URLhaus Database

You are currently viewing the URLhaus database entry for https://cambodiatg.com/mit/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634490
URL: https://cambodiatg.com/mit/?1
URL Status:Offline
Host: cambodiatg.com
Date added:2023-05-16 19:09:14 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100116746 created on 2023-05-16 19:10:07 UTC)
Takedown time:2 days, 2 hours, 15 minutes Poor (down since 2023-05-18 21:25:25 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Wzsix.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Tbba.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Nfobkvou.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Skecw.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182en/a 
2023-05-18Sxiee.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 23.73% 
2023-05-18Hdet.jsjs eb40b9246889e25a0aa869bfab07adf9622ef027a8ef2ca488d9926b5a39718fVirustotal results 27.12% Quakbot
2023-05-18Nteqskd.jsjs 784d0c23a7299fe8f5a79ce4f83765cd48535cf1afc25d542a0f854f8049d149Virustotal results 27.12% 
2023-05-18Zqxrlr.jsjs 5eecbea9208745932f291b3156e7036997e4b1e93f7bb53a270cae7c125aa079n/a Quakbot
2023-05-18Rhuw.jsjs 2936b6742f1d05f0f4625a1582b4bb5e44cf16340984eb0eaf2118709e5f7933Virustotal results 30.00% 
2023-05-18Aroft.jsjs 9e158a8d22dc98e3ae057267f1f3abc2cabc910f829c052269762460d602479aVirustotal results 25.86% Quakbot
2023-05-18Zpfbw.jsjs fb2bca8ce3aa4207fc636e9ebc34bb47cc0d9b6a233352bff3b6875b6bedce3dn/a Quakbot
2023-05-18Abpsd.jsjs 399c7eece18438ba4f325cfc3863d0603d1237732a310fa2124a136ff2a335afn/a Quakbot
2023-05-18Ihiivt.jsjs 8ee5d86b74cd803753d211be4c64578d8d39e7dd487d114bdbe044505063bb7en/a Quakbot
2023-05-17Nxkzm.jsjs 6fc84f16bba8f14130cc061d7ab41c424fdccd71398b2bd8c1f4300ffffe8912n/a Quakbot
2023-05-17Dvpvz.jsjs d6e5d8bb312aa607d892cd90a910040c5ff30ee3a76f41fd9c177f3c09b59f21n/a Quakbot
2023-05-17Stcnlss.jsjs a99deed91507b2e0aa98b17753892aa733b12eed707f493c38359420a3a4f109Virustotal results 25.42% Quakbot
2023-05-17Idhq.jsjs ee8f7825f5b87fbdb90f5bc8eff0cfadc358c64cfca2dcb37acfd398d5b2f201Virustotal results 26.00% Quakbot
2023-05-17Xkpa.jsjs 93492712919e0adee85ebe16363f99eb8fdbfe7f055f8645bf21322ce803cc13n/a Quakbot
2023-05-17Knydna.jsjs 26a9ccdd2cb5bd68aea8b06532a4945f8f6585f5ee8e03fd64c7dd7ba9bde535n/a Quakbot
2023-05-17Knbwtcfv.jsjs b5e43b4ccd0107bcf4e8ce081135f2adb345ba3df9a4df5637d3cd9e08b43ba8n/a Quakbot
2023-05-17Sxbkaiph.jsjs 7f811ecad7f8bde45c4d74da6f87e1e65be830e25486c5f6458b01acc3520aefn/a Quakbot
2023-05-17Umhazs.jsjs e48ae1a638c66be2199620982362e0331078fa45207eb4f264aa7b026ec562b7n/a 
2023-05-17Barqxr.jsjs 1bea8d3abab0bb6f79fd4d0700ee64f0b16c5452bec60b84dadbe53f2f66cea7n/a 
2023-05-17Yinx.jsjs 75c451814231ff99d5d989b9f9139b7f3482ede485e06c4b1357d4692eb3457en/a Quakbot
2023-05-17Vydz.jsjs a70aed546ab8ee66c375d0c69f57525bc8c581859866c883fb9f92f1e0909df6n/a Quakbot
2023-05-17Ftrjdbn.jsjs a894306e7e1f57ff406aa1024b21a811b65c22688f6bdcdc7b773268042b471an/a Quakbot
2023-05-17Rllfrr.jsjs 26f49aa93d5cf7c9fd011718942c461f08d9d4200d402965209c9172af211126n/a Quakbot
2023-05-16Xtkpewzl.jsjs 888b54a0807617b0768ba6f3bea7a1e31a51ce931c5077e07ee6b4364b1b073dn/a Quakbot
2023-05-16Tqwsajs.jsjs 2d37941aab9e559a7e1aeb730a84791ab2f13b3b8433db823857d8a707b94ce4n/a 
2023-05-16Zcqf.jsjs 68578b404ca2be8c3ee1a76f64ea99fcdf8b65e2bd2c9f0537a79ee437dbcd39n/a Quakbot