URLhaus Database

You are currently viewing the URLhaus database entry for https://advantagemsolutions.com/um/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633709
URL: https://advantagemsolutions.com/um/?1
URL Status:Offline
Host: advantagemsolutions.com
Date added:2023-05-16 11:26:00 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100116417 created on 2023-05-16 11:26:16 UTC)
Takedown time:2 days, 11 hours, 12 minutes Poor (down since 2023-05-18 22:38:31 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Epwcmg.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Utnho.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Agploie.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dn/a 
2023-05-18Egaf.jsjs 6bf7410f1b32c7fad44030961607fb13ec400a2a008f5817485ba84c5c297175Virustotal results 27.12% Quakbot
2023-05-18Qkptzmqo.jsjs 2810143d11f9ad7077972f807f2dc04a3f22746f81b7d8365d879e722c0b3551Virustotal results 17.24% Quakbot
2023-05-18Xhhx.jsjs 4199aea159f7829cacce2dcf979b07474ecef8f9e346c83817680cf1cccae1b3n/a Quakbot
2023-05-18Tcbceae.jsjs 5c57b539392768e2e9e8490f11f6528d81875b4aae44e11319d0a94af50b1f00n/a Quakbot
2023-05-18Skntm.jsjs e70a77365ffdf3f446781b46a826a0796adf73d479c783efd6763a7d83aec549n/a 
2023-05-18Rsgrgs.jsjs 13c75bb7b88d3903fbb5263103d8e12f736ce24e98fc6397eb0286451317c087Virustotal results 27.12% Quakbot
2023-05-18Nhclpq.jsjs 89ddd75a9d671f30070d8ed74468e507a72e5ca5699855296beb959dae2b71b3Virustotal results 11.86% Quakbot
2023-05-18Wgvgui.jsjs ccfd3d544f060b0b45133acf8df8a753724ec29a916820e53f6e7692dd785c8dVirustotal results 21.67% Quakbot
2023-05-17Fwpjzt.jsjs e000b46c0d6abfd08c10602eb092657cdf4c49e578302729b7d31ae55a978a5bn/a 
2023-05-17Kbpphig.jsjs 59eafea575993fa2b9b1a5a60ec2852f5cbda6491cc6c163e79d91e7fc9b1d7eVirustotal results 30.51% Quakbot
2023-05-17Vshnl.jsjs 2ae86821ba6902bdc957f61f92f752f51c37b2620aa00688fc6affc9b9b6c9c3n/a Quakbot
2023-05-17Cbfqrt.jsjs b7aee295279db7ddc9a5aaf2c89b1395f0a2c3ad92cabddcb41b024dbeff9c64Virustotal results 18.64% Quakbot
2023-05-17Unvarir.jsjs c936abc12d461d92641e807274f5df2fb3c02f2e568920845092ed9547299bafVirustotal results 8.47% 
2023-05-17Dxbyhk.jsjs def1eebe55f3bc428d1f39ef2f6c7d61a64a48dcc71389a348eefbb797e07653n/a 
2023-05-17Rpgeyjtm.jsjs 2a95cf3c1e69da726dd11f2d5621a546ce89b168fa1cab3506197a63de008d69Virustotal results 11.86% Quakbot
2023-05-17Cnqd.jsjs 9a8083ef127004e2a3fd6d38ac13339555b0e82a7347cc9a1aaa97c8dda4041bn/a Quakbot
2023-05-17Fbshtgxk.jsjs 3f73a57f5ce12a22f57016f952aa046a0621f4495440cd74da847173ff7cda11n/a Quakbot
2023-05-17Uuib.jsjs c57933b18483a0ee7ca395fca0ff72cef070d9a9d7fbba4eea3b799466ec00fdn/a Quakbot
2023-05-17Vveatle.jsjs c8df3e8d0850e002ede11d1d3e6f870c986e2f95373257d571fe4d14d36a6000n/a 
2023-05-17Swbaa.jsjs 6390bf60e98516204b212299e2661fd1ae3e9ec924a0a4b6190fdaca3235ade3n/a Quakbot
2023-05-17Cssd.jsjs 5426d915e3a01e369cb5e6de379c6610d10de87841728aa5850c286b9a40305en/a Quakbot
2023-05-17Suwoy.jsjs 2a6b38d978305d361b9474573583ec539bbc6f5a47856361614a787255ef16f3n/a Quakbot
2023-05-16Dzlmgadl.jsjs 26ae5fdefbf7f8f8b47a3dcb894cbc635f7a4b48f3ba2729c89234246cc75d71n/a Quakbot
2023-05-16Eoys.jsjs 8b8580187c742b8a3f2c5847efe524b70bc22d5b068c3af932d71201fda9d55en/a 
2023-05-16Facngiec.jsjs 1ebfb6fc9b3da05a7ea1c08805ed9e58e9da41ab35783b849e6301f1633d8c19n/a Quakbot
2023-05-16Vfgxd.jsjs 482f422866ef8aac4389d253c9ceea799dafea661c93e743483774e3cfec85d0n/a 
2023-05-16Blfvem.jsjs 2c4ca6810dc0705600f557b0ea4215d55374cd49eb78aebdc4a6e329b9cc7b01n/a Quakbot
2023-05-16Emnbtyni.jsjs a8761eae36d6d7ef3eafb3f55f68e9bb4c1dc8831e8db7c3b429784d0c600ac3n/a Quakbot
2023-05-16Javahjid.jsjs def5737468c8578e4ea6a802b0d39d9ec9cc8b6a6842bf786c8609bcc5f6fc40n/a 
2023-05-16Mqmsk.jsjs a5b296a94ce9d825ede850282c385b5c57f90300e3729f1d15b49fcabc31e8e4n/a Quakbot