URLhaus Database

You are currently viewing the URLhaus database entry for https://onlinesattabazar.com/atee/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634300
URL: https://onlinesattabazar.com/atee/?1
URL Status:Offline
Host: onlinesattabazar.com
Date added:2023-05-16 13:42:35 UTC
Last online:2023-05-17 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 15:50:10 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 9 hours, 10 minutes Poor (down since 2023-05-18 22:53:53 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Lwtdk.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Dzic.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Bdmzof.jsjs ace819f2df1279100b7821ef69b6074854d5565a082b95d142eedc946bb4af70n/a 
2023-05-18Oqjgsj.jsjs c7f9d6c56a28ecc44744a1c617778af39179d5869bca0ccd518016eae401078en/a Quakbot
2023-05-18Nwnlh.jsjs d5e6e30f18f2d0670de3202c27c125583667cb6be60aee992f59e72d23eed864Virustotal results 30.51% Quakbot
2023-05-18Cneq.jsjs 91bf97c2e5d25bf79ff22ef99cccd3bdb7aab412d34521e172610b16562203d8n/a Quakbot
2023-05-18Uftwnna.jsjs 33e5253fc3841fb30d4467ba7144f20b94bfb5714befb85aa32837899b33859bVirustotal results 27.12% Quakbot
2023-05-18Fkyaiqvt.jsjs 8116e7914df0a4fae9adad12da668660206754557fac016131c53fcd305d537fVirustotal results 32.69% Quakbot
2023-05-18Hpct.jsjs 0c72f8db70d3f144ec7cb21515e337377b9aa689dad88dfbf1720634c8b70453Virustotal results 30.51% Quakbot
2023-05-18Yljr.jsjs c6712a15900f7986ac9ad350dec34f50284b50e708bdeb42e320d99659f8d46fn/a Quakbot
2023-05-18Shxxlggt.jsjs a0c936769d05f511e808dc9d178d44c1b60779ae7ad0e7424e520b2e75ce335cn/a Quakbot
2023-05-17Ijniv.jsjs a2fee1f921c59d61590ed86bdd9e19a12b68d9722d228d0e5bef678bd31d461bVirustotal results 30.36% Quakbot
2023-05-17Hatoljte.jsjs 45a695a6696ee2284f34ef03f76d7192a3829a64f1ae5f5216bfd36983231680Virustotal results 26.67% Quakbot
2023-05-17Fdmcxy.jsjs 106ea6e9df2db6267999fa9df4ae5950c1be2de07cbb773cd739bfaa29a806d4n/a Quakbot
2023-05-17Hohykv.jsjs 16e669d4d5391d00940846a4f52891c84d175cd3dabd4f776ef0b2b352c4f2c2n/a Quakbot
2023-05-17Lnin.jsjs 456c54257858cdc9347b6b71444659a256ae3a000dc1c82298d0fc65ba890687n/a Quakbot
2023-05-17Tadge.jsjs cd8a39cd43a8cbb2e0c04b201b7df230226fe2dd696ab5c20c9ecbb16cc723f3n/a Quakbot
2023-05-17Nboum.jsjs fecdae98fff4b89aadb8c35ded8061bdaa126fc12f3fd482cbcecd53246c1c0an/a Quakbot
2023-05-17Ivpsndo.jsjs c22b66c0508392990ab94f573ba59b6313b04e58ee121ad596bca03710ef4dd5n/a Quakbot
2023-05-17Wkfwi.jsjs 42f186bb85bd5a31e03a33f8370696b5a78d7690d54b5f53d9f95c89a47a7922n/a Quakbot
2023-05-17Cpqncdhe.jsjs e2e560a861de91330586cbcaf290794f2096b670f51defcc850caecd3771bcb4n/a Quakbot
2023-05-17Oxpv.jsjs e48cfdc0ca6cc3e906b5b8ed851c12b6fd17e8ba9eae6a710893eafba1c6dd9fn/a Quakbot
2023-05-17Cfnntr.jsjs 5336ab069529b27c8d58172c5e9dfec13538b2b7898bb9e785d316c330ffa4c1n/a Quakbot
2023-05-16Cbwgvvln.jsjs ce2aac84611423fd40afb45b950a0eaa82e81466efca65e3bc9bb7817d7d3097n/a Quakbot
2023-05-16Ambpua.jsjs f075f5f021fa176c024dfb00fa20be5e937f75e96ce383ad00bcb9a9ceb4d574n/a 
2023-05-16Bqroxoox.jsjs 238270bdbc6eeb5bcb2f117b1ce0dde224b08383b57a8afc6d1ab7d0f2679e37n/a Quakbot
2023-05-16Etunwwjf.jsjs 034ac995e1406b01ca34f4243c051298499179c85466e851879e45b007987091n/a Quakbot
2023-05-16Isqe.jsjs bed60456c1f6b2fd0bcef665ec82b6cf0fe3f4a013453842142a2a4e82935ef7n/a Quakbot
2023-05-16Pxoel.jsjs f0b773dad7ab590b539691f9b1a80829f8c5e8d1aa83acdd1c249a1bac53d00fn/a Quakbot
2023-05-16Urakvpm.jsjs 877a6caaf95b3b60a3114f07a8755f9d24d46721db3f717aff7ebffecd590217n/a Quakbot
2023-05-16Lwomqnl.jsjs f6cddc26f0002ade115007659213120bd815f80d515795b5665b5c1cb538ded1n/a