URLhaus Database

You are currently viewing the URLhaus database entry for https://rapidefollowers.com/uaut/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2633928
URL:	https://rapidefollowers.com/uaut/?1
URL Status:	Offline
Host:	rapidefollowers.com
Date added:	2023-05-16 13:14:32 UTC
Last online:	2023-05-18 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-16 13:16:37 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:	2 days, 8 hours, 10 minutes (down since 2023-05-18 21:26:37 UTC)
Tags:	BB28 geofenced js Qakbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-18	Lppuamx.js	js	d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182e	22.03%
2023-05-18	Yqjuyrv.js	js	6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59d	28.81%
2023-05-18	Lqfjoub.js	js	51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4	22.03%
2023-05-18	Mqde.js	js	d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37a	23.73%
2023-05-18	Zhdpmoy.js	js	215820e48ebfa9dbcba7260a2176ccbb21df119cff17a8389f165811c8e3664b	31.03%	Quakbot
2023-05-18	Etydu.js	js	112fb3f4fda57d58405f842081f111d4f583c40ece7f17fd6805832360da7072	28.07%	Quakbot
2023-05-18	Grxbqk.js	js	f7141b5e0f8768e0c1d39b6da886c311b1ba7a4a1db8d4efe2c936270bc2f0c8	27.12%
2023-05-18	Rxoadazv.js	js	e21d7ce5a24617b4a823482fea8b703cee1f434028f5ee807b3d77bcb4197988	14.29%	Quakbot
2023-05-18	Pjqontoy.js	js	ccdc371fa95a2dc8192ecf73826f489942857addced0e8ce4b9aa969aa98381e	n/a	Quakbot
2023-05-18	Aeoz.js	js	b0be9915846a032654d7a5cdc2488d13fd892ca71f707d67ef917a7ed79bd43f	n/a
2023-05-18	Rfcaeoz.js	js	569b94ae6e9101918add0cbef52c7d0516b8faf8e79f3273d7d102982c544c18	22.41%	Quakbot
2023-05-18	Togqfr.js	js	07903a989b7e8631bdf7709c9f662e13388037ed84e2a225ce9707ff6d5679a7	n/a	Quakbot
2023-05-18	Gfmue.js	js	d3174d21c0af8584eb01c73536a3c50de953ccf9c1486afb0e38c63e608d5342	29.31%	Quakbot
2023-05-17	Tiwpsv.js	js	0727eef30bd3d52541c3e05de818415c77f77ce68db06ea425431972136cf8c7	32.20%	Quakbot
2023-05-17	Dtmsh.js	js	27544c60ff36a51e0dae2573402a63de5c6ae28c1c7160377a0d3787272d74bb	n/a	Quakbot
2023-05-17	Wxyvw.js	js	17dcb0baeee21444da6b254c7dcd1d98989c6a0c089b8d79530a2c2a83dc34d3	n/a
2023-05-17	Vdfg.js	js	e50fb972f8f78042286895b6d869daf014f5e8082e3c3989ca853daee780a6aa	n/a	Quakbot
2023-05-17	Zppl.js	js	efc10c85b0f60f774980c7250e0358ab61ded2a4d2f8fed854bf14d05af6908e	n/a	Quakbot
2023-05-17	Othkjjvd.js	js	7f2be16fe7cc7d8502ae20c7169578e1f795f15ed0f88cbe7c8a98ab4585d012	n/a	Quakbot
2023-05-17	Meemk.js	js	403516fd88c6e48a70d5ab2c1e966024e8e46c5403dcaa8dbb3b56774715cf30	n/a	Quakbot
2023-05-17	Zvcrb.js	js	10c5f51f0191778e67ccbd8f9284cf395bda74468016ddb95cd0f3fdb7ca40ca	n/a	Quakbot
2023-05-17	Rhvcbm.js	js	436e344c451062baf704829eb66a15f2e68efc6ef3ab0bcc55c8ccd30c81dac7	n/a
2023-05-17	Jihh.js	js	915f72172098d98e1e02c5248db92e96d9d2ba36deb2adc5c3658d815a1cc5fa	n/a	Quakbot
2023-05-17	Rgbgjkul.js	js	38149a98f472b135c5ad206d86e67b427f7f3ff14079e6fcfa52ff32372086f2	n/a	Quakbot
2023-05-17	Mbpefgyi.js	js	118e0c86ca42180ef19a5e2548f4d3e78b147ca7fa5c47173cf99abc01aeb575	n/a
2023-05-17	Jbvliw.js	js	61561756d62e295fe42d1406d59d40fdb0d08714791cc4c617e14044a82f2a6f	n/a	Quakbot
2023-05-17	Wjidtmvn.js	js	862c4742c90190cc14d1e7b7dd006157d2435c1fdea3f3c5696f158bac4ba8c3	n/a	Quakbot
2023-05-16	Jihv.js	js	e22a62892b940097e6874133c0d96beda6cf6ff52a8aeb2a351df19929d22586	n/a	Quakbot
2023-05-16	Mwfhrki.js	js	783d410a78c45e719ff53c70798d2f4a2b51e40599853583057cc8af34fb99e2	n/a
2023-05-16	Ejfwsyt.js	js	13a49dd04be1ce8125dd6019e334658231168d0c84f8be041b30e6c1094417c8	n/a	Quakbot
2023-05-16	Wnknjw.js	js	cdfce8e07ee1a4fe1fa508e748a52f006529358df30eb192e80bc51d2a19cccb	n/a	Quakbot
2023-05-16	Dvioxjvi.js	js	e0272f61fb7969129c3f1aa338ba2b57a2c4b12d7fe1a13e719f1e00b463ce44	n/a	Quakbot
2023-05-16	Tdvxxb.js	js	3a715c08a4bab4ae4a13e057838afa90506bba3667a02e4dce9f3f3ff5abaf3a	n/a	Quakbot
2023-05-16	Qexboiv.js	js	816b1b8026b0efc746a2d063567c3188805b54cf8a8b7c5b541a216a44cc8919	n/a	Quakbot