URLhaus Database

You are currently viewing the URLhaus database entry for https://foodfitgym.com/ceu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2633691
URL:	https://foodfitgym.com/ceu/?1
URL Status:	Offline
Host:	foodfitgym.com
Date added:	2023-05-16 11:25:56 UTC
Last online:	2023-05-18 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-16 11:28:34 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	2 days, 9 hours, 59 minutes (down since 2023-05-18 21:28:22 UTC)
Tags:	BB28 geofenced GuLoader js Qakbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-18	Fejdtj.js	js	bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780	13.56%
2023-05-18	Hcicccv.js	js	6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59d	28.81%
2023-05-18	Cxxbmi.js	js	bdb26c2e638b1386033d0a7e69a77245a946390b65a4cf399a92f323c7912ea4	n/a
2023-05-18	Tstwa.js	js	35a99626b0db91409ed1ac874964033c1490a20549ae611e95fa7f81dbd98d44	n/a	Quakbot
2023-05-18	Ktlhtocg.js	js	34d43862c3788ec764c7fb735ddcfc1f1712a66632a3bf7e8b83cadc98a6faac	n/a	Quakbot
2023-05-18	Khzuamp.js	js	b4bbe3eb6f77c745b1c296728e15c69c6b766df2aa51d6d745ce4e5fee415e06	n/a
2023-05-18	Yvmnsr.js	js	56e1630e4d5a2e6b1c2e4e5494d4f0934129788140e2bb2894da4d50c48ece66	27.12%	Quakbot
2023-05-18	Wrhem.js	js	64b83f23408d2a7227fa4c862e4bafcc65ec650c57113690f264fd64d4b9bfce	27.12%	Quakbot
2023-05-18	Fauvj.js	js	f517f6e7dd7c0f029a72fe25803ac2d5c54c7abcc8e576fbf95cbe6a87759540	28.81%	Quakbot
2023-05-18	Tuypygo.js	js	86f81887bb6051cb0f8b8b3d948a6e4bbff1538e986a71386da56590e614f26a	25.86%	Quakbot
2023-05-18	Vmjyjw.js	js	a581d1bc0926e4888a7d919a2ec529d51e03862bf784ac4cd4333e3df168d239	n/a	Quakbot
2023-05-18	Xfrcdg.js	js	a957652292b9f2b69f858cd1f3221d9c4ae8b165a295b91459fd2bf2eedce715	25.86%	Quakbot
2023-05-17	Aznexv.js	js	b267e2261f79527d447d6a639751fcabcf68f9640e62a3c3106b4f750cb07b66	32.76%	Quakbot
2023-05-17	Ckvdrcn.js	js	576d767be1b5ee880a56263521aef9366435f9ff583a68aebc426d7da2c02e2a	29.82%	Quakbot
2023-05-17	Xuhkmaz.js	js	6be55c4c2824a4cd16aaf9002adae153b6156ce58174febfd162d82dff7ba019	n/a	Quakbot
2023-05-17	Bcvfwupk.js	js	568dbf92f0bf53b20857f863e58e7f82287fe96c9dc066c782f5f82c64287a75	25.00%	GuLoader
2023-05-17	Bdwba.js	js	1ef243d363359aa7c5d8ab0a55ffa52a9302f63a3750df5b8408c99641bb9ab9	n/a	Quakbot
2023-05-17	Bxqlhs.js	js	7e29b555dd10291e663446073640ea5519a3e38a3655264511bf14299c86dccb	n/a	Quakbot
2023-05-17	Ywrees.js	js	0b3324b249fb9e33cb3970056ed6166b271c1f678d65d34cdff6079bbd95f2c5	n/a	Quakbot
2023-05-17	Gxbhw.js	js	918eea9019be2e447512703a21f4bd3c812d0a9a35ede79993abdb416ada6af9	n/a	Quakbot
2023-05-17	Jgfmsn.js	js	0f99cedb052d8a847fc9a7d1c66dfd2c39a4d039bf75244354b584c713775bfe	n/a	Quakbot
2023-05-17	Tbnwrhb.js	js	0d23b9047ff6240a5cb6578acac02e62af7edeee91def5e6768b6af08e419004	n/a	Quakbot
2023-05-17	Kdfj.js	js	a8788415b4f30648e1e4859c8ec059c0458e03a4971e38a0539fde04258a709c	n/a
2023-05-17	Kcpq.js	js	92ba1975f70f2b1b759c0580d1573a389c91002ecc254ccda10e78272bc40a28	n/a	Quakbot
2023-05-17	Uporj.js	js	e68cbb288e95f4c157f64ad7924c617278c9d22627a695e31e608818e4ad9b0c	n/a	Quakbot
2023-05-17	Dfkdg.js	js	c1d24ced1039de4d31efd44a3a6a8bb00d41935eb1864177dc4746dad78b3b52	n/a
2023-05-16	Ewce.js	js	3ff1eeb3f10b5a0eada56283992b851c06e039917b50bc9657775203e8880651	n/a	Quakbot
2023-05-16	Ivfrhcdk.js	js	4af98b799ab4b2103fb5daf942f855afdb56eff25326c4c2226c9286edb38911	n/a	Quakbot
2023-05-16	Zajc.js	js	c068b149465825a9e4dce4994e293f159f8f857fb11fe1aca4d4edd3afba0cb1	n/a	Quakbot
2023-05-16	Niajoax.js	js	8c8013eca3eda73c401eaf9bb717fb8627f4d9c48c4ff064f41dae2a628663f4	n/a	Quakbot
2023-05-16	Zlckq.js	js	63d0ab95d40b31658eae9bfdece1820aa86f88a77ffe738a9df7460f72b6388d	n/a
2023-05-16	Szxfmf.js	js	349e7d0018d971b5401d8e69e6fde36419c2cc893b696357adfc4571bd8c4945	n/a	Quakbot
2023-05-16	Eefjlnb.js	js	6a708a87cf14a08c5460b88434ffaf78b7d24431c0f61b03809a676c15bd41a0	n/a
2023-05-16	Jgcdupm.js	js	c02674fdcfb4d9f7912193ecbc1d1b4402e456148bd2f41d12e61fb3962aabae	n/a	Quakbot