d66c2ce9b2bfe1315234ddce2026b9n/a Quakbot
2023-05-16Tept.jsjs ebf7f25164cd8eb329a23f5e2f8569f41d4836ffcecd75c7c41b654527dc4180n/a Quakbot
2023-05-16Ysuqlvp.jsjs 88dc46cfde9747f8d30818b053e1c069364b60b72235c47cbc71873b1d7036f2n/a Quakbot
2023-05-16Zciudat.jsjs 5f4b5bfa5d01afeb906fd820975137deebdbbe8686ea020ec84a38281befc3e1n/a 
2023-05-16Valq.jsjs 5e0b9060dd6f6cac7db83d80129fd3c50a486165fcfce5b7733bc9767c8ddd1an/a Quakbot
2023-05-16Cyzdowk.jsjs 656eceb40eab3233ae9321f70775161f69fc0c33cf07d7035f8ebbc860e2c52an/a Quakbot
2023-05-16Hxkjmkr.jsjs ef11021fe53c87c098d203689ab6949bd30bbcf3d47988a4b07ffd1a84e89648n/a Quakbot