URLhaus Database

You are currently viewing the URLhaus database entry for https://tourguidescambodia.com/ie/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634229
URL: https://tourguidescambodia.com/ie/?1
URL Status:Offline
Host: tourguidescambodia.com
Date added:2023-05-16 13:42:22 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100116556 created on 2023-05-16 13:43:12 UTC)
Takedown time:2 days, 7 hours, 17 minutes Poor (down since 2023-05-18 21:00:15 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Ykpedfzq.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Veoa.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Dpyheh.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 24.56% 
2023-05-18Sooxsgt.jsjs 64116a9a347c4f914321f159d7308e0c159d019f4ad4fd0bbdd94d250a8535a3n/a 
2023-05-18Bwxbzemd.jsjs 88f6a8cb20802cddd090c331d20f9642aed6deeda17214154bc2017f911d61c3Virustotal results 25.42% Quakbot
2023-05-18Relhxzc.jsjs aa49eea2c5b828df4f85742d3d76bc365ee6c18721795dfe567bd8be0b360d61Virustotal results 28.81% Quakbot
2023-05-18Vinbnba.jsjs b4b9340a057e2f27555df973e95af7d75b991cadbf943c5f48de2cbda1e3edcdVirustotal results 29.31% Quakbot
2023-05-18Oxytqq.jsjs cd8a39cd43a8cbb2e0c04b201b7df230226fe2dd696ab5c20c9ecbb16cc723f3Virustotal results 25.42% Quakbot
2023-05-18Yqolie.jsjs 7a1083b3edcdb5d47bf9938417f339c556c4737e9886bb9cd51ce8eceb3dc5dcVirustotal results 30.51% Quakbot
2023-05-18Yrprxje.jsjs b726185bac5c9502b0014a711f793d0559b2d0afcaf5cc376d063cb315412020Virustotal results 30.51% Quakbot
2023-05-18Whtysa.jsjs 27f17e9ee4e8f78f3e02acac452da67130c961c7c0d07e9ac05fe68ed2f3c07an/a 
2023-05-18Hrcrgaz.jsjs b88c04bb3bdf213453514ee3d92c8a7fd5f5e014017ea615f8df49c9c0a7ebefVirustotal results 27.12% 
2023-05-17Hycuak.jsjs b77866fad79584d4eeba2fb19ac488731b788c0c7c1ca30001f91741db44e06en/a Quakbot
2023-05-17Xbfbhxx.jsjs e6473de8eb0f10d14a04ffbd68eec65c5efe6755a2bca86fa2fce1a0f317a9c3n/a Quakbot
2023-05-17Velkrd.jsjs 93492712919e0adee85ebe16363f99eb8fdbfe7f055f8645bf21322ce803cc13n/a Quakbot
2023-05-17Fyquvt.jsjs f32e1256022a37c93429f2df0c87540583119ca913c038a1bce835786a3891a9n/a Quakbot
2023-05-17Zxnuq.jsjs 72c9727d22512473f4aa27d93e0c15ae33a95784d9804b057275d0d7d8b0a361Virustotal results 8.62% Quakbot
2023-05-17Ctwtl.jsjs f5aa3695ae64a4d74e1b05d3df7788674c2071ec3266a262521991149f02fc95Virustotal results 16.95% Quakbot
2023-05-17Ltjj.jsjs 148425d44762a381cbc5cf7c9e0e7fb44d71f7162439e78b219929274f34d19fn/a Quakbot
2023-05-17Obuigdh.jsjs 968aa54cb4ba059d4d87876d9ac04733f7d804d47757f6c30d36b1eaf655229cn/a 
2023-05-17Dvwrilm.jsjs 1da0d3f6b2fd5c9e53d939c0138decaafc5989225aa6da8be31dd5d36f0eff77n/a Quakbot
2023-05-17Zgrm.jsjs a4faa48888879419ae28ab7a451fa0d4e39fb2f455a2bec161b530d0ce437b7bn/a Quakbot
2023-05-17Giyxlwsy.jsjs 3ccc1226370561b0f1b450be77e7c806dff8e95272b21b18a860c61ec900260dn/a Quakbot
2023-05-17Okrf.jsjs 1a0fd81404a3561560047e8c32a2eae455dd879e6b7e6470ac7c41e8da9c1a38n/a Quakbot
2023-05-16Xzuyep.jsjs 99846993b0bdf80a00796953ad155a52fec77027e9341e703f216ea29ebe85ffn/a Quakbot
2023-05-16Mafhz.jsjs 6cd55ea8eb389ef2d422c3d3bf2edc9038c72b2147a846ee236219fb0ec61eb8n/a 
2023-05-16Qqzwcg.jsjs 00662c5304fa446bcf6c4c8854fc49f8fb351c51d82513615b6f7840f3ba8be7n/a Quakbot
2023-05-16Lgwqro.jsjs 3e9913f3a2de6b5c3908fef2e1ccadb3a1bc0141565ba765deb199a5ac77d6bfn/a Quakbot
2023-05-16Byabfq.jsjs 704ed1a9aa773d8892d830bfc757a8720860247d82d240f1e5e2642d9dd34babn/a Quakbot
2023-05-16Abtrjp.jsjs 6012050a9c7cbbd7c82c1b6173ab998939c103e2b3309f370cfa72c6dd38bce1n/a Quakbot
2023-05-16Bgzolte.jsjs f720cbfe6523179231390b8f04fb92f81dd0c70d359f2cfe7846ce67228da1f9n/a 
2023-05-16Koifm.jsjs 3e772748c85d915403d6b1a31339cc2cf207dbe43c49b3d3bdd2da145ec4c0acn/a Quakbot