URLhaus Database

You are currently viewing the URLhaus database entry for https://sabreworksservices.com/tl/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634034
URL: https://sabreworksservices.com/tl/?1
URL Status:Offline
Host: sabreworksservices.com
Date added:2023-05-16 13:15:00 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:18:25 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 7 hours, 59 minutes Poor (down since 2023-05-18 21:17:34 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Dchbew.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Crrcex.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Qsmqw.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Ugntmh.jsjs 7dac45bbe49dcc33e841c8e4f9b7a294cfb563790807448bb1759e1d38b4684an/a 
2023-05-18Xizso.jsjs ad227c276250c72ebaf4c13e5d960347009d0762b8c2e696a35b36232e0eeff0Virustotal results 27.12% Quakbot
2023-05-18Tllu.jsjs 2878ea27fb0bf41510c5a442c350ea2d31a71ee4c1532dcabf74f79b9aa1b3f4Virustotal results 28.81% Quakbot
2023-05-18Qszrlhbh.jsjs 9fb9192d902b2bec0253263ac7de12696284a3203d04c735faf491c94c94ed32n/a Quakbot
2023-05-18Syuwnhte.jsjs 4657c8d962a15da8cdc6ff3c1ab3d492a89eebdd09249e8d29eea382791500abVirustotal results 28.00% Quakbot
2023-05-18Agzbvkdf.jsjs aa49eea2c5b828df4f85742d3d76bc365ee6c18721795dfe567bd8be0b360d61Virustotal results 28.81% Quakbot
2023-05-18Erhw.jsjs 43f0a123b00abe19f1412b6fff2944e5bf4436a2ba20e3493ba9708ee5088c8bVirustotal results 24.14% Quakbot
2023-05-18Wkvkx.jsjs 32805d4a1cf5298234803410351824aacdf3ae591f390289a3ae325ad6e77e1en/a Quakbot
2023-05-18Jtvswral.jsjs eecafdba553631375cb34761f4cf33cae100547238141bd641f76c3cb87700f7Virustotal results 28.81% 
2023-05-17Jhyjfloh.jsjs 229271acfd7face73c4919f8ae74ec7e9e3d276810827e045c7ee12baf2e75bfVirustotal results 30.51% 
2023-05-17Qhivyrrl.jsjs 67ff580532af15d6457fe1b6aa59886c46bd5c72906c86b58aae1e7aab70fa3dVirustotal results 25.42% Quakbot
2023-05-17Eybeu.jsjs b9a4b8691e7de63f6af1a61319d16827e3308ff248981ca1c9d815fee2a1b93bVirustotal results 32.20% Quakbot
2023-05-17Jzeojyuj.jsjs 31bfb0e9f32a6891aa3b4bb9c1caeefec664295de95b74eccecf9eb67a2b84cbn/a Quakbot
2023-05-17Xinw.jsjs 36fa7b7d4e7fc7c9366c2fa6533c47fd96cdc2d9a6f2c3a9025fc4271c5d4c18Virustotal results 24.14% Quakbot
2023-05-17Mqravye.jsjs 246f0936618439433071e920bc87c631f7506091006fb43ae80612f430c0846aVirustotal results 26.32% 
2023-05-17Uldl.jsjs 7b501e67649c8608b6333e95e174a2d3db77d745651cf4142c43e79b0e1ed927n/a 
2023-05-17Dknox.jsjs 55de6657c16f6c71d27bc0cb38580d689241943b653c659ae89fd4b63fdc279dn/a Quakbot
2023-05-17Wacnsg.jsjs 3eb67e59551a7c9cb4798a28e80c0cb6c6a72b09335457919c886af5ab1a7bdfn/a Quakbot
2023-05-17Orgtwics.jsjs 936db662bf609efd4df0012dad033ab0608798ac87f2f771c6b1b123a9af701cn/a 
2023-05-17Trmtdtst.jsjs 1d5d72cfb4ad625900eb8bed4942b9ae14f2f5193132ee8ad4386cc2cfa494b8n/a Quakbot
2023-05-17Fvda.jsjs 79303bf3c0e92f9380c56ce68c951130ce022947e1b977a2691c2bfcb637c398n/a Quakbot
2023-05-17Zjbr.jsjs c2dd854c1929865220059f2ecdb52c6bde926b2f6f631d049ed1c4dd5a660e94n/a Quakbot
2023-05-17Layzogv.jsjs 741456383ab61aea2d957500e192b77152f4814710ff264688abefe265174213n/a Quakbot
2023-05-17Nvaubox.jsjs f019d6b9666cc1959e7cbfed2e0ea01b1f8a817a80a3f67afe58994a58a2c534n/a Quakbot
2023-05-16Onkio.jsjs 96e24fe980e74dc4f9b7392770593934e48756d6fb159c2faaf1559151b7d459n/a Quakbot
2023-05-16Ypwwel.jsjs a2418e10e8da44a95d36b445fc5eaec2f8fcbb53dd260d4bee7b10b302addefen/a Quakbot
2023-05-16Ycpddikr.jsjs 5948c94ac2b5263bde227579bebe177da9426ff9487a58c75007bcc76f1a22c9n/a Quakbot
2023-05-16Gxwpls.jsjs 9436ea19597c8f9813ab65ddb6f372763c36eb6a176dca577a03a1253c1699cbn/a Quakbot
2023-05-16Myjg.jsjs ef54cba72a7748c0492293f522240f2fd0aff943fd7bf2291bd18c6eba407e54n/a Quakbot
2023-05-16Yytddk.jsjs 4c7816019aebcf19e2d4d722f05a2304c28f6d89ceb8fa592efe08a082581607n/a 
2023-05-16Obdrpvmu.jsjs f777486076ffc3dba2a39f821f6ea93b8546d768edada592ecb5f8e3dabbd49en/a Quakbot