URLhaus Database

You are currently viewing the URLhaus database entry for https://lesdeuxpalmiers.com/qu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634144
URL: https://lesdeuxpalmiers.com/qu/?1
URL Status:Offline
Host: lesdeuxpalmiers.com
Date added:2023-05-16 13:42:09 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:43:45 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 7 hours, 48 minutes Poor (down since 2023-05-18 21:31:52 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Cbxpzl.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Jlnnj.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Popm.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Qjvlsx.jsjs 39349cb32dc62033a2873ba37de59ab9b53950e12609264e1e0ed47d3b20e375n/a 
2023-05-18Yezkbmss.jsjs 043c810fd7d77672928841fc44891531ce536c6b4cfb9a4e54529c20b36eecd2Virustotal results 30.51% 
2023-05-18Frpkgc.jsjs 5cf5a460458dbbeb9dc56a1055cc11cf9105c55fae9b828a1884c3899001033eVirustotal results 22.64% 
2023-05-18Wvjaerf.jsjs d25526dc27feb5e67f938d4b403a9dad1250e9bad80e8f4d66a22d696dacc328Virustotal results 32.20% 
2023-05-18Zzff.jsjs 6637cd86cb6d1780d474d49c347f8accc08a24f73ec7d212ecaa591e370d7e1dn/a 
2023-05-18Puhc.jsjs 4f9c04f40501ff342f07c66108d89ffff23f8fa85ac574a2829cd65a757aeacfn/a Quakbot
2023-05-18Tvzyl.jsjs 621b5cf40077c9b8235e3525da2dea7b28a80029ac3f7ee7477d78c780f4b8c7n/a Quakbot
2023-05-18Ldrm.jsjs ccfd3d544f060b0b45133acf8df8a753724ec29a916820e53f6e7692dd785c8dVirustotal results 21.67% Quakbot
2023-05-18Rhxbsl.jsjs 35d190768891092e8f8616f00d3025020bc0f09ebb09adf865eae0b23547a459Virustotal results 30.51% Quakbot
2023-05-17Pmhjhdg.jsjs 50ea4195ce44fd0c177d6c8bca4b2a4f34676b3b8cbddaa734fe11cf5a265f01Virustotal results 24.14% Quakbot
2023-05-17Tlbncgw.jsjs bc08bfae3a441cb9485634aeda5f5ae4cbbe5e36cd98ce7b2812cd62ed4e5034Virustotal results 25.42% 
2023-05-17Qjvwyn.jsjs 32b63b6f4ee01c7737a32e2bfd61aca2c688fdbd79e9455010a3a5506954ff0an/a 
2023-05-17Kohfer.jsjs bf6a2013ee6092e2d291a06d2f69e617b318a1e842a0d559b91fa1b8f8ea1a1dVirustotal results 25.42% Quakbot
2023-05-17Nzarj.jsjs d50736e0dc6f86a7295550e45d34bcb51be1915a810402b50f05881002c45135Virustotal results 22.81% 
2023-05-17Rouotv.jsjs b45fa98328f6170801cd88be88f4ac670f2266e2ed383e78f37fdd5d860dc695Virustotal results 30.51% Quakbot
2023-05-17Jqvdy.jsjs e3c9723f0c4736015e73df036ab893acc6c4160034969cd8a155187d7f0b0205Virustotal results 30.51% Quakbot
2023-05-17Nofmuxn.jsjs 19add01de5eb9fa85d7bed9badc8daf24f0083faf06b7eaecd8b1efb21be5428n/a Quakbot
2023-05-17Hlrlub.jsjs e0a297ec09ee5970396b851db9062c7bfceb6f0ca5bab28901c0aed58cfaa3f9n/a Quakbot
2023-05-17Uimfoqm.jsjs 8ae6afd114b649e0e25434eb9c789a69fde7125be0548b45db926c43d8e02792n/a Quakbot
2023-05-17Sezotyb.jsjs 2e891f2c1a354b2c3226940b03850fc1065519c8fe3a7a7cd612bab2501969e3n/a Quakbot
2023-05-17Phpd.jsjs 052f924f61ce661fb6da065d6e9a89f55029528d960f1f443f1040026f756ea5n/a Quakbot
2023-05-17Cllgj.jsjs a8b5f14f18b821a7f24957901ea193cb0bfcdc045b0754ce013d5a4fabb9d269n/a Quakbot
2023-05-17Vvsuujky.jsjs 5fc09d56f5e1e4f501cc91cc4b380deacc43f1c8c02fcdb3e37dec9cf46e032an/a Quakbot
2023-05-17Hnbiqzzo.jsjs 6a0b5b3ea8e731f222675ff1b73361796317da9af34a12d244566bc1c15cf4e3n/a Quakbot
2023-05-16Lgdh.jsjs 4c38ac3daa67fd39cb16bcab2201f033a7ce54142ccbbeaf991d4c02348ec125n/a 
2023-05-16Zeapmq.jsjs 512b8362c73642c430901715e79200dc29583f7f2ad30df6689d2fb7f23a632bn/a Quakbot
2023-05-16Zhwlgq.jsjs e955c55b7e8c1b1cd683f41e09c67e8cf9fc1b8c6ac4fdd62607ee974832d7d9n/a Quakbot
2023-05-16Wdyoi.jsjs 4aec0b7d807d5747ae09fcb826f2d1ead0690bfbdd31e36c51de4e5d7875018an/a 
2023-05-16Kkhgvy.jsjs 655d97e09eb00097f0f546cee5f27390fa26a64935871b4868e8d337e671491fn/a Quakbot
2023-05-16Oskncin.jsjs 14c74326de3860dcc67d82821089655bb86a4574a994809e69e7ba48d15d8e5cn/a Quakbot
2023-05-16Hlpdozud.jsjs 9435d38b3607ad9867554c984604f0bcdeefb965b3549cbe50aa9821c5384cafn/a Quakbot