URLhaus Database

You are currently viewing the URLhaus database entry for https://almarfh.net/ute/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634447
URL: https://almarfh.net/ute/?1
URL Status:Offline
Host: almarfh.net
Date added:2023-05-16 19:08:13 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:09:16 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 1 hours, 51 minutes Poor (down since 2023-05-18 21:00:34 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Tmnajru.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Eemak.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Awkkoe.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Zzndenme.jsjs b127aaba3bc3e8f0636ce18136f4f6f33d4609c6cb446a25f17650e7bbcf3c22n/a 
2023-05-18Ofduvjj.jsjs 82cd8d7b9c35490bb2685891e16cfd099b8290ad60d557532fe6ffcdc79b6b88Virustotal results 27.12% Quakbot
2023-05-18Pdid.jsjs 0778e11b34038a33e15f6d85dc45a87e23d2ac68fbb8e3d9c914b1edf5987187Virustotal results 26.67% Quakbot
2023-05-18Eozgeci.jsjs fc35a5a51f420de2456b7dcb8c59dfcfc4a5a995abb8201286aa81cd0c391508n/a Quakbot
2023-05-18Qwzruz.jsjs 4aa5f66645ca2168af894232b630df6e88077c51f4fa33cbe2efd094e057fd02n/a 
2023-05-18Wcmwgl.jsjs e2cd2a44ac9c613f289c14a9d30244223f9949818db49dc69c73a5efc442a948Virustotal results 28.57% Quakbot
2023-05-18Fayzxv.jsjs b5e43b4ccd0107bcf4e8ce081135f2adb345ba3df9a4df5637d3cd9e08b43ba8Virustotal results 21.15% Quakbot
2023-05-18Gvewtphr.jsjs 9fc93269f064d50db15333e3dbcf15dccb35094dc51bedfc465ba99ce6a37953n/a Quakbot
2023-05-18Qfnknkh.jsjs b89d6433da85e8b53b60dd8f31aa096c923d9b4fb337c03d3b381482ef280974n/a Quakbot
2023-05-17Imnqy.jsjs 67c42e2dba1a888a502921f8497455eea4965e6a313718853b1782317b27c950n/a Quakbot
2023-05-17Lrxltb.jsjs 7b0e64b5b88495d402a11b16ad7776cc5e0d44a07992e8b9cf9c7006a92ac8bcn/a Quakbot
2023-05-17Sxgnwmj.jsjs 47838303934003e958511bf93e4b40816c144d7ddb6c99ad7cdda7145ee5dcf8Virustotal results 24.14% Quakbot
2023-05-17Lbewxp.jsjs d1a92330c8f58a18b81d7ff1a9ea348b205fda7b106c31a2d1e09764a4557fa0n/a Quakbot
2023-05-17Zolwcgu.jsjs 9b45c4614db7627fee14ec88aef1faf7e97115a9755ad170998bf331df8c2b0dVirustotal results 27.12% Quakbot
2023-05-17Ypkmk.jsjs 683503e1ee6accf36b4e270156fa48982aeb9619157f07c35c1dbbfeb8a43e7dn/a Quakbot
2023-05-17Jokmoxg.jsjs a70e07343087b1341505ab67207e4f4d1170a7ae25f9b7c90ca2eab5663e3db9n/a Quakbot
2023-05-17Gcrqtkay.jsjs d922a92fe76bb50cc13bea84f55dc2c51fa146b9492ff38d7d4dbfafd1e0b0e9n/a Quakbot
2023-05-17Tzjqeq.jsjs c89eff3eece5c95efa1c5b152491ce86764644d65dbc0a0bedebab40f8a9bc6en/a Quakbot
2023-05-17Zthyw.jsjs 7464853ce17a827e34c040232d7d4a2ef9d7b47794d40aec3ce5c6f9823033d8n/a Quakbot
2023-05-17Dkto.jsjs 9bc594c3c01fe1e6a08bbdd14647f27148034454c7955d6ea9b176586266ab36n/a Quakbot
2023-05-17Ggbm.jsjs e26474300d2b2866aa4cff01c3fc1f322d4750cbefe5bd4291140af6472b0b57n/a 
2023-05-17Anscwm.jsjs 342f14f1296bb5078a8ee19a7c6b30f831974d2185cfc9dd7f529c0096569011n/a Quakbot
2023-05-16Hylspb.jsjs bed11a66200789d1dec6323f3395a731a38c219fd95ce57470727af7144091b1n/a Quakbot
2023-05-16Jczjy.jsjs 4639417256e88b0e33a92a63a95e81596f8b73ee9cd4bbd4be3e10fc3e141097n/a Quakbot
2023-05-16Xihpyf.jsjs 7ab04f4eac3865f54f6ad6750ddeb1e8b0ab9550d9c6f23ad13d9a5a677ed56an/a Quakbot
2023-05-16Tcetpqqg.jsjs f7daa80c2d42d627ecdb0daab9728dfa57f64f69e4b86b3c0e9c4a0d4b746cf5n/a Quakbot