URLhaus Database

You are currently viewing the URLhaus database entry for https://rajamxwin88.com/tu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633991
URL: https://rajamxwin88.com/tu/?1
URL Status:Offline
Host: rajamxwin88.com
Date added:2023-05-16 13:14:48 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-17 14:48:08 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 8 hours, 51 minutes Poor (down since 2023-05-18 22:06:55 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Xhqpbo.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-18Puxpydro.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Gyelycv.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Ucgvwfdi.jsjs 2420f87a39aa9752f4e4c6d8ca7abc1802b0fb5f71d4316949c1e080e27c0730n/a 
2023-05-18Emsq.jsjs 0e6261c9c8d05c96074d71e8c45d5c3dbb78736803c84ec4565a0db8dd83510bVirustotal results 29.63% Quakbot
2023-05-18Foqa.jsjs ccdc371fa95a2dc8192ecf73826f489942857addced0e8ce4b9aa969aa98381en/a Quakbot
2023-05-18Gjecg.jsjs 8fd76523c7e024c9c533983f3ff94e884cdaeaef4e3cf5f935a5bdcfc242678fVirustotal results 26.67% Quakbot
2023-05-18Pbfdxghk.jsjs 19c40585627ffe423ed5f0a6da7706a51a4e068323d3f9cd2f54a01d45c02af1n/a Quakbot
2023-05-18Scudsu.jsjs 0b8b2630460c4baa473d458c5dfe165acc6e1cd41d684697d22599bce6fcf623n/a Quakbot
2023-05-18Aggtjkh.jsjs 6e98b0ad9b6fe81e7dde4a5e76cddfdc25b19695ca702e4faf95f45dfc5a65e4Virustotal results 11.86% 
2023-05-18Aexvhg.jsjs 7fdeda1296a36cffb37a03dca1e25125b27333e53ead2391247d2790dffd0e7aVirustotal results 32.20% Quakbot
2023-05-18Dunia.jsjs c6acb46e483e7792474a50acd3a7ad70626f538da57050c7153b3061376b4f02n/a Quakbot
2023-05-17Nomijgo.jsjs 26e8f5245d3928df93af31946f3ff6dcf2291861ef4835e6b23e145cfcf9f8d5n/a 
2023-05-17Pshi.jsjs ea84f700c5132b793e8bbc20dd9383bd71e86ffe8be7ec16ec7fd5ada9cfb33en/a 
2023-05-17Nryr.jsjs 9ed630b44354fa9a5b12648e092b487dbecee08d6aad53bf5d2695dbea9b9cc6Virustotal results 32.20% Quakbot
2023-05-17Mutugptk.jsjs fb639f61394301ec51c3c82b270fa10118b12150f177db33a72560d80ad79f25n/a 
2023-05-17Dxlvklw.jsjs 8fe6b80c39f345411e663560d164edb44cbf0ad7ba4914ba79f02bb403348f27n/a Quakbot
2023-05-17Swoarxkt.jsjs 0efda647b9e6537d80702573e14dad4cae7edd5bb92d94eea0f136b93fdc03b7n/a Quakbot
2023-05-17Bvsm.jsjs f0dad7e39dd98158fd3e2a3bcd4bc2dd96da1a8f382aef725da975d51bd63a04n/a Quakbot
2023-05-17Nrqf.jsjs 53b3144d6c4d4163d5317d32d6bfcc11069a721edc167234c3599a6e2aae5274n/a Quakbot
2023-05-17Bymz.jsjs 2d90db219cfeecf9bfc300c5967157aaf3bd70d2ebc8ec188d40ac63eb28fa72n/a Quakbot
2023-05-17Gbyuvfoi.jsjs 44bb1926f5d547f049101e53df2ae5485a90f2ba4be3970a60fc08d3fcb026e6n/a Quakbot
2023-05-17Rctrdhg.jsjs 0ca0e28af231c38b6a0b79cf6bd9936ac0131793960c125bd07d50192d0e1272n/a Quakbot
2023-05-17Ifhbesx.jsjs 859f16e13f376d2b1d7f7ba74b6cfd2d95a794d2b2a1661bb3a3d662d0be99fdn/a Quakbot
2023-05-17Akcxca.jsjs f541d27dfc86e63280c4506e7fa140e5920a0fc27fdcb2e11899186c42ff5eafn/a Quakbot
2023-05-17Sbqj.jsjs d68e1cfcffd79c14d1e3699e4142065ff902d41cba2c2de62e554bc21b998fd0n/a Quakbot
2023-05-17Rvtkk.jsjs 9c9c930dbc78c82cd6cd7c7ebec7ce06a0cd2f2f73f2004b6292beefa5bb6e72n/a 
2023-05-17Rycvx.jsjs 21e99ec4f116b2cea7e86382246877a52257cf47d5456d66a0f452bf0d387e8bn/a Quakbot
2023-05-16Zima.jsjs 9305c679857f018d220b03dcd56908e0541af32d056d59c702517b9690cf6e97n/a 
2023-05-16Wrthfu.jsjs d048cf125abeb9d34944818c0558cd0c3db40b277ab28cf4383422267aa734dan/a Quakbot
2023-05-16Sdrkxksb.jsjs 276b4c7d7e26eb84df53b4d04a368a6df97c4fc5f7ed7e6646b40e92ff7ff987n/a Quakbot
2023-05-16Fndoe.jsjs a1c6e82c5d1fc0088b62c97988e313a39788e7dd91441ef219dc20c9ee63e81dn/a Quakbot