URLhaus Database

You are currently viewing the URLhaus database entry for https://sephari.de/sle/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634168
URL: https://sephari.de/sle/?1
URL Status:Offline
Host: sephari.de
Date added:2023-05-16 13:42:13 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:44:05 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 7 hours, 52 minutes Poor (down since 2023-05-18 21:36:19 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Rzgkz.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Xybi.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Onnujbac.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Spttse.jsjs 01f0f7d173f697e3223aa9417344ff357446f526bdc33089363152642ae6e363n/a 
2023-05-18Bltgdy.jsjs 2ffe30857db286ab5839fb47499480fff446371b3c1f8df2d8dde6853266f088n/a Quakbot
2023-05-18Zxsq.jsjs f6d73eed4ee4cb252294f53568ea49c055a4a65267b79e8491ace852655d5575Virustotal results 27.59% Quakbot
2023-05-18Hnfezy.jsjs a0c936769d05f511e808dc9d178d44c1b60779ae7ad0e7424e520b2e75ce335cn/a Quakbot
2023-05-18Aahnfef.jsjs 971bd37b998eb4ec97738fb7c5f921bcf1fe5ca6625167693aff2cb06a748e7bVirustotal results 27.59% Quakbot
2023-05-18Dpqf.jsjs 4fc44d998f2dd5c9dd8a2b1113af13a124201f3cd8b1f55511976b52294ef5e7Virustotal results 23.73% Quakbot
2023-05-18Xllj.jsjs e4ec32150d6e87a71d76e7b2f71274e3ac9a2b263e4fec937fbcf4b766731192n/a Quakbot
2023-05-18Zemgm.jsjs cbc57ebccb343515692b47782246ac3ce19ae8ae335ddc9895810261d11cb663Virustotal results 16.95% Quakbot
2023-05-18Dyuiz.jsjs 029b6f2d9cfb0a2a335c9b9377c1dac9e71206e55f6f82c7d3c0e2edceb9b734n/a 
2023-05-17Vqfwbfmv.jsjs 88f6a8cb20802cddd090c331d20f9642aed6deeda17214154bc2017f911d61c3Virustotal results 21.15% Quakbot
2023-05-17Aoeifzpq.jsjs 900d17d88446041eb9505545c8b6d8990d865e23d54f5e82f92384a8cf3d87d7Virustotal results 27.12% Quakbot
2023-05-17Ndud.jsjs ba77ea0ae3afe4582d390d1930a3792bde2ba411df7e3c05ae156306c5cd46e4n/a Quakbot
2023-05-17Guxx.jsjs 6da5adb44a26381ff077fb8a45c8d20a4888393b3fd5733d6fc8ac4519809c94Virustotal results 25.00% Quakbot
2023-05-17Byeigzz.jsjs dc0d873178c61dae13dac14d65611d4716e9c28ebfa216e32126dbdd1ac971ben/a Quakbot
2023-05-17Tqeg.jsjs 0af9a445f31e51c20a58fad5f35d353da59c49e684bf1db02c436c4d7f7f18a6Virustotal results 27.59% Quakbot
2023-05-17Sblj.jsjs 0651c77d8fadac8f6e3798ca1534ef6af11482867d22cfb20df41d868c3cc727n/a 
2023-05-17Eqiwbre.jsjs a0220d487566d1243b11c30ea5d37349418d84e8f6eb6013e0792aa4b11236c6n/a Quakbot
2023-05-17Bfbyqtm.jsjs b02c8d805cac7c8b9068d90e1c3ad2cac394205ddba86d87dcef2488dd2801c0n/a Quakbot
2023-05-17Jwozml.jsjs b7ff49ab1d7becc64285def51674753a9f6e41e66cff70c38c8848818394b807n/a Quakbot
2023-05-17Gigfbqpo.jsjs 57f0bc0bcf2715a940917940ddb3e5407f0e63d68c9be88b9e9d0847f708b6ddn/a Quakbot
2023-05-17Tqwshf.jsjs 0b9b59c74a8667ce550aedf7e2881931deda820fc318be8d002784757cdb21e3n/a Quakbot
2023-05-17Yaiwlfs.jsjs 42e449db0338f55c73390664c6ef9daaf606098aa972b8275a9cf7cf8ea488e0n/a Quakbot
2023-05-17Zhsoow.jsjs b38c1e78b2ba9c1084e889e29ece5d20695189b09ad6cff2cdb6b82b1919e197n/a 
2023-05-17Fuhrdasn.jsjs 6adde60d214d3fe3ca27d4ea33c673297f8f2ccba6d80aec69cce63e48d55fa9n/a Quakbot
2023-05-17Pdlglef.jsjs 09f90ba5f1f133e270aa8f998898085d69a1b5301ac3cbab9f9d9f1fa0cb8493n/a Quakbot
2023-05-16Bpmm.jsjs 6744bb77efcc038d4641e65f9e76f31b75344fa723d1ca2e22abb723694c12can/a 
2023-05-16Hwncop.jsjs 9470348f78d4c1300cd6bf6d9a222de85547dba13dbb9c20307bc1063cde92b0n/a Quakbot
2023-05-16Potzy.jsjs 53d1b8488cafbaa5ef471b5fb2799cf2334a09f42a6d3df8548a0035090b6584n/a 
2023-05-16Vmuvq.jsjs d2e19ef0942b98b16e0563a2dc08a5ee9bdc15645e4538e4090fca1f338f1e6cn/a 
2023-05-16Lmss.jsjs 277f79fae69b69879ecb214b3e8ca176c1c81b3f21dcc1a79d449ee012a3d1b0n/a Quakbot
2023-05-16Vvrex.jsjs d1492c9eeeed1d8b8bfc3bcf8bde1cca2a56b81673ddfe434b9f7036bfd054bdn/a