URLhaus Database

You are currently viewing the URLhaus database entry for https://batamtrading.com/cmgf/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634444
URL: https://batamtrading.com/cmgf/?1
URL Status:Offline
Host: batamtrading.com
Date added:2023-05-16 19:08:12 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:09:12 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 2 hours, 4 minutes Poor (down since 2023-05-18 21:13:29 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Kndj.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-18Tsmq.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 24.56% 
2023-05-18Zony.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Ipxslnn.jsjs 357f9c4145005bcfdc3cacce3d1b86d51cf1ef6766cdbe5ebf9e947edc3c6e4en/a 
2023-05-18Pdvc.jsjs 98ca0fd1f80c8b41e2782376e1e44d8dbd142e3c6e7f91e3459aed684bf210a2Virustotal results 25.42% Quakbot
2023-05-18Zsmaacrh.jsjs 3d234411a958948cb4805e18eb29cd95fbd93086ffda9ed636c6d322523b5e80n/a Quakbot
2023-05-18Gacp.jsjs a4633a3bade267edfd4e6171fb238320ca7b8fc6ce56403954409c8af38c4ca5Virustotal results 27.12% 
2023-05-18Uwlpsvch.jsjs 7cfdf6db2bcad8f5b911ac39a8da45e6a8bc3e53c287742c8afc09821a544c0fVirustotal results 29.31% Quakbot
2023-05-18Ckkqjwon.jsjs 8475cb42b6b2c974e37378cf11491570a83f194a37e5ebbc50add4a5677d6d72Virustotal results 25.42% 
2023-05-18Bwqxxyit.jsjs b866fb32a73c9c9a6de4c2fa92651d4d8d7f72f0fe66af797867274e8a889e85n/a Quakbot
2023-05-18Elrqm.jsjs f16b3c48ca1ba324e53c48a72c3bc53329423b16779e1cd1d0d40447f39cfefaVirustotal results 16.95% Quakbot
2023-05-18Ctgcxuy.jsjs 2bcfc438cf9c0a4f72832a134f6709c7596645ff3d738abe3b2fd53250ed50f9Virustotal results 22.41% Quakbot
2023-05-18Qgwiiggj.jsjs 6c2bc2e984886cdc84fd988cc8504fd8737f22afe09cd972d52344c526d16d5bVirustotal results 30.51% Quakbot
2023-05-17Uigodn.jsjs 19f01a32bff6fe9b165ef850e438aa1e9f6ca0de31dcfa4ad489b61367cab1e2Virustotal results 25.42% 
2023-05-17Mudbm.jsjs e378d6c2c0b5f5ad7404ae59dc73fb118bbc687f0b78b8526939d18e1a151bban/a 
2023-05-17Ghpdjkq.jsjs ad227c276250c72ebaf4c13e5d960347009d0762b8c2e696a35b36232e0eeff0Virustotal results 27.12% Quakbot
2023-05-17Sqqjqvvv.jsjs 743cf712f367f3c69cc6bfc3a3734a66d19bef6e76aabcc6a8b97c534a3b5557Virustotal results 30.51% Quakbot
2023-05-17Cfbucsb.jsjs 34e3acc0e6ab649f51c734598559914d2597cbd6d5a224f09da4ccb7ccbd769dVirustotal results 35.09% Quakbot
2023-05-17Wpwlpiq.jsjs 9fe91aecf500ad9c63e2325310e5a0f358434ce9e04f697e1173ad6af1956453n/a Quakbot
2023-05-17Uquklq.jsjs 819c3375d47e95f26e1466039e2ff5a096837d0761bed7564c2366b094c8895bn/a 
2023-05-17Ytmcks.jsjs 6641a29ba9687cd775f36affdc5449732113d1498b5348f8a3bac4b80c63304cn/a Quakbot
2023-05-17Imipmkef.jsjs 4abf84ff011e9f0d385cee1d85b9f19af74b07e0b3d7dad1007d431a1ae69107n/a Quakbot
2023-05-17Xcqy.jsjs 21f5ea3d8ed7d129fc85d706c738ca2548d5cac670277a36b822e186688ba64an/a Quakbot
2023-05-17Nnrbbrjb.jsjs 7c25ce6d4f7bdf5e0ebf7c86f525dc1fc74269bce3113d7109d929eaeb7be7b0n/a Quakbot
2023-05-17Yicuh.jsjs 7bf96aa298b096891e2c24190d408b50a288a7d436289e2bcb68c210e14f05e5n/a Quakbot
2023-05-17Xogkii.jsjs f7a2c9d6bccd2da2052a3763f4d1ff81193b8e20d57b4a30a92e6a36dd4743abn/a 
2023-05-16Aalgs.jsjs d2c8e243e51868255ad9968cfe566561a6e64f8565a9b860ac91b661923b409fn/a Quakbot
2023-05-16Cujusk.jsjs f7c7da2bf10de1261b3a3b2165f5d5df62ad33a690270506a4039309d7ae2d0dn/a 
2023-05-16Guvbrsmy.jsjs b93434bcea9f0ada146ccd43eea49b3db5b359805cb66cf67d9439c2aa1b9af1n/a Quakbot
2023-05-16Jxigtifl.jsjs cc4ec067be1b149b285c14781212fb3d3d183a905b54898c4392624d4770ab9fn/a Quakbot