URLhaus Database

You are currently viewing the URLhaus database entry for https://3roodq8.com/ev/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634427
URL: https://3roodq8.com/ev/?1
URL Status:Offline
Host: 3roodq8.com
Date added:2023-05-16 19:07:08 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:08:18 UTC to abuse{at}amazonaws[dot]com)
Takedown time:2 days, 2 hours, 29 minutes Poor (down since 2023-05-18 21:37:20 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Dcuen.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Dwcwml.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Xvbmyuz.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Rqwh.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.73% 
2023-05-18Lkqnj.jsjs 8475cb42b6b2c974e37378cf11491570a83f194a37e5ebbc50add4a5677d6d72Virustotal results 25.42% 
2023-05-18Ojsl.jsjs a5f3d5a1dd9f57238b6a528792a0d6043f93289be9f4e2760c3549006c132bf8n/a Quakbot
2023-05-18Rumtn.jsjs d7efcadce017eaba7ee055cac3f1fb9842bd54107fb46729f546ede523c09e5an/a Quakbot
2023-05-18Mjvse.jsjs 817e3087dd09d826cc20a0381d67784b264c51a854134ac760b9219f49d58f0dn/a 
2023-05-18Oqtf.jsjs a99deed91507b2e0aa98b17753892aa733b12eed707f493c38359420a3a4f109Virustotal results 25.42% Quakbot
2023-05-18Yzrazxcc.jsjs 9b57a0a1ea9fbea6fc63b1a41a52f5dc8e9fa5facdff20d031096a0075e9c715Virustotal results 30.51% Quakbot
2023-05-18Sincsdx.jsjs 611f39b0fe3d00c6bc886929f93aab5028192d0d7398bd8621b700c05e99dcc9Virustotal results 25.86% 
2023-05-18Ayigjj.jsjs 42b8297467af3118af88bc8bd71bc4b1cff09e2fdd17dd631cda319c5c4cf592Virustotal results 24.56% Quakbot
2023-05-17Rdupudp.jsjs 294b64c51f30b3884a2067b27a59ddcf4f5c3284a38a7260148eca0e86061a53Virustotal results 25.42% 
2023-05-17Uwod.jsjs 8a1f226245e5f15e87409d617437e6d102c8267d28d1bdb3f198a89620b090edVirustotal results 26.67% Quakbot
2023-05-17Yjlr.jsjs fb5908d59b642acad4cc8e4b40c8003da06b37e422221c358758d820f2c0a53fVirustotal results 23.73% 
2023-05-17Awrlz.jsjs 2a95cf3c1e69da726dd11f2d5621a546ce89b168fa1cab3506197a63de008d69Virustotal results 11.86% Quakbot
2023-05-17Qpyndhju.jsjs 81d46bf6cc71d927906bc2a9ae29103ed6a1d3f01599e9736dd016267c874521Virustotal results 11.86% Quakbot
2023-05-17Hhgnu.jsjs b65cfc5c1f188f590ab7d7d6a20d1ea638a086a9be61e3442b6ea9388fda3c0cn/a Quakbot
2023-05-17Qobunns.jsjs de678b4a37c6c15a808f0289a0185302b696546ff234a9c180ca99ac8bb1f313n/a GuLoader
2023-05-17Qezquguu.jsjs a41fa023f77f0a5811e5fb31f6259d4b679277f0c9447c1325c33e12657ffcddn/a 
2023-05-17Ffcqmwkf.jsjs 2a64c66e6e9fb1e749b64366591c5c8e53a3a6a7d341ded09fa1c4e1da6951ban/a Quakbot
2023-05-17Xvwtc.jsjs 46b3b2d5d17880c34115aa67947571cead967306e79a0ea694d1f9b3f1fed292n/a Quakbot
2023-05-17Nsubcj.jsjs 3d5310548f10a89548f9e6ea20ed080af0262ae75960a2e5b91df76b9690e1bcn/a Quakbot
2023-05-17Iohdogj.jsjs 455f33f05163688a6a2745dca4c3089f98b698e833b63ff38fbc6843888ea0fcn/a Quakbot
2023-05-17Zwimlpy.jsjs a1360a6c3457d744851b958e0e6ad39b2a8e77d32bad2750bff3c54ec106a2c3n/a Quakbot
2023-05-16Klnvjrfn.jsjs 828f4ae1ec74422850168ae3858bb798599137ddbaea31f20a06c29bbf1607bdn/a 
2023-05-16Qrsss.jsjs bfc9fb260f193a9850708fde156c356d44d4f8ec05f68c926c88ade7eebecf53n/a Quakbot
2023-05-16Ivct.jsjs 12d6e018e0976eeeec52916ecc0ce704d365e4d56811e50aae01af90896f9118n/a Quakbot
2023-05-16Zpfmyx.jsjs 6960b1c75bb1c25d205b47645ad065eeb5c2467fb272eb3f0434ce2cd63ea287n/a