URLhaus Database

You are currently viewing the URLhaus database entry for https://bimskol.org/otu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634449
URL: https://bimskol.org/otu/?1
URL Status:Offline
Host: bimskol.org
Date added:2023-05-16 19:08:13 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:09:18 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 2 hours, 32 minutes Poor (down since 2023-05-18 21:42:12 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Wslzrnso.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Natu.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Aiikauaw.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Hlytl.jsjs eb5fa9ae1eeb22504ef26464c9e5faee49e16e7b96695523bd560218d2d3dab7n/a 
2023-05-18Rocx.jsjs 20bd75aa446aa0b87c0d7042cd6119cf26dee2dedc5fe401477ada73a6c84e1eVirustotal results 22.81% Quakbot
2023-05-18Uvddq.jsjs 55de6657c16f6c71d27bc0cb38580d689241943b653c659ae89fd4b63fdc279dn/a Quakbot
2023-05-18Svut.jsjs 45a695a6696ee2284f34ef03f76d7192a3829a64f1ae5f5216bfd36983231680Virustotal results 26.67% Quakbot
2023-05-18Fqfqay.jsjs 7e29b555dd10291e663446073640ea5519a3e38a3655264511bf14299c86dccbn/a Quakbot
2023-05-18Rzybgoi.jsjs 2c6c3f6ffb898b9a29cc0a5ec84ccecf30800496946b378d5558f81798278c3aVirustotal results 32.20% Quakbot
2023-05-18Ffpasal.jsjs 72c9727d22512473f4aa27d93e0c15ae33a95784d9804b057275d0d7d8b0a361Virustotal results 8.62% Quakbot
2023-05-18Hwdcdybz.jsjs 093f4994d50fb15a657ced4731d4109a45ae410dbe91554d201d3ad2c44501acn/a 
2023-05-17Jqrb.jsjs cd8a39cd43a8cbb2e0c04b201b7df230226fe2dd696ab5c20c9ecbb16cc723f3Virustotal results 24.14% Quakbot
2023-05-17Rxytf.jsjs ebe8f7530444ccce930ca2eb9bce9d1a8dc83786f22d231c9b0ecc1b37803d8aVirustotal results 23.73% Quakbot
2023-05-17Pydfmg.jsjs 9fe91aecf500ad9c63e2325310e5a0f358434ce9e04f697e1173ad6af1956453Virustotal results 25.42% Quakbot
2023-05-17Efvhpzuk.jsjs ccdc371fa95a2dc8192ecf73826f489942857addced0e8ce4b9aa969aa98381en/a Quakbot
2023-05-17Rsrap.jsjs b0be9915846a032654d7a5cdc2488d13fd892ca71f707d67ef917a7ed79bd43fn/a 
2023-05-17Xggpqkbj.jsjs 32191ec86c3fda99957a4e78362b4bad01545ffe830b5b5c5c32ed9c92fc58ebn/a Quakbot
2023-05-17Nsbccf.jsjs 37dfc4f0a00904e349fd56b330748fba27b43ebad14ce22ba20df17809091c27n/a 
2023-05-17Ndgympf.jsjs b2e6bef748544095abe8ee6d88a3182e999b9294dabd7b9b52328ed8562185bbn/a Quakbot
2023-05-17Mxhsfhtk.jsjs 2012cef634e5cf2279098573ff98967be75901d6ff87fe2adcfdf1a7793bc69fn/a Quakbot
2023-05-17Opvymemr.jsjs 8d85f9eaec6fa9c314e840a65a28cadcc1b21fec6b3de5462dd5710c5c1ffd21n/a 
2023-05-17Usiee.jsjs b54f7e056434b00dfd26aa26f71eee76ca7a354c0b0bf99d333a2c4698f98f59n/a Quakbot
2023-05-17Dqzsyjik.jsjs 1d9ae4b0935a57fcb88dadca8c37785dc3fdb099461d553321da3661bb5e1094n/a Quakbot
2023-05-17Pruarda.jsjs c130945eb94a206327abab4ffaf8a835714c80fac4d633a4616b7d8512ee0a95n/a Quakbot
2023-05-17Qdkdveuo.jsjs c8be9c43091eefd500b7afcc9147a69f0b35bb5e01475148b5f716ffcf5e9d6bn/a Quakbot
2023-05-16Hzzsn.jsjs ecd053cff7986363a1f2f3523a35ddb46e871471a518ff1919af22436dd5e784n/a Quakbot
2023-05-16Bptf.jsjs d99a17f7a0d1214321064b200c8c890d1d685f099bd346d30b99e6cb191dff89n/a Quakbot
2023-05-16Gkmlm.jsjs 384ead1c2e6dd1cf3c128acd9857eb4ed06c828dbd1a9b6c5b59827f77bd5facn/a 
2023-05-16Ypmf.jsjs d0645e9a653b62e2170efbd657358110da80a7aa8472909e6f431f467db9c748n/a Quakbot