URLhaus Database

You are currently viewing the URLhaus database entry for https://cambodiafirerange.com/ema/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634489
URL: https://cambodiafirerange.com/ema/?1
URL Status:Offline
Host: cambodiafirerange.com
Date added:2023-05-16 19:09:13 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100116745 created on 2023-05-16 19:10:06 UTC)
Takedown time:2 days, 2 hours, 11 minutes Poor (down since 2023-05-18 21:21:32 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Wmxxbe.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Xvojnw.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Rynpmkqt.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Iwexizu.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Cccqyll.jsjs a9f2a0cb2e1331cb0fde62a0318a6e4666f4e283157690f3f7a1059aa73b2f71Virustotal results 30.51% Quakbot
2023-05-18Vpqozjap.jsjs 0a976cddfcc0bc1b5776cc8cce0d9d1c9fbddfee4017434169358a45936d3ab5Virustotal results 27.12% Quakbot
2023-05-18Qmnt.jsjs 9b64ae131a9769a5a9c68d07ec022e6c1bb857b911fd3e4ba914453db7e4b317Virustotal results 25.42% Quakbot
2023-05-18Osnoy.jsjs 9aa3958dd376fcd792957165b53999bc05bdb411a0ea61e30b7787e1a7cdfbf0n/a Quakbot
2023-05-18Fkxkryj.jsjs 8b2b3c3498bea970b5883a908b36e4437b9809a010cf2df44004264d33d66dbdVirustotal results 11.86% Quakbot
2023-05-18Agrdof.jsjs fb5908d59b642acad4cc8e4b40c8003da06b37e422221c358758d820f2c0a53fVirustotal results 23.73% 
2023-05-18Zyeneqz.jsjs 27f17e9ee4e8f78f3e02acac452da67130c961c7c0d07e9ac05fe68ed2f3c07an/a 
2023-05-18Rkmos.jsjs b4b9340a057e2f27555df973e95af7d75b991cadbf943c5f48de2cbda1e3edcdVirustotal results 29.31% Quakbot
2023-05-18Ealfxbjf.jsjs a64cebdd853596ce95beeb112b9dfab6eab26ff09b77eaad1c909cb1b6cff48an/a Quakbot
2023-05-17Umfj.jsjs ba7f993248a05baa4fc8af51ce3e8f89889e817065c4b964cb37bfc088ae75d1n/a Quakbot
2023-05-17Bysycya.jsjs 75203d83c417a2bcd9a5298c46ac9c2befe4e75e7e2c40722c7b8f59a2232c98Virustotal results 27.12% Quakbot
2023-05-17Sqlz.jsjs 4199aea159f7829cacce2dcf979b07474ecef8f9e346c83817680cf1cccae1b3n/a Quakbot
2023-05-17Bkhuue.jsjs 6a36fcdbced70acfd047d3132e249ef81960cf97f62f9e391e672db0ecd19f13Virustotal results 27.59% Quakbot
2023-05-17Jlwo.jsjs 213ee67765673cf53e5f361c49a1bfe40187ecfa07f72bd5a77d13e1f437edf4Virustotal results 27.12% Quakbot
2023-05-17Pgqypyid.jsjs b9db0988cfc1418354e6e55c54e7346c335a55a40661a6907d35143a9f8f8f8cn/a Quakbot
2023-05-17Lqfawwly.jsjs 4fc44d998f2dd5c9dd8a2b1113af13a124201f3cd8b1f55511976b52294ef5e7Virustotal results 23.73% Quakbot
2023-05-17Zftshqs.jsjs beef899ba8219a03c41bf9e97b364026e3d2eb2d81d0025e5fbef4ebb7e6a4d7n/a Quakbot
2023-05-17Nshajf.jsjs fc840fb7e0eb26dce42f6c1c7533c2374922bea0c78801eeb6f3eef15af24a2en/a Quakbot
2023-05-17Opjjw.jsjs cad30279a86e64eac80afb1f34703eadd5573b4ba9fd243f5464f9193c1952e4n/a 
2023-05-17Wlqcgg.jsjs 31425fbcee255f357099d92700d560811734ce6d4aa107a2efd7152793e0000fn/a Quakbot
2023-05-17Ntzwo.jsjs 90a9307baf9cf031add338bb0b8c68fb09e14c4bc353998ff4fa307353059be7n/a Quakbot
2023-05-17Qghvtm.jsjs 8619a4718d5d01e26ef06c0facbfcd26f0c69330c79314fb8004cd73b0c8e2a7n/a Quakbot
2023-05-17Qgmuryf.jsjs 0744d6ef71852b894083dab78b18579dcae8c3436e09457fea8e63a3410b1ffen/a 
2023-05-16Qpjzcpj.jsjs 76fb7c97328bc1b036c26f1c48a825f9a7c901f18ed5a6bb6ebdd4fc06c4e3d8n/a Quakbot
2023-05-16Ibtxnarb.jsjs 5068a3c6cdcb566cb38b0d676519c9d692db0900380c6241c2aa7b31adac525an/a Quakbot
2023-05-16Grrwmbm.jsjs ac0a99690706bcec1a635ef97fb7f266b3cd26d03c5cd09aedb3f911d4d3e209n/a Quakbot