URLhaus Database

You are currently viewing the URLhaus database entry for https://mzkhero.com/iroe/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634582
URL: https://mzkhero.com/iroe/?1
URL Status:Offline
Host: mzkhero.com
Date added:2023-05-16 19:12:23 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:13:28 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 3 hours, 30 minutes Poor (down since 2023-05-18 22:44:25 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Okge.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Ouba.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Bfcz.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 24.56% 
2023-05-18Crbqfnzs.jsjs e64c94d661c370a25360e70a8e9ef6b14425b8ea1e218477479255ff6dd1e373n/a 
2023-05-18Jaedjhe.jsjs 176082ec2166a938b76477a4d42d940987b38d787c43628c9e17e75057338dc2Virustotal results 10.17% Quakbot
2023-05-18Hcnkicv.jsjs 3c55d89d269d20d6852bd0da433091d1fb247c736acddefdf23c414213857e73Virustotal results 31.03% Quakbot
2023-05-18Yvzo.jsjs f0071ab8efac63f43a57e5ce10cebfd8f2d18f0b8df63002a484d4acdc24b4dfn/a Quakbot
2023-05-18Afdsghkv.jsjs 3f81d638187365133a7541ec95cc8cdedd33693b4fd6331e5fddb2281147b873Virustotal results 29.31% Quakbot
2023-05-18Qulzult.jsjs 029c7e0d1aaf9b325f8d1adf729b367d04954a895d6c1988c91f700855d91db6n/a Quakbot
2023-05-18Sztny.jsjs 8c4f0c45a34f4cd509c3354346e0db29fbbe4bd099e2b67de6abc88dde35081aVirustotal results 25.00% 
2023-05-18Aoenvnel.jsjs e90a83b63ded96ef671ed3692c8983df0d5845adeef9c03bbbacc8a34cc8db79n/a Quakbot
2023-05-18Vnyp.jsjs f4454d45458f3aaadcdfc328fc4107a6c670b1c0e04df1d476ca56e831b83818Virustotal results 27.12% Quakbot
2023-05-17Ijtlc.jsjs c5cd6ca0ca7e79a3c24d0b2e608780ee8eff700153663539c8be58f273a24565n/a Quakbot
2023-05-17Ekokzycd.jsjs 9f83e5346339db98db754ee60a6d9de3db2ecaf650f4590c2a11ad9e484c46a2n/a Quakbot
2023-05-17Tegppuzx.jsjs ecb53b7bd1821908e3358a50f35b5cc1aa92c43f7c190eaa7e0e473ca199dfa6n/a Quakbot
2023-05-17Luexeq.jsjs c5a390d1bf67c2241e5a9cb33cab3e83b41d4319c494c9f15d864cff3015e95dVirustotal results 15.52% Quakbot
2023-05-17Idraljca.jsjs ec6f55b9c56d3dead8b8490dfbbcccadcdfef62b7d67c671b8d0ee9620f4b74fVirustotal results 16.95% 
2023-05-17Owhloi.jsjs c183dc69a6e054260b5800df8cb1bdcf33338ca9f2d92f1b6d2161ca1fa1b850n/a Quakbot
2023-05-17Blop.jsjs b3d737c721d3c5e7e58a28f076c7fc26e6ebaab2f08f52e645c645c0b8536210n/a Quakbot
2023-05-17Akoz.jsjs 6e72177193dd33d46d53c83958b42ce58159467bee439f3581935440a8d04a17n/a Quakbot
2023-05-17Txkw.jsjs e540d1d018079d974d9b96b1126fbcaad60a35fb235d31ad2f3adc4676f5990fn/a Quakbot
2023-05-17Oanrcp.jsjs e4b120923bd084170e984b3e0345465f170c29d8ba050db5a865955b89c414f5n/a Quakbot
2023-05-17Uzxhh.jsjs 89b9c0f490e1792e5b71dcb3ffacb6325a060312adbb0ce70e5f27fe7a83da51n/a 
2023-05-17Qyypft.jsjs 14b3f0236bf16a80f5b4e7e95f15866c6ca0893240c28d1dcdbf42da0aed8cb3n/a 
2023-05-17Bobvd.jsjs 105d8dc0dd0f46a6ce320500d6c6689f469cbb0bf36542c21a1e9414924699a1n/a 
2023-05-17Yaxaaw.jsjs a634462b5d4dc468fc3c3a68aa69e8b06818f391e7479c2e7d48d75389e65640n/a Quakbot
2023-05-16Fgxvtek.jsjs ed515e4e2caf92dad25e18bf2968f5a6ee465c217033cc44358eef20372d42b2n/a Quakbot
2023-05-16Ymwhy.jsjs 8b3d340c2682c79ca97d7e3b983549e6119b149b23bf7db7ee875c9301c272d6n/a Quakbot
2023-05-16Uszl.jsjs 96a43eea875d51ab5e46cb3e4a0eb245ab610c99208d18b79d6809f1e71f822dn/a Quakbot
2023-05-16Pohs.jsjs 3619c082572a29bce87239d9d8c4c4cababe297bb99f62adfad8ba8fbeefeb6fn/a Quakbot