URLhaus Database

You are currently viewing the URLhaus database entry for https://marcusavila.com/ul/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634567
URL: https://marcusavila.com/ul/?1
URL Status:Offline
Host: marcusavila.com
Date added:2023-05-16 19:12:12 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:13:14 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 1 hours, 52 minutes Poor (down since 2023-05-18 21:05:22 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Kmsu.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Ymmqa.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Jhoaiqmv.jsjs 0189eb01c9b62f3056ca75448fd0554973e7cfa9629c373019770419e9e970ddn/a 
2023-05-18Vruhgsk.jsjs 3f883b067422272c3b10eea88505351741b599d103f66676cb75912106735cfdn/a 
2023-05-18Slkcs.jsjs 37f6c3ef6d545c8b3db46550b00329b03390e7d7abfa74c5b03bc0c85f07af15Virustotal results 28.81% 
2023-05-18Eaens.jsjs a6974773e37cbd56791b75effa167213997aeaaa65d704bd1de8aac6d9dd42ceVirustotal results 30.51% Quakbot
2023-05-18Qiwdcb.jsjs 91a5198c948c77a1f4e846013f6bb7d2ff376ca399e58f825e90cfbaf5c3c773Virustotal results 25.42% Quakbot
2023-05-18Hcxbxpg.jsjs 8a9af030d5759e428811a44e1582012c64fdef7059286c4c1693f13566e2d3b1n/a Quakbot
2023-05-18Cwvbpdr.jsjs 03cdab834b6a7165627af8e82df4d52dde740aa3481625a88ef76e122b7b2894n/a Quakbot
2023-05-18Salakhsq.jsjs 19f01a32bff6fe9b165ef850e438aa1e9f6ca0de31dcfa4ad489b61367cab1e2Virustotal results 25.42% 
2023-05-18Fpfvng.jsjs 397ed6d5f113de3b5a638878e1ab22bb58f5fb493aaef92441db571bcb4c81b5n/a 
2023-05-18Mregvl.jsjs b76a46e9b0db483e342c390f25663222fee2e67cb7670205636c7ee748850b86n/a Quakbot
2023-05-17Vlmcun.jsjs cc1399eba326d79dc397363937989a81822144dc05e184cd6d904bbf2617e9f7Virustotal results 22.41% Quakbot
2023-05-17Chlurob.jsjs c1064ed6356f294c6981938454ee3a3712e5e63930c1554a3c1602eacbd6554dVirustotal results 25.42% 
2023-05-17Gtagu.jsjs 1a1943fad765d92f9e4afa5ae4df4ec80c61fe42d83f15ab13027ced2e33bbbaVirustotal results 25.42% Quakbot
2023-05-17Ssfdajuh.jsjs 23fb378ba68beb5c6b1281c46215b56754ce9f89836c50f35b59615c2f79b455Virustotal results 25.42% Quakbot
2023-05-17Nxpp.jsjs bc08bfae3a441cb9485634aeda5f5ae4cbbe5e36cd98ce7b2812cd62ed4e5034Virustotal results 25.42% 
2023-05-17Zewou.jsjs a18a3c0e37cfc92a00d139f4aebd7996690f4428dea318f028570bf9037d8aban/a 
2023-05-17Fbnkb.jsjs 7001d12f0aff0c6712230ed17f0fa70b2b0f2f7f58554663f28e687b643386efn/a Quakbot
2023-05-17Npkfpvm.jsjs 44e45c975ea8243f651e5fbd133278dbe97f9d1467ffe4c8b506916259756aecn/a Quakbot
2023-05-17Zqldbjp.jsjs 9a9d8818f78214dc088884580a23eaf220e5f9d4232ec8bd675aa8a15f2a9c29n/a Quakbot
2023-05-17Addzslx.jsjs d57cd4794c4c56dd84e4cf45edb9a662c9a9d7b06d80db29572a5c782081ab3an/a Quakbot
2023-05-17Lbggdm.jsjs 6027ac42dffbad997efcc9a6b12742645c22d786626dc09f51295c4ecb7acf1bn/a 
2023-05-17Ezwycxvw.jsjs 211412b62a55c76cfb30e0b71663a8d83a9bc3c25349ca7fb3a45009373b4de0n/a Quakbot
2023-05-17Vuen.jsjs bc8cb329795dae8cc8e361592d7a825e04f6f6091bf9b2612887914d56c73fc6n/a 
2023-05-17Rnlyxel.jsjs 0c90127cc2d497e8f81feaf5df764c263f8fc17c2517886a9a9bf35e36b2d5b9n/a Quakbot
2023-05-16Lthv.jsjs 7e5d02ea6070d1c976be78ae0b4d04927edc27ec18540f098c53ef19e44b357en/a Quakbot
2023-05-16Myowqllw.jsjs 1e1a9bbfb2e160f447040a47c7a9d1ef2f06f31328b90cc815ae24e0ebdce189n/a Quakbot
2023-05-16Zxcr.jsjs b1930c919099c95f5b00260fdc3cc28d96120184247c8ee61fbb2979b9aa99cfn/a Quakbot