URLhaus Database

You are currently viewing the URLhaus database entry for https://shbdistribution.com/bif/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634277
URL: https://shbdistribution.com/bif/?1
URL Status:Offline
Host: shbdistribution.com
Date added:2023-05-16 13:42:31 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:45:43 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 8 hours, 46 minutes Poor (down since 2023-05-18 22:32:06 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Movfo.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Fmoppadf.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Exptqctr.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Tgmhajk.jsjs 828ab9b198ace6540bab66d12bff28bf5b11bb1258df06ae467240d2ff175f1bVirustotal results 24.56% 
2023-05-18Kmyytz.jsjs bc100a785f531874618920cd99c357dfc32c33cd59fc6b19856a94b41ca3f07fVirustotal results 32.20% 
2023-05-18Pwskybnv.jsjs f463f7a1eabfcde6cac3157449992b10b752021a61c46392c383c0949c81a709n/a Quakbot
2023-05-18Iyvzzhk.jsjs c1058b3e90189dda6f009ff9980c9a284c196414c7682ef914862f8964b9950dVirustotal results 31.03% Quakbot
2023-05-18Ahyngsc.jsjs a0220d487566d1243b11c30ea5d37349418d84e8f6eb6013e0792aa4b11236c6n/a Quakbot
2023-05-18Ijtikv.jsjs 759b7245c8f5cd0c5db7853442c740696c4a66caf8aae6a281b32f063f6c660an/a Quakbot
2023-05-18Tnsjvf.jsjs 6da5adb44a26381ff077fb8a45c8d20a4888393b3fd5733d6fc8ac4519809c94Virustotal results 25.00% Quakbot
2023-05-18Eofg.jsjs 5155a314d6e44ed6eb4d65e80d368d8bcd4e8674e293bce8d712b03395d22f6fVirustotal results 11.86% Quakbot
2023-05-18Qdckhrag.jsjs 340674eac99b309a0a10a07f5d961e87788e88c4cc2f218da6cd61ccb196deecVirustotal results 11.86% Quakbot
2023-05-17Zbyiwsxk.jsjs eac6096d9525ff200431210339d6a028b68233173ae11df47f57222dc631697dVirustotal results 35.59% Quakbot
2023-05-17Uusovl.jsjs 3b521273a1f49f0fb7c2f4ea15df405e5c77af2e36c653ca0e352ada89db0c6bVirustotal results 27.12% 
2023-05-17Qjzqiko.jsjs 3c39de1cdb595f8d1822395bd3cf9c81743a1b303cf7188cf41f49bf8c0005c7Virustotal results 31.03% Quakbot
2023-05-17Tqkwjar.jsjs 399c7eece18438ba4f325cfc3863d0603d1237732a310fa2124a136ff2a335afn/a Quakbot
2023-05-17Eezrisbs.jsjs e98ab08e4897807987344800297aa41a72fc207a57b0e89510243b3b8ad0e144n/a Quakbot
2023-05-17Wkujhd.jsjs 7a1083b3edcdb5d47bf9938417f339c556c4737e9886bb9cd51ce8eceb3dc5dcn/a Quakbot
2023-05-17Taaauwyx.jsjs cac584e2ff62f01ca51db682d0b6d32ff11123c3bc3b6a5e9794606ad51844fcn/a Quakbot
2023-05-17Kbyguqqk.jsjs aa64aef61f503d5d367e7c76bdaf6c28be7aa66d98f681c81feae8a2d7e5d3d6n/a Quakbot
2023-05-17Wsrxpjrs.jsjs 776707f7f18c33e86ee2b3046380e180253c785dc4448dbb29a744dc505b605dn/a Quakbot
2023-05-17Icyxqo.jsjs 0c75ba2f176c0473bec6cf00375e1751eaac0edf89119f7364059db4e51aadfdn/a Quakbot
2023-05-17Evgaty.jsjs 8f7ad998ed90325fd7919cf37e3061f4e160b74be05d14407fb9465f388d23e3n/a Quakbot
2023-05-17Hxld.jsjs 5b44abd7aea3c0c33cf064a6bcec770fcc240ff3712246acb546289eb50fa620n/a Quakbot
2023-05-17Botsyx.jsjs 9c1dd1d2cca255e819b0508645e3fe4b4d6f39754a8cd94b5b3e647a335f188en/a Quakbot
2023-05-16Rznmy.jsjs f30b07b3f4baa52185e7b910ad2869b4b5b9e6e48248119f96bdc1fab7376bc5n/a Quakbot
2023-05-16Zeqlomy.jsjs 706752a579b785be2555d6be76804c142c7755ae671dc2ad825dca9fda312aa4n/a Quakbot
2023-05-16Qpnakedc.jsjs d7806a3e6a8759e0dd6f8b00f2fa5a304d239f3ccc9759103be1bdd238f9eb74n/a Quakbot
2023-05-16Eziky.jsjs 826f89458f039e2bb5f34da55b4832c80d5f7597c20e234234d6b9f340dbc451n/a Quakbot
2023-05-16Ivzpa.jsjs 279bd1eac8316aa10b29b35f8435437f2d53606d3a8870ad2bf3fa3ca1743a1bn/a Quakbot
2023-05-16Obowcb.jsjs 189b1dabe3e115b550e608853b8c816803fd151f1729159f3fdeb83610deb4b1n/a Quakbot
2023-05-16Raiyk.jsjs 26788fbe6bf8661d0da605c486902e51d258b69b5aedd0b0ea83aff560a69ea4n/a 
2023-05-16Chqoyju.jsjs 3b1f5ce370a948ee3e466a13577fde4784734afe13558f3914777141e782c8c4n/a Quakbot