URLhaus Database

You are currently viewing the URLhaus database entry for https://nomadecartomancia.com/tlv/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634190
URL: https://nomadecartomancia.com/tlv/?1
URL Status:Offline
Host: nomadecartomancia.com
Date added:2023-05-16 13:42:16 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:44:28 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:2 days, 7 hours, 21 minutes Poor (down since 2023-05-18 21:05:41 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Wavh.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Gvbbw.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Picpwjo.jsjs dca40ac9298a6376a017742d471a76ae41b887c025506aff8cf07e4bf5239093n/a 
2023-05-18Czfnxo.jsjs 59eafea575993fa2b9b1a5a60ec2852f5cbda6491cc6c163e79d91e7fc9b1d7eVirustotal results 30.51% Quakbot
2023-05-18Dkiytio.jsjs c3b7288bc652fda94fb09ac95870f66d2e355b6637b09d5c9fd1b7d64d660a52Virustotal results 25.86% 
2023-05-18Qgnxhb.jsjs 4de2124d922958dc3b36346c1906578b79f12a6388ef771a7f8503c21e30af78n/a Quakbot
2023-05-18Bzfgt.jsjs 82cd8d7b9c35490bb2685891e16cfd099b8290ad60d557532fe6ffcdc79b6b88Virustotal results 27.12% Quakbot
2023-05-18Lprva.jsjs 6b01b5522683c655f6e33fc4ecfa2ef55bae886a543ba306b61dd976a892fe96n/a 
2023-05-18Xmfoz.jsjs c97e0d75191c3cd583de9edf9cef56be0b4b4bb3e072a64e3fd6133eef6ea96dVirustotal results 25.86% Quakbot
2023-05-18Tiudb.jsjs 6f741f3bd19d3433e0618cd31b85f73aa09fb1dfe670c9e5a8e0ec01cf274495n/a Quakbot
2023-05-18Yzqftlon.jsjs 2e6fa76c0870d4318d71a8defd95759f831cb88397931327f00478d853bc9525n/a Quakbot
2023-05-17Rojhcgif.jsjs 992ec3c1bccb3793a6ae36e909056122ef9e442c16c17bcf9d771c90b85ee980Virustotal results 22.00% Quakbot
2023-05-17Dyrjeb.jsjs 3dfefc0e91ce9c601581448bcc12aa145f0ae317f0c3bf6cd09b4605cf679ce0Virustotal results 25.45% 
2023-05-17Giblpvy.jsjs ceb8cce48cb241bf1dbcb587ed7d6d8d4c9fdeb5f87bea993602228464eaf9a5Virustotal results 11.86% Quakbot
2023-05-17Nsep.jsjs fab89deda2e8de1afcdf4d43b713652dab42ebcad6b4eddcd3b225188a7e3078n/a Quakbot
2023-05-17Brogd.jsjs cfc68b43d74cf7d5fd05920f53d7e80393899308fd60fbcd60c8582770294bc1n/a Quakbot
2023-05-17Awjz.jsjs 0b26bdb33f82264e6ee139e028f16f756cf3c276a5c8fdc923aa5d5e2e385872Virustotal results 24.14% Quakbot
2023-05-17Cghdihu.jsjs 817e3087dd09d826cc20a0381d67784b264c51a854134ac760b9219f49d58f0dn/a 
2023-05-17Kguigz.jsjs 27145bfe9d31829a17e3a3c7a0eb03890f51536c2ad2780cc3afe168a324e087n/a Quakbot
2023-05-17Ownbwwsy.jsjs 0e2c4876d0b0615dc6f3b8ca7bc2f23c9d4615b7e45864cbafe0c3f6229999e7n/a Quakbot
2023-05-17Eebe.jsjs dd3ca8a837e92c7f017a457422f7481c5257ed8b9c55f8304b56cc0d69b9e509n/a 
2023-05-17Ohvohnqq.jsjs 5079859140169fe61a0cd0878e1ca9e1825e7f46c3ae9618f51bb9668f78b255n/a Quakbot
2023-05-17Vyizsupa.jsjs 8179233dd08cde68df757f39664737e3e25a69c92af277d1549d5ec09b81b6c1n/a Quakbot
2023-05-17Apkk.jsjs 151e2b38f89b3eb29bcbaed188abe42b41809eb70f9a26e728a570ad1acb7aa2n/a 
2023-05-17Wsslh.jsjs b988247920752a4894fed23dbdffc0ed661c300136226dfdc69211655887c09en/a Quakbot
2023-05-17Kxfgqmfe.jsjs e3fc4c6758fdc145607326b28e3a4ad97abf329099542b02c41e98f94ce0c8edn/a Quakbot
2023-05-16Dckzzkt.jsjs ef67e7a67cbdf44a43fb5d9b5714f0087fc2db4eae8fbe8c237baac639c6e2e6n/a Quakbot
2023-05-16Yoit.jsjs a6e3041bc2600b508636a980b1e587a38dc98f2b7bded142d913aaa042dee864n/a 
2023-05-16Wtayantf.jsjs becc6e887ce939461129affa4d9e01c48244e2cc175524f17ae5c17b38d488ddn/a Quakbot
2023-05-16Fzmual.jsjs c1f8f0d419941c1ec88b56663e76191788e45e15da18fc5480794c5076f7ac3fn/a Quakbot
2023-05-16Lbxn.jsjs 901ae1ed6457a41d330dc4d22c84cbbc3c2395a25d01d9fc18ac19858e707ff7n/a Quakbot
2023-05-16Ztowqsp.jsjs a67a9a8c7fab1bcfeed50dd72e59bf80e2cb500060970cd34a62637dbe022d92n/a Quakbot