URLhaus Database

You are currently viewing the URLhaus database entry for https://therognews.com/sm/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633976
URL: https://therognews.com/sm/?1
URL Status:Offline
Host: therognews.com
Date added:2023-05-16 13:14:45 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:15:45 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 7 hours, 49 minutes Poor (down since 2023-05-18 21:05:37 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Dyjemvvm.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Wnovfpeh.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Oakcfulj.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780n/a 
2023-05-18Sdwpq.jsjs 9898858b1809b1511e09fbef76498bfa2d39365eb70958ac81ba4a0263c6e209n/a Quakbot
2023-05-18Gvvidhxm.jsjs 9f83e5346339db98db754ee60a6d9de3db2ecaf650f4590c2a11ad9e484c46a2n/a Quakbot
2023-05-18Kyswyevl.jsjs f44e30ffb57afcf688c00896ca7384786ee3ede05210094b66c6d9d6c83675e9Virustotal results 18.52% Quakbot
2023-05-18Dtpt.jsjs 4cfd3cea6e5aacf340993648b46bbd6628953021cc5148be665b68de39755e98Virustotal results 27.12% 
2023-05-18Mywg.jsjs 983c9fb0828b90c43eda528aaf767c2c7d4b71d59b86ad0d04461db11d91794bVirustotal results 30.51% 
2023-05-18Wvdej.jsjs bcf9e05bff1a4453dbe187a142eddb6857e41bbaf3869f7ddc598b6ddca0d276Virustotal results 26.32% 
2023-05-18Rfzejyrn.jsjs 0c72f8db70d3f144ec7cb21515e337377b9aa689dad88dfbf1720634c8b70453Virustotal results 30.51% Quakbot
2023-05-18Zqpk.jsjs 6cc345a8ad3df8d8da07821f31095f9c217201e0065038c5bb7e15aae14a9035n/a 
2023-05-17Ipfgkni.jsjs 36fa7b7d4e7fc7c9366c2fa6533c47fd96cdc2d9a6f2c3a9025fc4271c5d4c18Virustotal results 24.14% Quakbot
2023-05-17Kbeze.jsjs 34e3acc0e6ab649f51c734598559914d2597cbd6d5a224f09da4ccb7ccbd769dVirustotal results 35.09% Quakbot
2023-05-17Kzvw.jsjs dc0d873178c61dae13dac14d65611d4716e9c28ebfa216e32126dbdd1ac971ben/a Quakbot
2023-05-17Nmsnt.jsjs dc776fb044bb27e20a16f383ecdaa44a67be283f4902ddd48f1f6cffd24d036cn/a Quakbot
2023-05-17Aszenhqi.jsjs 13efaa86942839a33c87960d6b95861ace793c07390276ffb3d9329cfeb07034n/a 
2023-05-17Fnvs.jsjs 3a16d7765c95e4f1c085fb18814d67ba3d65e6bf93e38d064ef74c1f9d15ac83n/a Quakbot
2023-05-17Zhkpep.jsjs 2805dc9f718f68c7daf0cae2b00b6ed8bd0a6e3a957fcf340055a17cc4ef7ef9n/a GuLoader
2023-05-17Crtq.jsjs 850034fbc3909e56b8ba09e68020fc3357fc784c82a7e417a8b439f7b4498dd7n/a Quakbot
2023-05-17Ijslye.jsjs a88c97d81236466c69aeec64f2b827dbef28aaeb543e52935cdffb6a73a993afn/a 
2023-05-17Uduyed.jsjs 98c8a3359f965d63cff0dd2c97663df2aff97f283519df4b902149b69a776b84n/a 
2023-05-17Bhmdaco.jsjs 974255ddd18c03c121f16d120efac22ba6374646f8b6f46238586afbac399282n/a Quakbot
2023-05-17Fmcemupu.jsjs efbd1739d1baca14056e9a5d2f85355db9eda00cf16ad0df1d579ceba260fe27n/a Quakbot
2023-05-17Nfei.jsjs e432aad196746efb30c81b89c9cd60eed632e50d42f2aa7927172ba326681eebn/a Quakbot
2023-05-17Iutsclyp.jsjs 38b4fef430f0c1f45952f6b19b6626ea0dfaf45a76917976d105acbc41e743d3n/a Quakbot
2023-05-16Aklvlo.jsjs 3c0e4e8882ca669f263353898b0d44e16e8bff6dcf4df6cc19b59b79de62fe58n/a Quakbot
2023-05-16Zorsc.jsjs 1aa9c76ab8e1a0952ce39d0d39fdf7f1caefef661805c19aec78d85133d326b8n/a Quakbot
2023-05-16Bqkby.jsjs 0bc8912f20482cd1ef5d6f7bc4441e90a3ad7dc5967f2ae9a189dffc8f81a514n/a Quakbot
2023-05-16Qsxvtzgn.jsjs 0cf5bec972969f1ddf3cf01ed0e896249542c66c300524f5202846a8e02ae9a1n/a Quakbot
2023-05-16Ilhefa.jsjs 40c9633e7be2530892fb07da7feb39929eb1ac37def2cc1a499d8002d768118dn/a Quakbot
2023-05-16Aicvu.jsjs 998933947f1b3dec68405db58b31de2d0a203da9339071ff71d5db56e859ac95n/a Quakbot
2023-05-16Cswrjh.jsjs 86f516c05fae66054cc8ae696f40a083a430b8d693867f04eec1a910f9d476fbn/a Quakbot
2023-05-16Qypassvv.jsjs e9b8620ac1a1b61824bb5bb82172b3159215aaee134bb1510023f4ff9979c022n/a Quakbot