URLhaus Database

You are currently viewing the URLhaus database entry for https://strategycandle.com/nmeo/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634222
URL: https://strategycandle.com/nmeo/?1
URL Status:Offline
Host: strategycandle.com
Date added:2023-05-16 13:42:21 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100116554 created on 2023-05-16 13:43:10 UTC)
Takedown time:2 days, 8 hours, 49 minutes Poor (down since 2023-05-18 22:32:36 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Bvjf.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Iihpzds.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Axneclqf.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Cswdd.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Uqzy.jsjs f6d127fa14835ecd427e6989f06b137fbbd8cd57a0887d2a4f163f8b6c4af9fdn/a 
2023-05-18Zilbo.jsjs 93be05e8c37282bca34649a25ba07962fb7da33e5799c01e05c15cc3b72589ecn/a Quakbot
2023-05-18Nsckzsn.jsjs 2312d94387e675afd3db56f1fd5419a3a083bea7bc690341fa3d49d3e3f69f53Virustotal results 27.12% Quakbot
2023-05-18Jmqn.jsjs 42d74e9be0d442e0bbebc6134157922913abc72510b235bfa67b53092757a2f4Virustotal results 30.51% Quakbot
2023-05-18Jpfj.jsjs 1d57c903d9a9f7a6aafe34d3d44ced534b1878b64b93029c391c25c05c708094Virustotal results 24.14% Quakbot
2023-05-18Eafjsco.jsjs fd0ca1aeb929c31a64a1ec9c5027c0c2c644161a6fe7faacf6ea8ec30ca8806an/a Quakbot
2023-05-18Ypyjwtx.jsjs 8f5bae7c3310650dc125b9223695f4a40a6d1394f6f6f9dff466a3e53099ba7en/a Quakbot
2023-05-18Vamujbbg.jsjs 2a38d5dd759f5e13e433429b8fbed42e9b1fa7de9f671bf87d0739862847c16aVirustotal results 26.67%Quakbot
2023-05-18Dncgaonk.jsjs b7aee295279db7ddc9a5aaf2c89b1395f0a2c3ad92cabddcb41b024dbeff9c64Virustotal results 18.64% Quakbot
2023-05-17Aregci.jsjs a357a8a9b62674cff6660b76659f4cd36ccd979d44937371bde57235d81c392en/a Quakbot
2023-05-17Pzscj.jsjs 119865e21bd0f564ac17f9e36940d9360139b87392fa02dce3483f1a789ab4abVirustotal results 24.14% Quakbot
2023-05-17Pkxko.jsjs a4633a3bade267edfd4e6171fb238320ca7b8fc6ce56403954409c8af38c4ca5Virustotal results 27.12% 
2023-05-17Qvlvts.jsjs becfbdbbd5a9cfbb918940eafdd8f586133d77eb11bfc5dac1f96e7787abfd65Virustotal results 22.81% Quakbot
2023-05-17Znfc.jsjs cee11dd3e06833ff80c75ab19feaefb05e62b347d9ed97e9ecb8f4ac5a889f95n/a Quakbot
2023-05-17Ytjrm.jsjs 0b38200ce89d27eea5fb23346b4015cb585d0af5fd4f176a7c9bdb20ae369a4eVirustotal results 25.42% Quakbot
2023-05-17Enhjtpo.jsjs c2c29ea19d16a1a70e365c2161d223994c0610958fe527bfcb605ed47c4a4d44n/a Quakbot
2023-05-17Vgpg.jsjs ba4eb74cda0088a1269ede2dd12d974109f7b392ff522322070233d302cb3d01n/a Quakbot
2023-05-17Gibqxudi.jsjs 7001d12f0aff0c6712230ed17f0fa70b2b0f2f7f58554663f28e687b643386efn/a Quakbot
2023-05-17Cychhc.jsjs d43f96dac125a7e7a221ef5b494c8dbfd9888caaf704d7265d6a6443f9626c5cn/a Quakbot
2023-05-17Kdgiebok.jsjs 7077268371e40385bc6cf9bf7105b845e89bfe87e694771027070f9deee7dd41n/a Quakbot
2023-05-17Ivhtsq.jsjs fa7d6648bf3891e933e618268b30cd85ae83c57e4e71b2527c34fc29007e64een/a Quakbot
2023-05-17Wycjaw.jsjs 7d6d5be263b7f09887428b7dafbbfc4c416f2379dd62332b9f5dc87a360e1a46n/a Quakbot
2023-05-17Yzpuf.jsjs 6e6937d09da6883cee31a5623099e57dd86ba58990ac0c73e84ca81f9e1da7d4n/a Quakbot
2023-05-16Vqwrfvau.jsjs 0443dbcf2b983509b06d86ee242a141d4a1ef698c68b854a676cfd5544cf1791n/a Quakbot
2023-05-16Kmiw.jsjs 2a61d949144b82019914554d7682662a1e12ea6f7428d5f4eb1b3db9efb99c38n/a Quakbot
2023-05-16Jflbgsyr.jsjs 89d31a80551a1a98ace9df97260e88b0a35c48d0dad84f75ad0bae920d2f79efn/a Quakbot
2023-05-16Gqace.jsjs 67db64de7d5da5448d470fadf99e61f196f8dd77ec95249a798c76ce8b12008en/a 
2023-05-16Eacwqk.jsjs 77e7cd10831c033da66b7d5bedd6f997d76d9b272ec08c863472877c1fde5d32n/a Quakbot
2023-05-16Ajodp.jsjs 00927f483ee85b3da4d64bf54c02026ed04c2d75883d07ea9994619911c58ad0n/a Quakbot
2023-05-16Wefawly.jsjs 50fcf618431878b0d01ca7196002559751817dea067f5dbbc5c920b16ecc2095n/a 
2023-05-16Rydntnlg.jsjs 789f4298cffc53d52be8c8e587a44cbd4bf46e542b7755d2f72eeb4be2f0380en/a Quakbot