URLhaus Database

You are currently viewing the URLhaus database entry for https://manubirdinglodge.com/tt/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634565
URL: https://manubirdinglodge.com/tt/?1
URL Status:Offline
Host: manubirdinglodge.com
Date added:2023-05-16 19:12:12 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:13:11 UTC to abuse{at}bluehost[dot]com)
Takedown time:2 days, 1 hours, 50 minutes Poor (down since 2023-05-18 21:03:43 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Rdqwluhs.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.73% 
2023-05-18Kkahlgw.jsjs c9405181760bf1482ac0fcca4034002716ef5a48bacdfd80e3cb5353db6fff56Virustotal results 25.42% Quakbot
2023-05-18Orofkvsx.jsjs 759b7245c8f5cd0c5db7853442c740696c4a66caf8aae6a281b32f063f6c660an/a Quakbot
2023-05-18Wtpjsxo.jsjs b0be9915846a032654d7a5cdc2488d13fd892ca71f707d67ef917a7ed79bd43fn/a 
2023-05-18Icemch.jsjs 2dba215a58d9e94365ddf7dad401aaefe0258795b13308a0521c655fc8cbbb26Virustotal results 15.52% Quakbot
2023-05-18Ieogr.jsjs ec038ef76ec39d36971e8a801105bd271b7e7c72a23435f57313e54e0faaac27Virustotal results 17.31% Quakbot
2023-05-18Iqxsst.jsjs 3833419abb83fe2369255a23b3fa983e65047ca005c0dee0d772efbdbf8ee75fn/a Quakbot
2023-05-18Zryirx.jsjs 7f5bfd748f09cddad1977aabe48a77b4aa3281b4bc9ac685ca0e53226b92c107n/a Quakbot
2023-05-18Yeyrwr.jsjs 1126eb773737ce63bcc031813a3893e30dcc5b6a0f018496a3e0106fdf1783d5n/a Quakbot
2023-05-18Rzpgdk.jsjs 783e0a457afb1237e0956e6ff847bfcdb49ee23036f51b4621b534f54d67112cn/a Quakbot
2023-05-17Sipn.jsjs 6ee195c06baf35069572750e08cf581ee2a7a59c0b75faff8c5284a839f34ee6Virustotal results 32.20% 
2023-05-17Qncgyh.jsjs 26bcf4ed38ca973b884b3322675bbd0b590533240961f9fd6272fa3e3aeba113Virustotal results 31.03% Quakbot
2023-05-17Dsbq.jsjs 4a91fb2765da3056fe04bf5254fac9eb72f1fb4f8026845d71ffe672d4daac8cn/a Quakbot
2023-05-17Ogcqh.jsjs 6a2662394ca0402750ab97d8fe3a3010858b9dd07c373ce3b2579f8f0b13364eVirustotal results 27.59% Quakbot
2023-05-17Rvuu.jsjs 93bba231e08381a78fea4f6623a38ef11130273ca9bad59f5132b68797d90d23n/a Quakbot
2023-05-17Dhhrxjx.jsjs 0af9a445f31e51c20a58fad5f35d353da59c49e684bf1db02c436c4d7f7f18a6n/a Quakbot
2023-05-17Awdctb.jsjs 5e1581b1da5a05a5baee064cf15334c7199e5808fcb9b16decf62e6cb66940c5n/a Quakbot
2023-05-17Lqcgfse.jsjs c169a4f3e9ce99d59897edcfdad4bd6ad3b671eeb730932dce6a8bb6f616b0cdn/a Quakbot
2023-05-17Mwmnyll.jsjs 55b7baae8f61a502c2117af84f6ad0e5dfdecb92602cd55462d97b584438e733n/a Quakbot
2023-05-17Kklwtua.jsjs 9170d74312a57482b4373591481b382d3523f26644365de7b0246cd8048b3fb3n/a Quakbot
2023-05-17Vetqtm.jsjs afca8420fc80f59554ca02ac9728e24e53c3b0e97a5cff6d75e205def071f543n/a Quakbot
2023-05-17Zxmbcgv.jsjs 95255eddc10985c267faaac8a9f20e8974a1ec57688690b031cc5819e8eca1cen/a Quakbot
2023-05-17Luckeu.jsjs b33e803ca9a4c408c12bf8e6b267142e16460678d42953bccb7f08438786c299n/a Quakbot
2023-05-16Wqsnmi.jsjs 2c3a445812bc0081804bcc460d0f47586418a870e7301827eae2c3a85732590cn/a Quakbot
2023-05-16Vsjoukza.jsjs a7f18c66dcb33287733c00e450b49ab20421487da5f29385d781de3a5bcb1255n/a Quakbot
2023-05-16Ppmuhmg.jsjs cdd01a3b5adf3701859e30e262ee921f885fe56e5e9eb1e962e0b1777e7b6718n/a 
2023-05-16Bghslgs.jsjs 912c30b0bd0fa4e8d4bcd3eb0af027592740ca5c82934750cb541803f46a318cn/a Quakbot