URLhaus Database

You are currently viewing the URLhaus database entry for https://21squaremilemarketing.com/tu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633856
URL: https://21squaremilemarketing.com/tu/?1
URL Status:Offline
Host: 21squaremilemarketing.com
Date added:2023-05-16 13:14:13 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:15:34 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 8 hours, 17 minutes Poor (down since 2023-05-18 21:32:42 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Tnekgav.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Wmqgv.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Huacawe.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Tafhswx.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 24.56% 
2023-05-18Ujhl.jsjs 91be0e3bf15d02163c2344685d9d0ac26c59bafc52dc0d476098608a63ea0417n/a 
2023-05-18Byzeqzbk.jsjs 5b03a98354c24b442061c45caca4e261ba88fe1d68187bd4c44f84773d562a6dVirustotal results 22.64% Quakbot
2023-05-18Gtzkqh.jsjs 4a224a82cefc07c64c7c22363f17593d43b9ab03d82d39624000798d29cd331en/a 
2023-05-18Ojoa.jsjs 5155a314d6e44ed6eb4d65e80d368d8bcd4e8674e293bce8d712b03395d22f6fVirustotal results 11.86% Quakbot
2023-05-18Dkoifdmt.jsjs 0ae16f66866567a01f4af47c0c7b2e49d1e54eba4e457b2de97f88c48016cedcVirustotal results 30.51% Quakbot
2023-05-18Lbxld.jsjs 17c3055ce856c6ee8bbfdfa36ea81dedf3d495e3aa418145fea73358747d4cd0Virustotal results 25.86% 
2023-05-18Rjjnxmsq.jsjs 66a44d6ecc0bff8550c4f8fd93b40851e019bac6297339dd180d268ed9bba451n/a 
2023-05-18Nffndag.jsjs 16e669d4d5391d00940846a4f52891c84d175cd3dabd4f776ef0b2b352c4f2c2n/a Quakbot
2023-05-18Ownkslb.jsjs f65cfd45df99f110dd5e24acdcb4a032a333c2d5f289d2867feb0d7fc6aa1960n/a Quakbot
2023-05-17Jvfdcsb.jsjs c1b685d3448c37f78c922a2a19a51272e6cba29bcc9f50ae1266bc064074f257Virustotal results 16.95% Quakbot
2023-05-17Rjsrju.jsjs 2936b6742f1d05f0f4625a1582b4bb5e44cf16340984eb0eaf2118709e5f7933Virustotal results 30.00% 
2023-05-17Dpiuy.jsjs 4aa5f66645ca2168af894232b630df6e88077c51f4fa33cbe2efd094e057fd02n/a 
2023-05-17Xlpr.jsjs 7f96290dff45385bfd8340f07e433e56831a66a593d5472a2ef8da6d665f355bn/a Quakbot
2023-05-17Eincr.jsjs bcf9e05bff1a4453dbe187a142eddb6857e41bbaf3869f7ddc598b6ddca0d276Virustotal results 26.32% 
2023-05-17Rcsx.jsjs 53182e2434b52d11490f911c908c6c23755d667fca1a03ac5d4be2cc9b0cd61dVirustotal results 23.73% Quakbot
2023-05-17Ymeoe.jsjs f865f1501145c736f9f72ffa6b3431effc20f094261818dfc60ace530d2aacebn/a Quakbot
2023-05-17Gigrnhc.jsjs b2daf4b78f814a0fdf86fb6f41afd1610891534772fa3e82dbb51806cae2b978n/a Quakbot
2023-05-17Knryt.jsjs 45d741d67119d8cc3f360752bfd581753149fd4991c63722af4276324160828an/a Quakbot
2023-05-17Hnwrxr.jsjs cb4aa9cab1734dc0b19910e04c2eacf00d1ea6ea40a7d2e5ac63e4d9b495236bn/a Quakbot
2023-05-17Phnudgkx.jsjs a8f1e213bc0a423da5bb78768e750d5fcb14652f2a864299a9931b42600e1c52n/a 
2023-05-17Cfjvqr.jsjs 634fe4dc656e7978ae9a45db60a011cd71589ff237b557c7860253e57ff21c29n/a 
2023-05-17Aattpcx.jsjs 3f606347060dcc67c7e40b73ee3ac78e6afa35c3f5111b3e76541df644312bc6n/a Quakbot
2023-05-16Ykzpvpti.jsjs a6ab1ae64f2721e8b0f78b8aa59ff3976b97cc8afe5f1e5a8a1f774cbe2d0e76n/a Quakbot
2023-05-16Vxbvaabe.jsjs 2494521d684ee56aa7ba226b3abf937335173134f12dd94d9d5c86bd16fa098bn/a Quakbot
2023-05-16Sgso.jsjs df8d9a8c83261fbca425aed9b02b4cc3a655701a96031f73f94d488bd8283b38n/a Quakbot
2023-05-16Zgxdt.jsjs 233408cd21c0cff5b19b62dc74ba4f6b09f38d9c2ff343ab7ec8dabab66a6e5dn/a Quakbot
2023-05-16Cpkzf.jsjs 51911391d3b7df7041cbda8116d13ebc2d3a41863d0f8c3658f057270e61369fn/a Quakbot
2023-05-16Cfppbc.jsjs 7d4c21dcd13d94856669bcd8f5d53ccd8487b6c70ac4de28ab08ecb5657a1b75n/a Quakbot
2023-05-16Llswdm.jsjs 94ec3c612b658b037dbe4bd44910a382dd39afab10ae642c11e02505c89f02e7n/a Quakbot
2023-05-16Khfp.jsjs 20e3df54881274c7e0ce319b29e4b732c56cab81a8863c8d8b58571f8636da48n/a