URLhaus Database

You are currently viewing the URLhaus database entry for https://bemarvelous.org/roer/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634245
URL: https://bemarvelous.org/roer/?1
URL Status:Offline
Host: bemarvelous.org
Date added:2023-05-16 13:42:25 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:45:14 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 7 hours, 19 minutes Poor (down since 2023-05-18 21:05:06 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Cakhustw.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Vxjsga.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Fojwydbb.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.73% 
2023-05-18Aelcktta.jsjs ea84f700c5132b793e8bbc20dd9383bd71e86ffe8be7ec16ec7fd5ada9cfb33en/a 
2023-05-18Lreehiv.jsjs 19c40585627ffe423ed5f0a6da7706a51a4e068323d3f9cd2f54a01d45c02af1n/a Quakbot
2023-05-18Swcz.jsjs a4d5af2c7491cf9e8c6fc213f49572749af1f591ad0e453bfc3770dd17d884dfVirustotal results 17.24% Quakbot
2023-05-18Ibdwnozu.jsjs 81c46b64d5ec7559ae3287d14b77e2574baf7808d818c8b6f2375da96a544c50Virustotal results 27.12% 
2023-05-18Yvpyobi.jsjs 4cfd3cea6e5aacf340993648b46bbd6628953021cc5148be665b68de39755e98Virustotal results 27.12% 
2023-05-18Znorse.jsjs 75203d83c417a2bcd9a5298c46ac9c2befe4e75e7e2c40722c7b8f59a2232c98Virustotal results 27.12% Quakbot
2023-05-18Wren.jsjs 66131f1f9028038c86ecf420304c739126694a6e99cbba38c1bc18ae9c448ddfVirustotal results 20.45% Quakbot
2023-05-18Zuyctia.jsjs 40b44314a486ec7a8d570abd6d0edb8d6d9384e75de8dfd5d698783e701d3dbaVirustotal results 16.95% Quakbot
2023-05-17Bfdm.jsjs c5a390d1bf67c2241e5a9cb33cab3e83b41d4319c494c9f15d864cff3015e95dVirustotal results 16.95% Quakbot
2023-05-17Xfndwgwp.jsjs 8ee5d86b74cd803753d211be4c64578d8d39e7dd487d114bdbe044505063bb7en/a Quakbot
2023-05-17Lekiqb.jsjs 31bfb0e9f32a6891aa3b4bb9c1caeefec664295de95b74eccecf9eb67a2b84cbn/a Quakbot
2023-05-17Wvwgaswj.jsjs becfbdbbd5a9cfbb918940eafdd8f586133d77eb11bfc5dac1f96e7787abfd65Virustotal results 22.81% Quakbot
2023-05-17Xnyah.jsjs c6712a15900f7986ac9ad350dec34f50284b50e708bdeb42e320d99659f8d46fn/a Quakbot
2023-05-17Uovm.jsjs 0f979704b112aec8ec69c28f0075d45f2ed1aa14ddaa3effca523aaba13f0a6fVirustotal results 25.86% Quakbot
2023-05-17Pmlif.jsjs 2878ea27fb0bf41510c5a442c350ea2d31a71ee4c1532dcabf74f79b9aa1b3f4n/a Quakbot
2023-05-17Oijya.jsjs 0f84fb63f382f7d5fa07382924a980e68a9af465c630f026b8dbfeb5a804c7ffn/a Quakbot
2023-05-17Wtzjp.jsjs 8dc5b57ff6603a5b3b52ef9c1b9cd28435b36859dc2970803079d980f40f9f28n/a Quakbot
2023-05-17Avmivg.jsjs 75cc6b2abe019f2fcd4cd059d8481ba6491d16a1f55098076f62ff0b7cd221ccn/a Quakbot
2023-05-17Fpjrq.jsjs 8d97c834b0ad75211943089a7d4498217a5730f5b485eb75ac04647a4ae01c39n/a Quakbot
2023-05-17Lnwuh.jsjs 20cd844a0a1291497a4338b23f9dd97b20404406d5333c01ce2c9a457ce7d970n/a Quakbot
2023-05-17Vxjzxm.jsjs 7eaf0657eac598b7aced9677af6796ec4427c4614d74942979242b3d71619f3cn/a Quakbot
2023-05-17Manotle.jsjs c1606f744ac54697bd6cf1b9defaabd0aa7b35095da0580eb96acfa894ed9c09n/a Quakbot
2023-05-17Xpjjx.jsjs b9af4a16582e4ef985441aa09737810dbac11b8dc23a463f29b2c5117020f217n/a 
2023-05-16Kufsb.jsjs 72666d400ddc02e03bbd0d3c186254fd027498e40b02c38f4523c74e339076a0n/a Quakbot
2023-05-16Ecbfvdet.jsjs 5634ea8dfb48e1b0553a967bd57fa2551bfd44b78877caac687eaea4d888709dn/a Quakbot
2023-05-16Osfbovo.jsjs 86f5d96e97ef17dd25be83e686e9746c51c126926365c1213624e8bcfff38eeen/a Quakbot
2023-05-16Lvnvwy.jsjs d6671e99136486aeab44e0f110a2593e9602c52c1f0881eef53944ad6e5787ddn/a Quakbot
2023-05-16Liedttyg.jsjs 6204634c96d1817535e9c23d8792afe5cd5c002e7a885e94195f0e166fb83a54n/a Quakbot
2023-05-16Ymeidz.jsjs efd3c89ae39f350e4599ec284fb7477b90f4f2719679a372d2c8eab9c190b99dn/a 
2023-05-16Jfywe.jsjs c247ffbe68a9a66362672d97112c681e50a02c90a3b82af3aaa3b0bf011192e2n/a Quakbot