URLhaus Database

You are currently viewing the URLhaus database entry for https://heyheyitsme.com/eiia/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634531
URL: https://heyheyitsme.com/eiia/?1
URL Status:Offline
Host: heyheyitsme.com
Date added:2023-05-16 19:10:19 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:11:27 UTC to abuse{at}hostgator[dot]com)
Takedown time:2 days, 2 hours, 0 minutes Poor (down since 2023-05-18 21:12:05 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Pnhkof.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Ezeh.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Udvfpu.jsjs 3faef457e40796e6fdf658b50724bcd7ba909526b631341bf1ef36731a83a9a8n/a 
2023-05-18Izrnkdjq.jsjs 714060f5e2c5205f536a3c5e0b50b63e7c5877f9aec307ff8cce701d130a07bbn/a 
2023-05-18Jwhy.jsjs b1c5cdb6f87ad0c3aacbf479218ede289571b85d30eb47defef749332b52c806n/a 
2023-05-18Fjcbo.jsjs 88e1c48885e6e3ca5b9336e4c427b393b3ed8d986289d640404abb2cdf869689Virustotal results 24.14% Quakbot
2023-05-18Uwqmgfrz.jsjs 3a2fe931e43de04dd026f5fa57590b2baf3539c2930e6d9239ec3a95a1ec6bd7Virustotal results 32.20% Quakbot
2023-05-18Obdaf.jsjs b77866fad79584d4eeba2fb19ac488731b788c0c7c1ca30001f91741db44e06en/a Quakbot
2023-05-18Stws.jsjs f27926066b5633ef279634f13fac70b4fc198ce37d68ef22e07fa19e4bf0fd44Virustotal results 27.12% Quakbot
2023-05-18Wobrfjwb.jsjs 7237114103b60a76ef6a67916d0d6fc1e14dc707087bd27684d1093748393f39n/a Quakbot
2023-05-18Tbumtp.jsjs 26bcf4ed38ca973b884b3322675bbd0b590533240961f9fd6272fa3e3aeba113Virustotal results 31.03% Quakbot
2023-05-18Xslyig.jsjs 0eb36df6ac7e73e53c148166b06b5c1bc80d6a92c1718e19711dfd219c02ffd2Virustotal results 25.42% Quakbot
2023-05-17Srqxje.jsjs 13c75bb7b88d3903fbb5263103d8e12f736ce24e98fc6397eb0286451317c087Virustotal results 27.12% Quakbot
2023-05-17Bbtqsg.jsjs 5089e9979f6a45bba9ac940e1e725185230875623b2242cad8dfcf968141f073n/a Quakbot
2023-05-17Qyblhbi.jsjs 614b789451a47511f7b28865dc84ac5a5214ce91e53b5f9ebf50cc64c5cff4d0Virustotal results 25.42% Quakbot
2023-05-17Lbyv.jsjs 6d5e3d77360658771bba4d35e8dd94a77d30f33a7c30ab86b66e271b54d2a638Virustotal results 20.34% Quakbot
2023-05-17Whjcdpq.jsjs ccdaaebf2ae2ce525ab5ccf2b4d74cf6b58e7d9515c21c0d46e2b8e0709eefb6n/a Quakbot
2023-05-17Kjefqxys.jsjs 8e028afe5e530bff241456519d98c4afe35e4e8432ca6929cb4a327144ecb765n/a Quakbot
2023-05-17Tqxmtuaj.jsjs 956a79e5f372f3410d4edcd961bc52046571dc9c9f97c99a60d412b8c1d63c50n/a Quakbot
2023-05-17Kchti.jsjs 3ac954a861516ba7bd58181f02cd81e4b6e99fa5e632d8ec49d4f5755ae0f0e7n/a Quakbot
2023-05-17Laomxd.jsjs cbdd2e18dd75c23ad43e66aa9bce623bdf44dd7aba8d43fba7f48a5cc967452dn/a Quakbot
2023-05-17Ombujd.jsjs 474ce2589d45a55e5be8185a6f5c42b596e0d45d0ab47c416d57618c8c6d9eb1n/a 
2023-05-17Xgpbynhm.jsjs e577d43952325d2207e8bb36116af1cafe024e0017d857100588bcda07f5984fn/a Quakbot
2023-05-17Ogbg.jsjs 51e898da2078e652ac4ad8efa7455c987024d6f34e6758956ce406065c76ab7an/a Quakbot
2023-05-17Wikwhrkl.jsjs c4846ffe153bdd90d47e8f35c75195e0e056cf1a27e4e66673ed22d777cfc7cen/a 
2023-05-16Ewyzeka.jsjs 842c5b6e27774c401b51235caa3675ba7f07921b64d47cd478fdaf9210ac3e4dn/a Quakbot
2023-05-16Busopn.jsjs 7c11eee2dd2e235a3ac3f19169afa9849687b4d65e812e0dc2ff654927f37195n/a 
2023-05-16Hgcsh.jsjs 88c33cba42b28d23e00151bc5628875bdbd4c3f31b77325ee0a86908637ea944n/a 
2023-05-16Xhdnfhq.jsjs a4abb0d75d8b6a3bd10d441766d0782fbf9dab68497d3ab4d74b6ab0e5fadc7bn/a