URLhaus Database

You are currently viewing the URLhaus database entry for https://ibtrends.com/tua/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633925
URL: https://ibtrends.com/tua/?1
URL Status:Offline
Host: ibtrends.com
Date added:2023-05-16 13:14:31 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:16:33 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 7 hours, 50 minutes Poor (down since 2023-05-18 21:06:49 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Ztcuj.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Copydnb.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Zkqs.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Xzlhl.jsjs a08e0327dcc53e2012b6fde8dec72bfa350ac7229c1582275761a712280d31fdn/a 
2023-05-18Msot.jsjs 743cf712f367f3c69cc6bfc3a3734a66d19bef6e76aabcc6a8b97c534a3b5557Virustotal results 30.51% Quakbot
2023-05-18Zatsep.jsjs 4f9c04f40501ff342f07c66108d89ffff23f8fa85ac574a2829cd65a757aeacfn/a Quakbot
2023-05-18Xkvpg.jsjs 9b2f8c74295c1bedca1e85a34eca84634c652741d93c24d9c5586926552a77a5Virustotal results 25.42% Quakbot
2023-05-18Ntlvo.jsjs 8323339fe9864a8ae4d4d40aaccb4bf92a9b3ba6b545c2210dec09fb28bf9374Virustotal results 27.12% Quakbot
2023-05-18Hykbaz.jsjs 340674eac99b309a0a10a07f5d961e87788e88c4cc2f218da6cd61ccb196deecVirustotal results 11.86% Quakbot
2023-05-18Nyve.jsjs 576d80e7bad2be3b3f4ddb0ccbe067bceabbc990bb96e11007cc74c2d6ad7bean/a Quakbot
2023-05-18Wixh.jsjs 6c9b5539e5f1f1b4e1d609c95278f2b4bd4386f4efc315a332648f1467d2b94aVirustotal results 23.73% Quakbot
2023-05-18Zhcjdbv.jsjs 6da5adb44a26381ff077fb8a45c8d20a4888393b3fd5733d6fc8ac4519809c94Virustotal results 25.00% Quakbot
2023-05-18Dkeg.jsjs 16e669d4d5391d00940846a4f52891c84d175cd3dabd4f776ef0b2b352c4f2c2n/a Quakbot
2023-05-17Pjeqyef.jsjs fa4e13a9e0315137813bc3fcecc4a2ea7b145377cfb5cdd4d412a5b2256be037Virustotal results 27.12% Quakbot
2023-05-17Anqkfclb.jsjs 88e1c48885e6e3ca5b9336e4c427b393b3ed8d986289d640404abb2cdf869689Virustotal results 22.81% Quakbot
2023-05-17Shszxds.jsjs 64dff88a0434f88beb3fac1ad7fb2945b374f90e6ee2ee7322665681b945e790Virustotal results 30.51% Quakbot
2023-05-17Lacsztsh.jsjs 3f2b1d4fe71004830b3afc87d735391d7ff0033d3264baf0b9b84903c52c16f4Virustotal results 30.51% 
2023-05-17Cdgyn.jsjs 4de2124d922958dc3b36346c1906578b79f12a6388ef771a7f8503c21e30af78n/a Quakbot
2023-05-17Uobdesxv.jsjs f11d7ad43d7a6c6cc716d06a9d41c96156d6ce0dc45d6add8d3039cae526e350n/a 
2023-05-17Dyylvioz.jsjs 935d2fea6488c7d2c6ec2b528f43f43c49b96750bbf21401284b5c42710e8c75n/a Quakbot
2023-05-17Pwryw.jsjs 81379f5334d587dc59728918f2598983ffc518c38c6a9d10a36840c61ce606cbn/a Quakbot
2023-05-17Xumyxd.jsjs b2ec85fc53939353f356b44f36e32ea55ea942830066895ac1075eb30853d988n/a Quakbot
2023-05-17Sssrsof.jsjs 86e892ec8a701c342efa64f87120e19bf6fabebfe8964dbb03690f73cdc05201n/a Quakbot
2023-05-17Nmszyg.jsjs f03c5a8eede90433e58735d3bb951cdbdbf85a8160c38904f73be26c095b9d8en/a Quakbot
2023-05-17Ogogfhlu.jsjs 084e42e407ce6c297865d2569f5d97befa8137c1d65ffe091e97173d1996e596n/a Quakbot
2023-05-17Aikzaseo.jsjs 8588e86d2b136e6ff3d42261bc393afc6948cf7a55cdc48824efcda7b6d5646an/a Quakbot
2023-05-16Ondhqg.jsjs debf3fb6e7acfadd4b5c2fa22869629b275d2015d10cde77904b629bf0ef4102n/a Quakbot
2023-05-16Mwbyr.jsjs 87d1ca5f1d1b4ee095893923d58e4117426a08cb5faa3c9541c9f183c130d5b9n/a 
2023-05-16Ajpa.jsjs f66f7e86570f97e1ae31b3e9f7bfe24fe070b9fd8085327adfa9229129c3b0cdn/a Quakbot
2023-05-16Iiie.jsjs e32976339e9e116ccb461a7b491607e4b46e81fe13f012b6267701f3bfa44d3en/a Quakbot
2023-05-16Gyngood.jsjs a381c68233ac54eb608a1d9f440db5e1ab5ce23929e40cf5159a859286829d78n/a Quakbot
2023-05-16Dgbwu.jsjs 5134aef3c543b4031cc2799c8dba2d11ce17f2319ebf1c42fe7d0adc01728914n/a Quakbot
2023-05-16Magoe.jsjs be9bae02f055a102013c905401a6578bff31ff568b5298a53acf3139c756ee70n/a 
2023-05-16Wvbuga.jsjs d8211123ae70ac32ea4c38166b3982bece852b88348e9ea61629bf4777e0923fn/a Quakbot