URLhaus Database

You are currently viewing the URLhaus database entry for https://bestachizitii.com/tma/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634466
URL: https://bestachizitii.com/tma/?1
URL Status:Offline
Host: bestachizitii.com
Date added:2023-05-16 19:08:19 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:09:32 UTC to abuse{at}romarg[dot]com)
Takedown time:2 days, 2 hours, 56 minutes Poor (down since 2023-05-18 22:06:24 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Uwetlqe.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Osgh.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Mfvf.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Mycif.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182en/a 
2023-05-18Wcairvz.jsjs 74e7f951fe5dcd84fa5c570a1b2e27991662022a85a90f8f38cff80d462e8541n/a 
2023-05-18Lageg.jsjs ad227c276250c72ebaf4c13e5d960347009d0762b8c2e696a35b36232e0eeff0Virustotal results 27.12% Quakbot
2023-05-18Bfon.jsjs 9d9924b0f0e33e1b74db34d25035395c2f29b1c29926ab16bfec2e29f30c8b81Virustotal results 27.12% Quakbot
2023-05-18Jrloif.jsjs f463f7a1eabfcde6cac3157449992b10b752021a61c46392c383c0949c81a709n/a Quakbot
2023-05-18Ecldsu.jsjs b45fa98328f6170801cd88be88f4ac670f2266e2ed383e78f37fdd5d860dc695Virustotal results 30.51% Quakbot
2023-05-18Wrrviftz.jsjs 0e8413c3fd2b87cd2139ba54c718d6b9f305a8bf33d41f05aaaa2639ccde842cn/a Quakbot
2023-05-18Afcpeb.jsjs 7b0e64b5b88495d402a11b16ad7776cc5e0d44a07992e8b9cf9c7006a92ac8bcn/a Quakbot
2023-05-18Qxjgxf.jsjs 31bfb0e9f32a6891aa3b4bb9c1caeefec664295de95b74eccecf9eb67a2b84cbn/a Quakbot
2023-05-17Zoqvs.jsjs f3f5b182d275d4c04caa73e7abc7c40748f810123832c294c35b3b4bf997ea3eVirustotal results 27.12% 
2023-05-17Raznbtq.jsjs fed0fa880fd9812bea44ff765356fb74bdc116ba4a93d3e22ad855b9e789e299Virustotal results 31.03% Quakbot
2023-05-17Ihxzejs.jsjs f4454d45458f3aaadcdfc328fc4107a6c670b1c0e04df1d476ca56e831b83818Virustotal results 27.12% Quakbot
2023-05-17Qcjnnoje.jsjs 3a2fe931e43de04dd026f5fa57590b2baf3539c2930e6d9239ec3a95a1ec6bd7Virustotal results 32.20% Quakbot
2023-05-17Vfbjjbl.jsjs 3ac894a6a388d20bc81ae5f8474ee788079f5036842b1542150a55c8fed2059en/a 
2023-05-17Hchs.jsjs 77a97bbae92dc7a7845ded72bd28a849a3c41c2912628816d93ff4b9a27ed45fVirustotal results 32.20% Quakbot
2023-05-17Fidu.jsjs 5b03a98354c24b442061c45caca4e261ba88fe1d68187bd4c44f84773d562a6dn/a Quakbot
2023-05-17Phdkpdq.jsjs fdf950ea03d008fe87c7f897e464c152d19d8f830013223033ceb1852f37ef5en/a Quakbot
2023-05-17Lhdvdt.jsjs 877c4c4c17985d315e1c8db30942aa77b351464ec4fd3dc8d093a3378bbee723n/a 
2023-05-17Elbycvfz.jsjs a9ededdd98d18554e413305c81e5b89d04d0b0fefa794fc04b98a154ea7bc386n/a Quakbot
2023-05-17Ftqmr.jsjs 2ba560bec506aa25b47ab96a7c61fc1aa823fca80e86d43d81310610628cc39cn/a 
2023-05-17Aimvcru.jsjs 175878ee7e24cfbc36ece36495e4c8734d8bd8424931c719a373e7b682813cc5n/a Quakbot
2023-05-17Lnirjf.jsjs bdb07a85b2afed891894aaabc0e2077e932076f36171de81ae43190f5d00043an/a Quakbot
2023-05-17Kqrfe.jsjs ac811a9ba87bc3cfa8a61ac333c543afc695056d2ce2a6d09d6670ce3427b192n/a 
2023-05-17Yljbrr.jsjs acfbae94b3a71c1e82f632c316d6abdcbdec9601b512355147d81b9b68add600n/a 
2023-05-16Hwbol.jsjs ffb7fd2c95f6abc33b9425ecc2645060129e48de03432ea82e1e28e03e1f4e98n/a Quakbot
2023-05-16Lpajynwt.jsjs f4baae2c64542aba7d0155624f8b87a77c575871e514d37d3a2a6e39f90968acn/a Quakbot
2023-05-16Jvvikqki.jsjs 4fee32e02ad65024d27b3b07749a6ea382271a06f2e60ae611e9173e08de9954n/a Quakbot