URLhaus Database

You are currently viewing the URLhaus database entry for https://mariarebecamendoza.com/tu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634578
URL: https://mariarebecamendoza.com/tu/?1
URL Status:Offline
Host: mariarebecamendoza.com
Date added:2023-05-16 19:12:14 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:13:23 UTC to abuse{at}tierpoint[dot]com)
Takedown time:2 days, 3 hours, 24 minutes Poor (down since 2023-05-18 22:38:01 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Cucc.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Yjlbnwnw.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Cwvyvgz.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Zkspl.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.73% 
2023-05-18Qbigg.jsjs a74b08fd8574636c900a77d9d50f0c7d91b058b6a82d501d33a366e1e7c3d343Virustotal results 25.42% Quakbot
2023-05-18Ydte.jsjs 9e158a8d22dc98e3ae057267f1f3abc2cabc910f829c052269762460d602479aVirustotal results 25.86% Quakbot
2023-05-18Vdpre.jsjs f15cee857739e493f0b99f7ec002e9fd76dd37b87080807a922a414a5294c989n/a 
2023-05-18Blfoejw.jsjs 9aa3958dd376fcd792957165b53999bc05bdb411a0ea61e30b7787e1a7cdfbf0n/a Quakbot
2023-05-18Jknexosh.jsjs cee11dd3e06833ff80c75ab19feaefb05e62b347d9ed97e9ecb8f4ac5a889f95n/a Quakbot
2023-05-18Pjgsapv.jsjs 41d25fd2c9445a58f5ae64b05b6042873508bfb85efe4b1b00c3c1b03c4f930bVirustotal results 27.59% 
2023-05-18Nxsx.jsjs 69d10bf1c18cc7df540de106a1056c5af79f8b60f1ffae762d06532cc84375d8n/a Quakbot
2023-05-17Trgqjebt.jsjs b5e43b4ccd0107bcf4e8ce081135f2adb345ba3df9a4df5637d3cd9e08b43ba8Virustotal results 21.15% Quakbot
2023-05-17Kspwarb.jsjs 3833419abb83fe2369255a23b3fa983e65047ca005c0dee0d772efbdbf8ee75fn/a Quakbot
2023-05-17Gxokilvd.jsjs 307a3ef8bc1930af1d46fc60bac9820950e278feee14f7a931ac745613568698Virustotal results 23.73% Quakbot
2023-05-17Pwplxm.jsjs 55de06acc13c3b8fb3ea954532b87c6283eec6472441480e92d849103b3c6688n/a Quakbot
2023-05-17Kpkwyar.jsjs c5b4c29787160ccb71f79ff6637aeac99008ef606c71a4b14629e1281f03f74aVirustotal results 22.22% 
2023-05-17Vutlnlpx.jsjs 24cf08aad92d93dfabb65546276958ba1bad72825e0af1a4fe5d2a2f0d2a451fn/a Quakbot
2023-05-17Jyodvsz.jsjs 15abbc922de384ed273fbc1a2e831ab1024bff793998f2cea3c69abd68a85566n/a 
2023-05-17Xqbygb.jsjs 3b2e02dd971a4fa65de5b91bf48fcf7c3d205613d6cb312a07fa24b901b03e28n/a Quakbot
2023-05-17Rxndt.jsjs 05b0e489cb0d1ba6d3d6a6e461e7d2c8b8cb40c1ba48e11d7a88a6aeb9eae40cn/a Quakbot
2023-05-17Avujph.jsjs fc0ecd6e7675ee31242ee5550eb74d8b8f34e52a067ca1ae6bbea91e77910fc4n/a Quakbot
2023-05-17Vlcmy.jsjs e11f1e55564a81c5f0607a3c83769842f922499fad4bb2c90cd687bac6e64d44n/a Quakbot
2023-05-17Qynkkxf.jsjs 08dfa3b802b7f58481d4d0a7790b9ec47ac81c997a7ea6492f8efaf7475836b3n/a Quakbot
2023-05-17Jfvsee.jsjs 3e0ca99dcea42063efe08db2becbd8fc3cd22f58a77f076ea41b3ee4baa74132n/a Quakbot
2023-05-16Fbmf.jsjs f4493d0672690c382a7b1583d277d8ef3fa236988a82a1c64981f34e6f97e8a4n/a Quakbot
2023-05-16Ouudz.jsjs 4b7bf522713c22ae3816f09473a9d613f50739e96fd10db83d4a2894750dbe8cn/a Quakbot
2023-05-16Yumnh.jsjs 55b1e351714703eb473604f6cffdfb4ae7c4928a3343ce1dcf6c57e783d1ccb3n/a Quakbot
2023-05-16Usbbysk.jsjs c8bd0291ed91665ac2d50dd9c481a7ec58e3af4f33fcaf8f609ae1a5d3659bd4n/a Quakbot