URLhaus Database

You are currently viewing the URLhaus database entry for https://troovsy.com/cui/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634250
URL: https://troovsy.com/cui/?1
URL Status:Offline
Host: troovsy.com
Date added:2023-05-16 13:42:27 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:45:18 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 7 hours, 53 minutes Poor (down since 2023-05-18 21:39:08 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Dcbzn.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Tdkx.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Qltb.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Sdogjd.jsjs 0d1baed7654ea1bbe3ccc69ee4bf6b98fd213480408b5f97c8296b0c3726ce38n/a 
2023-05-18Hlgtfidb.jsjs 0a6a1598b501c10c9f5b674586502de9eb32d51063c42dfce137a78f56aa4388n/a Quakbot
2023-05-18Chswyo.jsjs 09d00cc1758af4e79c7a38e65ba9555ccb18dcc1f628a22c1d9bd5a337b03d88n/a Quakbot
2023-05-18Druvbram.jsjs 2f457141989cd8db7267b3dd982bc3aca3c0d763161cfedf75384aaa9b27bfe3n/a Quakbot
2023-05-18Nmbrhma.jsjs dc0d873178c61dae13dac14d65611d4716e9c28ebfa216e32126dbdd1ac971beVirustotal results 28.81% Quakbot
2023-05-18Vneg.jsjs 9162c26ac66cb673664c91b6a22e788a008db7c2bd2b4a9b7788a47fe85f33eeVirustotal results 28.57% Quakbot
2023-05-18Kluru.jsjs fed0fa880fd9812bea44ff765356fb74bdc116ba4a93d3e22ad855b9e789e299Virustotal results 31.03% Quakbot
2023-05-18Jlrbz.jsjs c98276273a209f91c3e1637785f0f3e59d5724b05ee395f9f32ae11ee5e8679cn/a Quakbot
2023-05-18Fbdl.jsjs 9ac768cf3025869132bdb78aad3f4505cd8dd7e5ddc218e64d6645ba8db5e4f4n/a GuLoader
2023-05-17Fmufc.jsjs f252bb947741e263a585e14d04e2ccd38b535351fa818233c9ab294b4b174275Virustotal results 27.59% Quakbot
2023-05-17Bfgdnzhv.jsjs 246f0936618439433071e920bc87c631f7506091006fb43ae80612f430c0846aVirustotal results 26.32% 
2023-05-17Rumfdix.jsjs 0d19b7d7e092df5355727bab9cbf454b5b17f90d5380ef6240d0cada7cb5a1c0Virustotal results 15.25% Quakbot
2023-05-17Ahvkwmp.jsjs 9b2f8c74295c1bedca1e85a34eca84634c652741d93c24d9c5586926552a77a5Virustotal results 24.14% Quakbot
2023-05-17Uqih.jsjs 5e30b39e34b262f145f195328ba0967ae018af26240225770cb9bbac24dc377cn/a Quakbot
2023-05-17Kftfzysy.jsjs 6bf7410f1b32c7fad44030961607fb13ec400a2a008f5817485ba84c5c297175Virustotal results 27.12% Quakbot
2023-05-17Erbzdz.jsjs 17da932080db984c8594c50184bd0cfde690ed29cc7cd73f3136474e2cae191cn/a Quakbot
2023-05-17Rfeokflx.jsjs b2e23c529e80dabc306726c89dd843df4bc84130430fb22df8bdfd18d9e91035n/a 
2023-05-17Iidysk.jsjs 843c93673cc542d160f46482470c3a87740d05acb4541425b2faede223a58cben/a Quakbot
2023-05-17Hpfwxkm.jsjs 104f9e5b8b89ec773cf616aacafa9c176ce2e59fcf7bf798ea52ceff1c5c980cn/a Quakbot
2023-05-17Xbliko.jsjs 7991c552f801120065c1c3b41e9560337b663c62f8d158612061a1b71e969505n/a 
2023-05-17Ogwqcao.jsjs 44b96bde72ba54da6aeb3162260641b2ff61bc12d671afe9df19183a4b1c7e03n/a Quakbot
2023-05-17Nseigj.jsjs 8a0bd5830627f1fd140e0804e7b876f3ae07328dfd00c1c1b5690cbc151fc114n/a 
2023-05-17Bjsmv.jsjs 36f3f35d5c646d8481d4696491980678c1cbf8e56a0da728a9f95c01a0de19c9n/a 
2023-05-17Aooyqs.jsjs 2597daed57c9f5cc48e60f510b923383853926f7f8f797c0e6b9b5c75e677272n/a Quakbot
2023-05-16Zdzfr.jsjs 0459a13621ccecd94ecb647d055cf19ef18ad46577fe20d772ead5a386e8ab49n/a Quakbot
2023-05-16Yhoesl.jsjs 09482e81991f7f7a52f245f54ab0ccaf71455ad41e2681daaff045a28a436cfdn/a Quakbot
2023-05-16Eyihhzvw.jsjs 4201657ea90c61483d04fef9fa11ba52089b064e0acab1724a0508e8b386187cn/a Quakbot
2023-05-16Pgael.jsjs f27f86343ebd3e15cb5f6e5df845a5029cad239917accd39308e3f6763ec7a53n/a Quakbot
2023-05-16Lntk.jsjs 21bdc9690b07007116c9dcfded4574d2579521c4168c0f97dddf7aaab48b42ffn/a Quakbot
2023-05-16Lpeba.jsjs 67b3db3f5511d7f4c45c66da9cb44964bdff9a2b79861f7a20dec0254973aaf8n/a