URLhaus Database

You are currently viewing the URLhaus database entry for https://amazonbirding.com/nmoo/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634051
URL: https://amazonbirding.com/nmoo/?1
URL Status:Offline
Host: amazonbirding.com
Date added:2023-05-16 13:15:07 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:18:42 UTC to abuse{at}bluehost[dot]com)
Takedown time:2 days, 7 hours, 55 minutes Poor (down since 2023-05-18 21:14:31 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Kwjfydo.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-18Rhvwd.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Lmlo.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 24.56% 
2023-05-18Dftrtw.jsjs 165e5a043f013f292f6583015b4d89c7b5987ff575e12ff255d1321b278bb912n/a 
2023-05-18Cpxmmzkf.jsjs 8d8b15db563271d51b6caabd1d280fdd09e2262383534714503ad6903b1dd6fcVirustotal results 32.20% Quakbot
2023-05-18Wwllr.jsjs 42d74e9be0d442e0bbebc6134157922913abc72510b235bfa67b53092757a2f4Virustotal results 30.51% Quakbot
2023-05-18Ibnu.jsjs f7141b5e0f8768e0c1d39b6da886c311b1ba7a4a1db8d4efe2c936270bc2f0c8Virustotal results 27.12% 
2023-05-18Pichwoq.jsjs c1044908da1da906878008c59c922860ec35f46da707552ee2bc0ecd86b9c0adn/a Quakbot
2023-05-18Xymgslu.jsjs 80f6fd82b28ccaacb151e0447865a17ab4711eefd8ab38eb96bff981a7077a9eVirustotal results 28.81% 
2023-05-18Wmdw.jsjs 32b63b6f4ee01c7737a32e2bfd61aca2c688fdbd79e9455010a3a5506954ff0aVirustotal results 24.14% 
2023-05-18Ivcvz.jsjs 784d0c23a7299fe8f5a79ce4f83765cd48535cf1afc25d542a0f854f8049d149Virustotal results 27.12% 
2023-05-18Hrbhsbln.jsjs b65cfc5c1f188f590ab7d7d6a20d1ea638a086a9be61e3442b6ea9388fda3c0cn/a Quakbot
2023-05-18Lxwah.jsjs 7cfdf6db2bcad8f5b911ac39a8da45e6a8bc3e53c287742c8afc09821a544c0fVirustotal results 29.31% Quakbot
2023-05-17Fidn.jsjs f2a2ace114103a041e79ed5165b96ac32d3595aaa0c8f1ff92533be7728179a4n/a 
2023-05-17Vgunay.jsjs 7723afb8d2a1417a6f0c808e628394b609e66227688064323ce47b25cb0505bcn/a Quakbot
2023-05-17Ukdqls.jsjs 1d57c903d9a9f7a6aafe34d3d44ced534b1878b64b93029c391c25c05c708094Virustotal results 24.14% Quakbot
2023-05-17Hdwizr.jsjs 09d00cc1758af4e79c7a38e65ba9555ccb18dcc1f628a22c1d9bd5a337b03d88n/a Quakbot
2023-05-17Xclbpuss.jsjs d2087d9119d773d88b9ed612b2300de62865eab8a6dfbab02955c20d0bd11582n/a Quakbot
2023-05-17Vustxha.jsjs 4ec189841fea600476bff49f643d0877dcdc3e3050e54e56abc5a7c492ed00dbn/a Quakbot
2023-05-17Egzhymil.jsjs f33a199b902aff95c3dede5cbfe632298042593120c23bc925987f2dcdcfce53n/a Quakbot
2023-05-17Puxkdfq.jsjs 13a6ff467c0d23f3a027b4af1e63ba3210cf2e2d9a96ad443efc37c077405c22n/a Quakbot
2023-05-17Ctzyi.jsjs db9779eab9fb8e7da2ca1e51a9c0730f5dc33c8aad7598ba7bb5534856e7649fn/a 
2023-05-17Wudxfiw.jsjs 5537db8705d2e2b6960b1fe9960acf0e13c08a66dfb245a504a7b0e9de45480fn/a Quakbot
2023-05-17Txhe.jsjs 28e61747424584a460bc60f658add3945921143a68cd3f171a8b24d60eda5f88n/a Quakbot
2023-05-17Rbccwa.jsjs dca7269f392f49f2f5c58e24202ab4646fb9f983fdfe63b365296e75e0a5df8dn/a Quakbot
2023-05-17Meonjxo.jsjs d9ce94ab14e21a287c910793b7ab24b1d02cc62bcbc9c8f1cead1cbaff6c46f5n/a Quakbot
2023-05-17Airlayp.jsjs cae472be9d7a33e7031e04103f73990c4a5ed223f5675314aef1e2accf1359b0n/a Quakbot
2023-05-16Ijzf.jsjs 5e67cc8e812a14b7c2fb7ca624d93235fe1768ebce79d9297ca4ed4c0a4a2c83n/a Quakbot
2023-05-16Xtddk.jsjs 6fdc5704e0ea25391a8543e629d8b92a0fa15db7401ac3604e825c0c3aceaeden/a Quakbot
2023-05-16Vmbwg.jsjs ca2cf975026bed09175a275f7ca936f06bdce0ad0606d0d4851010d899b9023dn/a Quakbot
2023-05-16Ocez.jsjs d971062af2eb670d1a88fdada52eb914589f89020e9406fe58233d33a3ef01fdn/a Quakbot
2023-05-16Bxehfg.jsjs b0cfd3e8a6935aa0d88f49e4b9b4abfc1c059473288642f2a2ec95f26956b8b4n/a Quakbot
2023-05-16Munb.jsjs 4c9c59330ccc7b4025e2a324debf0899587e2a05a047a18809497b4bb263faben/a 
2023-05-16Vnoks.jsjs b3eeeb5ed9fbe97fd6fdce130a8a8391fda03c49aa8221575ffcee4c65ba031fn/a