URLhaus Database

You are currently viewing the URLhaus database entry for https://sirinatureroost.com/rloq/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634170
URL: https://sirinatureroost.com/rloq/?1
URL Status:Offline
Host: sirinatureroost.com
Date added:2023-05-16 13:42:13 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100116549 created on 2023-05-16 13:43:04 UTC)
Takedown time:2 days, 7 hours, 18 minutes Poor (down since 2023-05-18 21:01:10 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Blfixxpo.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Fbexm.jsjs bb344db64af9411aaf11a0eb00925591940deb72da0e3b1684cd5dc6ce13c1fdn/a 
2023-05-18Oelbj.jsjs 99ad6e2718d4fa53c8b3e7479802548afcde5a374d0563ab49ffb0405d8e435an/a Quakbot
2023-05-18Nqrqx.jsjs f15cee857739e493f0b99f7ec002e9fd76dd37b87080807a922a414a5294c989n/a 
2023-05-18Uuamjff.jsjs 1ef243d363359aa7c5d8ab0a55ffa52a9302f63a3750df5b8408c99641bb9ab9Virustotal results 25.86% Quakbot
2023-05-18Qudzzxfe.jsjs 2ea57f7ed2c3148b87f87bed297e9f780f369a71667342ed01a88fc779a24eefVirustotal results 33.33% 
2023-05-18Vaetbgrk.jsjs 8a1f226245e5f15e87409d617437e6d102c8267d28d1bdb3f198a89620b090edVirustotal results 26.67% Quakbot
2023-05-18Zmxdxd.jsjs 13efaa86942839a33c87960d6b95861ace793c07390276ffb3d9329cfeb07034n/a 
2023-05-18Lxbrmj.jsjs fcddde4aefcc392bf143eaab986f85fa9fea69d7d232194ecf6c3080b8b60a1fn/a Quakbot
2023-05-18Iepuhsr.jsjs 0281a8abb9cc25356770caa1340573c19ab7bda7d5303f43a60a52b2b9154067Virustotal results 25.42% Quakbot
2023-05-18Wysvsdvc.jsjs d5310c601c98c90eb1149ea53a24b05711bab888bf14ec14f88d5c7bb5dd59ban/a 
2023-05-17Swlin.jsjs 68f73fa35cc8f6df9d84c782adc127c0af8e5c03ac541bbbee241e8edfdf685fVirustotal results 27.12% Quakbot
2023-05-17Skqo.jsjs e6473de8eb0f10d14a04ffbd68eec65c5efe6755a2bca86fa2fce1a0f317a9c3n/a Quakbot
2023-05-17Hgxwu.jsjs 28e8b66452412d01288417d1253f85d6981dd1fe21d53dfb5cbd49822a60cdf0n/a Quakbot
2023-05-17Ebdz.jsjs 53b3144d6c4d4163d5317d32d6bfcc11069a721edc167234c3599a6e2aae5274Virustotal results 25.42% Quakbot
2023-05-17Qxvhudqe.jsjs 95f993cc876a8c3aa072647ab634b4ef2df037d739e781cb6f6b4e90ae5d6889n/a Quakbot
2023-05-17Phavbl.jsjs c3e99de4200fa77aa025ca9c3691f352cd668d0a77b4f467305f66cb4f933618Virustotal results 16.95% Quakbot
2023-05-17Puls.jsjs 479435405ce11b58fbf16a8d7d4f3f1b2d8952718a2dd79f8c0e4ecb91176be8n/a Quakbot
2023-05-17Sglfhm.jsjs 7224199e27dae6a704165ba28583b47cb28daeac0b7c11d93af09f57273b5614n/a Quakbot
2023-05-17Nwgwau.jsjs 39976ac4e251eb6fedf6bed384d9b8232015dc599879332ca9c0c2644ee82d85n/a Quakbot
2023-05-17Tdmg.jsjs fc1b8be65188f8b5e79ac160e01f9d0a618b1a626742dc1bc72a273081d50d2en/a Quakbot
2023-05-17Lshvtcu.jsjs 1f976c2ff9348c65c4a1b0f1793037aeda50b7810771b7375e1b9dbbf6306738n/a Quakbot
2023-05-17Mabrpub.jsjs 3ce986bf4007774276112f5fd887673a0b16fdbc016e462cb7af5ce443c04573n/a Quakbot
2023-05-17Avbmq.jsjs a6881b6cf5830c7689200dffd237518f07872a9690c3312a61ad346dbb8bc92cn/a 
2023-05-17Xuujhym.jsjs 30560b068c9e9dfa0381ecc8407db460a4467df4b48f14ae24149a56607bbf62n/a Quakbot
2023-05-16Zbysh.jsjs fb60b2baf12c12cfd827490388403907c8013ac63ebe179f507d32c7acbe95ebn/a Quakbot
2023-05-16Sqdrb.jsjs ab32109a85d6c8d0cab5cc0771ce31ab903ac0f4832d95a5b0c1dbd76feb0bc3n/a Quakbot
2023-05-16Slnskv.jsjs d6db4517e57c962ddd4daa11a1d22732ed6b1e37a980ade212878cefded638c9n/a Quakbot
2023-05-16Umvegrqw.jsjs 0fa1ca012895f406182eb921378f5883235995078d5090a58e8c2790a0545a41n/a Quakbot
2023-05-16Hulqa.jsjs bed68435fa364ff8338001e5f0f8ea80dec7e364e45ee2b585196bce938ae674n/a Quakbot
2023-05-16Gexhef.jsjs af6639e835e3a01b843542792454ba8cf136c5730dda28b91cefe86942dfa3b5n/a Quakbot
2023-05-16Lineusas.jsjs 8ba5ee3ade7279b672101b489e4d6083da4071dd9a35d63fabafab52ee7b89fcn/a