URLhaus Database

You are currently viewing the URLhaus database entry for https://tagi22.com/qi/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633950
URL: https://tagi22.com/qi/?1
URL Status:Offline
Host: tagi22.com
Date added:2023-05-16 13:14:37 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:16:24 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 9 hours, 39 minutes Poor (down since 2023-05-18 22:56:19 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Ajnc.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Bjyq.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Puphsiw.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Lhtkxjq.jsjs 75fed404e3a2c1427da3c8318a5bb5792719c64c70c7a0167b3850ac24e91fdcn/a 
2023-05-18Npvifknk.jsjs f37d3c915b896922eed07327ecc8b944fcab1445d20c02c26c5aab8d91473b45Virustotal results 25.86%Quakbot
2023-05-18Ktdnh.jsjs 0eb9fa07ffbdae465ca7afa7b68b6b38311315046844cd6ac97c9e3b77d5fe99n/a Quakbot
2023-05-18Megzanw.jsjs 0e713770fa4e2a4f457544637a3e0172325fd23e5f1120cded0547dd2236f70dVirustotal results 15.22% Quakbot
2023-05-18Rzmaalzk.jsjs 09f9e4d8ef85ba407416a7d168207db81c2000eabea300624e17d81f58bd0b18Virustotal results 31.03% Quakbot
2023-05-18Qzcglepx.jsjs b1c5cdb6f87ad0c3aacbf479218ede289571b85d30eb47defef749332b52c806n/a 
2023-05-18Pcchu.jsjs be61952594d1dcb5774683bd939e4e278b596ba069248f2ff16fc39f2351936fVirustotal results 10.34% Quakbot
2023-05-18Brli.jsjs 009f072fec4afeeb62ee51fc61e387113eecca3d907b9784a9e4b79ca0c64ddan/a 
2023-05-18Rxkr.jsjs e05738fc1b53657500ed0ce0448f562aeb6e465927ca8d763f76dc97f3a2150dn/a 
2023-05-18Svwstabk.jsjs f744aaa7347e22e22b0047605341e57c431a9dbcdd028ca5713a221c51107aa1n/a Quakbot
2023-05-17Axruld.jsjs e1210e09ca90b4d9b1cdd3dd947495e7f1666426a71a9032c997d1abcd93f686Virustotal results 27.12% Quakbot
2023-05-17Pwvlh.jsjs 26e8f5245d3928df93af31946f3ff6dcf2291861ef4835e6b23e145cfcf9f8d5n/a 
2023-05-17Ilhud.jsjs 5c57b539392768e2e9e8490f11f6528d81875b4aae44e11319d0a94af50b1f00n/a Quakbot
2023-05-17Dhpwiwcf.jsjs 00662b73e2bd3a971290d1314c7c89f0f6d0d7244ebb8fde1721be20fa50a8daVirustotal results 30.51% 
2023-05-17Nyjrd.jsjs 4a91fb2765da3056fe04bf5254fac9eb72f1fb4f8026845d71ffe672d4daac8cn/a Quakbot
2023-05-17Smoatyeu.jsjs fcdd7c512aa91e5f6574a7c7ab77a118b9e1af5f2e3b502a5adb136508c4ba47n/a Quakbot
2023-05-17Bgzzz.jsjs 3f2b1d4fe71004830b3afc87d735391d7ff0033d3264baf0b9b84903c52c16f4n/a 
2023-05-17Zpqg.jsjs 113d24015780099278a1b4e4afd616f833336a2d151ad0a1adcce4cceaacd600n/a 
2023-05-17Brotgfkz.jsjs c075172132132d23d1480c84f103a6eb9551be6e3f7df67ce12a5486632c95f9n/a Quakbot
2023-05-17Ftyhfl.jsjs 6b96618f359f10e99fcf9928c25956839819ff75a943241a243590efd94f3163n/a Quakbot
2023-05-17Qphv.jsjs 4f6bc9978a7cdc75a74517ff0e4001c1167eeed5b84087234f240ac2978b50c5n/a 
2023-05-17Cnaioncq.jsjs 5c3a472244417c59602dd948732a8efdd278ebba29628c69de7a92522e110e5an/a 
2023-05-17Rsdrtlb.jsjs 2b133b1afd9bffe0b1c3471193cba6a749997830459cb7fc63a0d73c0928cdd4n/a Quakbot
2023-05-17Ydbjql.jsjs 485278c1570bfa177d02b471454159ed48466816b30534e8c42ce400ac81fef9n/a Quakbot
2023-05-17Wdogdlg.jsjs bdde4e688408562fa355f8d9168653f83ffbb5b4844ed34d2ffaafb361819023n/a Quakbot
2023-05-16Ylpp.jsjs 339a7bebcad8015ad93744f948b14362e85972586d5500e8d1aed7d397a64189n/a Quakbot
2023-05-16Wosun.jsjs fe881e863a510ade74a3c066f543ed8da6ec273138ad0303f47aac0b545c3081n/a Quakbot
2023-05-16Iszdqsa.jsjs 406e2d37beb1ab1254a0f22ec3ef6418ea4cf75ab9431763b8e1198bfc2fcf18n/a Quakbot
2023-05-16Lzzqpyj.jsjs 584b905e43c00d32a76484b9c6b3ff26a80d95a6373a51301facb20cb8d4ec25n/a Quakbot
2023-05-16Bzvfiakm.jsjs 35224b45f07bbedbaf508c26a3ff641e61a1ce900985987fd5a832080b570359n/a Quakbot
2023-05-16Hgwkrpyn.jsjs 9639c8797b3595a1e64dc80ec4079d6485dd7d8f95c5bd5a34b459436e637df6n/a Quakbot