URLhaus Database

You are currently viewing the URLhaus database entry for https://countrywidecapitalgroup.com/sun/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634470
URL: https://countrywidecapitalgroup.com/sun/?1
URL Status:Offline
Host: countrywidecapitalgroup.com
Date added:2023-05-16 19:09:10 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 20:55:08 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 1 hours, 51 minutes Poor (down since 2023-05-18 22:46:42 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Mfdj.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Suzzk.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Fzlgzian.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Felrhm.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dn/a 
2023-05-18Zohol.jsjs c1058b3e90189dda6f009ff9980c9a284c196414c7682ef914862f8964b9950dVirustotal results 31.03% Quakbot
2023-05-18Ruwhnabq.jsjs e78861a712a577b61558f7ea9878b91e974692081e5daa5f02dcb5ff1cdc359aVirustotal results 32.20% Quakbot
2023-05-18Pfab.jsjs 75aba79d300dca2a11da16879bf5c0fd15d388a5926381550db24144937b72fan/a Quakbot
2023-05-18Ydyaqlsb.jsjs 654d79d5b714216fcec5efd06082250b58afb76155c0be229ba139acd68d0797Virustotal results 25.86% 
2023-05-18Igmqpczg.jsjs f0dad7e39dd98158fd3e2a3bcd4bc2dd96da1a8f382aef725da975d51bd63a04Virustotal results 34.48% Quakbot
2023-05-18Hjwimnjc.jsjs 6880ce894904976fa0bcca1c18a48cf2a862737e355802fd26301563e6a09454Virustotal results 27.12% Quakbot
2023-05-18Hszor.jsjs 08a4ded15b1b100031a7d4d5816c32a45f5bf29a74bb677f99634db21d3cd646Virustotal results 11.86% 
2023-05-18Ulnku.jsjs 307a3ef8bc1930af1d46fc60bac9820950e278feee14f7a931ac745613568698Virustotal results 23.73% Quakbot
2023-05-17Hophlxbj.jsjs 2e6fa76c0870d4318d71a8defd95759f831cb88397931327f00478d853bc9525n/a Quakbot
2023-05-17Vcwcedrv.jsjs 287c569bf794a7ec47dcd5f308d39f138b6b4b964ad50c335991038cafd9d476Virustotal results 32.20% Quakbot
2023-05-17Tooo.jsjs 0473836cfc335949eae38f3049dd3932d818dc6cbbe8c178f72c74370912d088Virustotal results 28.81% Quakbot
2023-05-17Rbwvof.jsjs fd6447c1e9b59d7114534e32bd988bd00fb674bcecc4c3d958b096bfc06b4acaVirustotal results 29.31% Quakbot
2023-05-17Hrdxena.jsjs ecb53b7bd1821908e3358a50f35b5cc1aa92c43f7c190eaa7e0e473ca199dfa6n/a Quakbot
2023-05-17Klao.jsjs 50ebb94dd22b6d976b5ec46e2aaa6756dd807058f1a4fe1497d72c4a355b3c2dVirustotal results 25.42% 
2023-05-17Emtm.jsjs 4fc44d998f2dd5c9dd8a2b1113af13a124201f3cd8b1f55511976b52294ef5e7Virustotal results 23.73% Quakbot
2023-05-17Tluh.jsjs f6367e6003455bd5ec09ff23726731029805bd0357bc8cd5184dfe270962601cn/a Quakbot
2023-05-17Rauysny.jsjs c321a1664d74da4f73b983c793c4059b38202d4116be2e9f53f9aa1d4320d830n/a Quakbot
2023-05-17Eillq.jsjs cec68231db135d41ccc1e340987f970d3c4e3763d57622681dcffc520b72fbadn/a Quakbot
2023-05-17Woqqyqlp.jsjs be076f38cec364cc209babd901b5f6ab13a1a0b572563cf86b1b92a084919fe3n/a Quakbot
2023-05-17Fpzozdb.jsjs 0e36dfd935d6057fac9ab1cdf156ade9e4f55f45f86eb5359df6c120c5bc8e8cn/a Quakbot
2023-05-17Xttkah.jsjs 1b6dd741ce7ca9417ce4266fc412be4092d861f7d190aba16c7312f1efa1a589n/a Quakbot
2023-05-17Kavr.jsjs 239c57be656ac5cdaf1301b11fd6d5c38300cb098c1e4622e6dc1469c8250d96n/a Quakbot
2023-05-17Zdxlh.jsjs cc6552a220cf44c2f9fec9a351ed24830012784c2c851abe0e3f78d773cf14edn/a 
2023-05-16Aphnhqxk.jsjs 6531a6b19c30f832648f1000513268fac1aa40064aebf7671c4f5ea3b23fd350n/a 
2023-05-16Sfgwbv.jsjs e12ec64a787e06cca9865056f31ef12b3070cbcac25855643fb00a78c5f3b0bcn/a Quakbot
2023-05-16Oxrbfo.jsjs 587899c9a290807938fbe5cd81259d65170c1bf33c6f7fedb6e3acc867c16591n/a Quakbot