URLhaus Database

You are currently viewing the URLhaus database entry for https://charlestonunderpressure.com/ed/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634486
URL: https://charlestonunderpressure.com/ed/?1
URL Status:Offline
Host: charlestonunderpressure.com
Date added:2023-05-16 19:09:12 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:10:31 UTC to abuse{at}hostgator[dot]com)
Takedown time:2 days, 2 hours, 56 minutes Poor (down since 2023-05-18 22:07:07 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Zligr.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.33% 
2023-05-18Yiuyzn.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Ckhwh.jsjs 2805dc9f718f68c7daf0cae2b00b6ed8bd0a6e3a957fcf340055a17cc4ef7ef9n/a GuLoader
2023-05-18Navr.jsjs 8e13d078cc5a623e77df862498a637bd089487d45c2af8d1413f79f59d94dea3n/a Quakbot
2023-05-18Vqvoul.jsjs 3e31ea9bfd38c94deda13767d5f82b55906ac8a767e595d59f2fbc92588d23e3Virustotal results 32.20% Quakbot
2023-05-18Davy.jsjs 16fe8055701bf9e829e70c4811b31fc75aec4d03582697ab493fd530e84ac6cdn/a Quakbot
2023-05-18Senp.jsjs 6637cd86cb6d1780d474d49c347f8accc08a24f73ec7d212ecaa591e370d7e1dn/a 
2023-05-18Yjtzz.jsjs 3c65c87cf0e371c576074e364d5d415f782faa5f2381909a0cd1d6d3e16b21a3n/a Quakbot
2023-05-18Jiqejqt.jsjs a6974773e37cbd56791b75effa167213997aeaaa65d704bd1de8aac6d9dd42ceVirustotal results 30.51% Quakbot
2023-05-17Shzedp.jsjs cc3f6d63f84cc1a94c7b2a3942b9e0df2af0f247cf2a81b2ba18f33ce401310dVirustotal results 27.12% Quakbot
2023-05-17Ldgckh.jsjs c7350bae160037853cf976ce2975bb3bf2a766449f69080fe67c733cbe18e005n/a Quakbot
2023-05-17Jchbka.jsjs f2a2ace114103a041e79ed5165b96ac32d3595aaa0c8f1ff92533be7728179a4n/a 
2023-05-17Ajmouv.jsjs a45416e3d9aa47760feeee7375be42c3748b04b0d9c6c573bf4db2cfa07929b5n/a 
2023-05-17Glpe.jsjs 29d88d7a73d988b2b2c5ddc76ac150742366a2a8c379758bf47f13c2fcf01346n/a Quakbot
2023-05-17Orzg.jsjs a3406278c88b33249a6b920c825fa8e4859cc3a7e68ea22c5637b5f32c9cc220n/a Quakbot
2023-05-17Ummkiyp.jsjs 3aa262a1bc10014805b4bf1e9d874e61b8d7747ca7132c2f8098b66cb397cb7bn/a 
2023-05-17Qbwpxkru.jsjs bb52f45c23cbbdf1fca08e8735a9596241e03f9cdeed47bf0daa772d79b8c8e3n/a Quakbot
2023-05-17Ostdn.jsjs f32ada023b5faeb0083304ff3fa48b1029ee6e4ca930ac78a29e0ee49a3c40d4n/a Quakbot
2023-05-17Vncga.jsjs 586a20529268ae687a1ddc2150f3354ef4d92a92eadee3e0e9bf917e421b9660n/a Quakbot
2023-05-17Bfiinfzu.jsjs b023baf989c94c7a1e466e3655c422e0d6566668dd2883f0aba6298dc5e15388n/a Quakbot
2023-05-16Catwyhs.jsjs 4ab8d8ec8f5a222c29d1754b01ed954177bb70ac5b40decd7161f3ee2b80102cn/a 
2023-05-16Glpiucaq.jsjs ebdb30fd710e68fc920c3ba0e53033eaa8ca6dee11081bfa367251ca30f8a514n/a Quakbot
2023-05-16Gszxthpu.jsjs f3b4acac16ad49867a433e0902c0cbde3dfc53f055a65f60d58f4b2cf2b7b0can/a Quakbot