URLhaus Database

You are currently viewing the URLhaus database entry for https://cimbracapital.com/eesd/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634202
URL: https://cimbracapital.com/eesd/?1
URL Status:Offline
Host: cimbracapital.com
Date added:2023-05-16 13:42:18 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100116551 created on 2023-05-16 13:43:07 UTC)
Takedown time:2 days, 7 hours, 20 minutes Poor (down since 2023-05-18 21:03:44 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Lyqxu.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Oyxmkbv.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Nymwa.jsjs 5bd1cd3d5577e5ebadf35b3ead44c16e8d4c24b5e1c0f37043cf26a33eb5e301n/a 
2023-05-18Qdopocgl.jsjs 7a4ab56c0029ea06eceabbc4e8b9f005b37b97d1ea376ed3db95729269780e17n/a Quakbot
2023-05-18Awqfg.jsjs a357a8a9b62674cff6660b76659f4cd36ccd979d44937371bde57235d81c392en/a Quakbot
2023-05-18Vkynx.jsjs 0eb9fa07ffbdae465ca7afa7b68b6b38311315046844cd6ac97c9e3b77d5fe99n/a Quakbot
2023-05-18Pjaowalu.jsjs 66a44d6ecc0bff8550c4f8fd93b40851e019bac6297339dd180d268ed9bba451n/a 
2023-05-18Ltnoco.jsjs e097747aa43ca0c5787d98ebdab3ab67fda12444d287a4a0702a670f0b2494d3Virustotal results 11.86% Quakbot
2023-05-18Zwjaxbx.jsjs f9a03e213a2bf36d23d4a6877af8261834b3049ed458410c5e8b4c6da00e2383Virustotal results 27.12% Quakbot
2023-05-18Ttkqovjg.jsjs 38994d258f8bfb97fcb4ad671d962c6f000efb90f29ef01a8ca9881d7a206c66Virustotal results 27.12% Quakbot
2023-05-18Cwez.jsjs 9a649ac76d537c5f4ceb023745e2fcb3a6ed8443c46ac1f2dbd7da98f0487deen/a 
2023-05-18Hhzb.jsjs ba4eb74cda0088a1269ede2dd12d974109f7b392ff522322070233d302cb3d01n/a Quakbot
2023-05-17Irerkvd.jsjs c66769c1beccde8a71bc20172ba3978dfa20fa8e27c21976b94c10327af6d4caVirustotal results 27.12% Quakbot
2023-05-17Frsbap.jsjs fdf950ea03d008fe87c7f897e464c152d19d8f830013223033ceb1852f37ef5en/a Quakbot
2023-05-17Mveh.jsjs c7350bae160037853cf976ce2975bb3bf2a766449f69080fe67c733cbe18e005n/a Quakbot
2023-05-17Xvoarft.jsjs f1cd10870a25ff5450774a8498966cb5bddf350a269b79fee66a198f6cf3b7a6n/a Quakbot
2023-05-17Jdee.jsjs 56e958c5170fa27748c823f1145b93644170f72706fd132b2dfeb286ccf1192fVirustotal results 27.59% 
2023-05-17Elkxcz.jsjs a1353f7898cc49901d6c5dc01063b60be173f0ab2378d18348e3b766cd3a9913n/a Quakbot
2023-05-17Mytnoyg.jsjs 12192827670b662a9579071e74b217aa8a0ec83d54b8a269415ce0f7d7b5e86cn/a Quakbot
2023-05-17Ufdnfyb.jsjs b79ab5c38c1ebbbb8b45734e84cac239627321cc37d6ea211945720291fa0e3an/a Quakbot
2023-05-17Ohybjo.jsjs 6c8c1d35b3d2df848553232f9d076beb79e1ddc4ef814e77ee2c45e009b9f746n/a Quakbot
2023-05-17Hmvcjtnw.jsjs 7ac1b0b0d6051ddb9f53f0ea620130994233ed1a1505e6b2ea8ae08b9b6d64d4n/a Quakbot
2023-05-17Uycmmte.jsjs cf7b7c700b9e61eb0e3d01ba80da021058603190e6d7754ebfc4203bc7278afan/a Quakbot
2023-05-17Yoqsxto.jsjs d287135495a8cea79131fd5d28b2c521f8e92e80f7482c904d52ba173a3c4de8n/a Quakbot
2023-05-17Onag.jsjs 3da39a68a17612027518f7fbbe76630a84b3b3fec1c50e00f823474a5b510c3an/a Quakbot
2023-05-17Xduhvko.jsjs 618be9a433e54fa78244a8da319d1b8e763acaf6eb092da83796b6e48afafa0cn/a Quakbot
2023-05-16Avtzmfdy.jsjs 625c285c933871dd09feb8053f1ba8cd1b8dd9e9609aaa06e93cff2b657112afn/a 
2023-05-16Dbizvqkq.jsjs 5780033c564ebeb325a92d1aa1bbc67523c07fe6ec1887d8c73180b09704fc4cn/a Quakbot
2023-05-16Kuurn.jsjs 52d90011e3de0f307e29aa90ae0e57648104d75317725fb738022864bb0fbb44n/a Quakbot
2023-05-16Lnfa.jsjs b6951446e813bc74d21e218dde330e40400f5ca7a4790e05bf9c10e59b3f7232n/a Quakbot
2023-05-16Pdlpzj.jsjs 192854067a0296c670cd10a4d4e583db581d2cf1494ed43d4b13bbb2e5c97bffn/a 
2023-05-16Jwoykjd.jsjs 384ed6add8105fe366b62c24f05e3178c5e959065e5a68b9b6d3401d18a24930n/a Quakbot
2023-05-16Pmvu.jsjs 1a594707254d9a94ec36cb8b924a52bd5501dca0a7c1fe737cf6ca6e42043b09n/a Quakbot