URLhaus Database

You are currently viewing the URLhaus database entry for https://deepthinkmining.com/atut/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2633956
URL:	https://deepthinkmining.com/atut/?1
URL Status:	Offline
Host:	deepthinkmining.com
Date added:	2023-05-16 13:14:39 UTC
Last online:	2023-05-18 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU100116528 created on 2023-05-16 13:15:20 UTC)
Takedown time:	2 days, 8 hours, 12 minutes (down since 2023-05-18 21:27:50 UTC)
Tags:	BB28 geofenced js Qakbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-18	Nyba.js	js	51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4	22.03%
2023-05-18	Ncgfkees.js	js	d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9f	22.03%
2023-05-18	Qmlrcek.js	js	1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffc	13.56%
2023-05-18	Dnglthg.js	js	2c615ec3c1015d9d16eb0996a67ee496f998d8fbd2c769a22221d1049ff8602c	n/a
2023-05-18	Asfpk.js	js	8475cb42b6b2c974e37378cf11491570a83f194a37e5ebbc50add4a5677d6d72	25.42%
2023-05-18	Olvnd.js	js	404e30334a58830297758dd73f2fee67f6ed0ea8c6d7fa501d7eb809925d82fc	32.20%	Quakbot
2023-05-18	Ugwrh.js	js	106ea6e9df2db6267999fa9df4ae5950c1be2de07cbb773cd739bfaa29a806d4	n/a	Quakbot
2023-05-18	Xegn.js	js	a5e07fd19c36096b65281a4da6788fdb724e4cc4be6fae21497a969c1255a622	n/a	Quakbot
2023-05-18	Gixhgijr.js	js	73b1e3fe01be0b7a83d8ac43d397530b110d3ece6e3ff93d424b36d0b7336aa8	26.67%	Quakbot
2023-05-18	Wbocyeps.js	js	98e65224d86b8f3b2be7f45d6b5bc6711e25eba8a298bf06d24ad94bfa8b2089	n/a	Quakbot
2023-05-18	Ouqqs.js	js	d2087d9119d773d88b9ed612b2300de62865eab8a6dfbab02955c20d0bd11582	n/a	Quakbot
2023-05-18	Kzvr.js	js	4422126c61949a9848ddc759de968eb699c5364973a271dc9aac631121591d13	27.12%	Quakbot
2023-05-18	Ltvadmus.js	js	a5ad0d19dd6ae50f16dc5be1921c43a887aba5ab8dae04acbea417a5cd62d61c	26.32%	Quakbot
2023-05-17	Dqudhljn.js	js	2c402bf5ac40a8110c89bcf0f4ccd617ba22f8e8a6ca32d9949461c82540e48a	28.81%	Quakbot
2023-05-17	Rfdbmhg.js	js	d67719607166b2f101544e674067b1d8a66a134620ce0e19794356da09e033eb	n/a	Quakbot
2023-05-17	Cmss.js	js	b267e2261f79527d447d6a639751fcabcf68f9640e62a3c3106b4f750cb07b66	32.76%	Quakbot
2023-05-17	Usfvcp.js	js	ed4b4009ba340ee9369058f34b9f50d2cb0057933fa2033412123538dd6093ec	n/a	Quakbot
2023-05-17	Zhxgfvl.js	js	a6974773e37cbd56791b75effa167213997aeaaa65d704bd1de8aac6d9dd42ce	30.51%	Quakbot
2023-05-17	Ulztn.js	js	3bb38fa6f98d4d9251f3db4a5374a212389305ea2079c93ed01408cb473d434d	15.25%	Quakbot
2023-05-17	Almij.js	js	9d55c860ce682edea5933b6e9e441703b00b9880087fafd62ecedabf0665836d	n/a	Quakbot
2023-05-17	Xpkvuoz.js	js	04870d943a4b8708e8d7a023db4693342840f9558879573c5d80b19ac99f7e91	n/a	Quakbot
2023-05-17	Bulzp.js	js	747a613eeb97a114c24116f58e66316096fd13170740ab0d5fe9725d391adee7	n/a
2023-05-17	Gxug.js	js	acfc5c23e4d2b663318079031bda2054c604d9c0ae5edec23382c37cb0b4ee7f	n/a	Quakbot
2023-05-17	Aonlvb.js	js	ab7d9441fe7df7831bd107a4ed17cbd7ecd1fabfa3f71223f72088fbdf14374e	n/a
2023-05-17	Pxvv.js	js	67f355b184c5d4d0b4f7e8993f2d7df5cdda074de5608af9bb27baefbcb06954	n/a
2023-05-17	Swqzjblw.js	js	7c15801b66b3911302bb1032d94994adce06dd58210b0ccc99410b5d8a01bf0f	n/a	Quakbot
2023-05-17	Ymeeddim.js	js	e7632312d3cdb4f45aba481001b0dcb8ecb2f07fc9abbcba9ac4388373433bed	n/a
2023-05-16	Fnfhsopu.js	js	bf2cf8696a8de25dc3259ad28075d40e0f74dd0c017626ea76cb6f652588f364	n/a	Quakbot
2023-05-16	Qmesytvp.js	js	5176d2b67b02f52ea57c5b1b7c1d8288c61c70f41e160ffdcd44a1784772807d	n/a	Quakbot
2023-05-16	Pytvb.js	js	8421e741c47a5cf8bfc115b1d2db065a25a7b44ded0c57b9f3103e45f1389d81	n/a	Quakbot
2023-05-16	Bcyyzcm.js	js	757e5cfb75300af25bac64aa18a4a6532ab6e3681be9d0d3433a7ab39b15c68a	n/a	Quakbot
2023-05-16	Dzqrks.js	js	17559a85f10258d184616663ded4d7b6a334df25e831808e7bc9594591bec705	n/a
2023-05-16	Dorsrxid.js	js	2568f47d4eb9628aba626d8e240d65403d429e9bffe3c7f7918ae026d45d101f	n/a	Quakbot
2023-05-16	Oahs.js	js	6fa4ddba06d81f5e0063348612d029d75d4ebcd22d40cc3d9658e960bc7dfa06	n/a	Quakbot