URLhaus Database

You are currently viewing the URLhaus database entry for https://carnefina.com/uum/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634485
URL: https://carnefina.com/uum/?1
URL Status:Offline
Host: carnefina.com
Date added:2023-05-16 19:09:12 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:10:30 UTC to dcundiff{at}a2hosting[dot]com)
Takedown time:2 days, 2 hours, 17 minutes Poor (down since 2023-05-18 21:28:12 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Melocw.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Mhvgfl.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 24.56% 
2023-05-18Pvcjfv.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Ttbc.jsjs 85dbbf9639b6286a3943617a35cafc77fa02bf20ebb0bcc19fd21f701af07de6n/a 
2023-05-18Mmaxgtv.jsjs 020f938e3e5a80465883b947cf72e1604c794e693956eee1cc4707135129fd43n/a Quakbot
2023-05-18Inmkqh.jsjs e000b46c0d6abfd08c10602eb092657cdf4c49e578302729b7d31ae55a978a5bVirustotal results 18.64% 
2023-05-18Bndl.jsjs 0efda647b9e6537d80702573e14dad4cae7edd5bb92d94eea0f136b93fdc03b7n/a Quakbot
2023-05-18Iqfhg.jsjs 3f14bbee3c8ce3a67b5dfc257b5cff8e6f131ed1b17c77a50e705cb44af1c616Virustotal results 22.03% Quakbot
2023-05-18Gnijztg.jsjs 5e1581b1da5a05a5baee064cf15334c7199e5808fcb9b16decf62e6cb66940c5Virustotal results 32.20% Quakbot
2023-05-18Bfmnsab.jsjs 05dab37be019900d575f8a51485f2baecb4fe212712970c486fb711a173c6290n/a Quakbot
2023-05-18Qbuy.jsjs 3bb38fa6f98d4d9251f3db4a5374a212389305ea2079c93ed01408cb473d434dVirustotal results 15.25% Quakbot
2023-05-18Tvqdotke.jsjs 56e1630e4d5a2e6b1c2e4e5494d4f0934129788140e2bb2894da4d50c48ece66Virustotal results 27.12% Quakbot
2023-05-18Hbpxzsfc.jsjs 6c2bc2e984886cdc84fd988cc8504fd8737f22afe09cd972d52344c526d16d5bVirustotal results 30.51% Quakbot
2023-05-17Rulqye.jsjs 36fa7b7d4e7fc7c9366c2fa6533c47fd96cdc2d9a6f2c3a9025fc4271c5d4c18Virustotal results 24.14% Quakbot
2023-05-17Npdxsofg.jsjs a84a8c5338c73e889cff9d58c510657f8624b8deedf847eef71befacab5ed60eVirustotal results 20.00% Quakbot
2023-05-17Bmeal.jsjs 81f0fe1ef9b350d79e5c368c2f73deec42c5a379bfbbe52f88c1c79ee481b5e9Virustotal results 11.86% 
2023-05-17Bsqzfdb.jsjs 269dec903e55df2babe1cb8bb498ac7fe56d2a079cdf89c2d5c354b7a8fa1250n/a Quakbot
2023-05-17Yngb.jsjs c63bbe3dc673315fe3da91f26e53709a754546f9d2fe9fdbbd7dfebbf28c116fVirustotal results 23.73% Quakbot
2023-05-17Yepp.jsjs efc10c85b0f60f774980c7250e0358ab61ded2a4d2f8fed854bf14d05af6908en/a Quakbot
2023-05-17Tgpsp.jsjs 2e6fa76c0870d4318d71a8defd95759f831cb88397931327f00478d853bc9525n/a Quakbot
2023-05-17Rjindunw.jsjs 7651cca96a651b16e27c653220a0948d71de2af6b16c27f18ccfdd7aba2ca07cn/a Quakbot
2023-05-17Cfzac.jsjs 8ab61dc9a37e15b3d59c23f87f9d252bf72d52a9c120f5d6c8b9629cc9ffeffan/a Quakbot
2023-05-17Lysln.jsjs 0ffc85c692dc9a99522d8ef1f10a5c3679f2068685c3be1c4b873da70d5dd87en/a Quakbot
2023-05-17Xgpv.jsjs da72f6e57d003bfeb1a9389ebb5ea76a5cf1867526e9b66e0476e001a4ee5c57n/a Quakbot
2023-05-17Dbkmqsml.jsjs f4e0c544cf6cdde13ef76f803ef2a1ea75ba11445791c23f8a4e5b887ee583fcn/a Quakbot
2023-05-17Cewud.jsjs 37fdca191150c58a2c6943d4094e54e0f69c4b045b9df81779ecf81c9fcc59f2n/a 
2023-05-16Pycqoxln.jsjs 8cf2b7848ff250d35dfcdebfdfef313656722ade34b80bcaf3441d678f4e1b60n/a Quakbot
2023-05-16Vbrny.jsjs 7b10704a517c52a7ae9740084dd677d3f91e748bfa2c1a948dc626d2b7d3c44dn/a 
2023-05-16Mqgpbs.jsjs a395c357ecb731dde00bc29151c0cf57b89559cf1218f5875f9ab853bc545e7bn/a Quakbot
2023-05-16Coop.jsjs 5aaeed8ada8fb1ae2b14d615093a35bc68b4bd6dad6389e2f38eca014e5a5177n/a Quakbot