URLhaus Database

You are currently viewing the URLhaus database entry for https://petraacademy.org/reia/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634596
URL: https://petraacademy.org/reia/?1
URL Status:Offline
Host: petraacademy.org
Date added:2023-05-16 19:13:12 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:14:15 UTC to abuse{at}colocrossing[dot]com)
Takedown time:2 days, 1 hours, 50 minutes Poor (down since 2023-05-18 21:04:55 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Uzhauncf.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 24.56% 
2023-05-18Rtgqazv.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Jhypu.jsjs 40aebb4daef0554f893886e140fe4cfb5dcdacec7fe8bcf7b6ebdfe08f7e9361n/a 
2023-05-18Cnca.jsjs 1a6bded230cdd64243a37dd3ca94385ac9f1c4794e054250311bd99f2564c83eVirustotal results 25.42% Quakbot
2023-05-18Socnyjjl.jsjs e3086e125c0def5547c4247942eaf8cdeb0e4e581562f9cef5e20b6978761c61Virustotal results 32.76% Quakbot
2023-05-18Fgwfoz.jsjs 749721b74088db119de7bccbe5cea0c9486f42bb570461ff262c5ed324b4ca16n/a 
2023-05-18Oafrmo.jsjs 3fe82998dbbd1b56d6f2bf670fec8d276ac794d97facd50002a2cae0c1f41b02n/a Quakbot
2023-05-18Xcqnford.jsjs 16c00ed1c4eea2fca24d5ac64106a0261dfc36eb8ff64471f024d0f95efd140an/a Quakbot
2023-05-18Aijkieyy.jsjs 906e50a48250213ff6fa64b72219e204e4f47e919757a5b1214a5e7682a44da1n/a 
2023-05-18Qblo.jsjs 39ac88782d43b40c56cd7245203211f747e986908f13072c8d6d6caede0ef79eVirustotal results 30.51% 
2023-05-18Djnub.jsjs 9aa3958dd376fcd792957165b53999bc05bdb411a0ea61e30b7787e1a7cdfbf0n/a Quakbot
2023-05-17Jbtr.jsjs 55ba4dfbf0eeacaace5287a51196c8d2e3c7ae79a65fd07a27fd6024ca40bc13Virustotal results 16.95% Quakbot
2023-05-17Rtyyrxi.jsjs 1518f10a4a3e1bb0772544083dd21336675b9248d73c59f8dd75068406de1474Virustotal results 23.33% Quakbot
2023-05-17Cvtrh.jsjs 1126eb773737ce63bcc031813a3893e30dcc5b6a0f018496a3e0106fdf1783d5n/a Quakbot
2023-05-17Frcq.jsjs f37d3c915b896922eed07327ecc8b944fcab1445d20c02c26c5aab8d91473b45Virustotal results 25.86%Quakbot
2023-05-17Qsew.jsjs 0727eef30bd3d52541c3e05de818415c77f77ce68db06ea425431972136cf8c7Virustotal results 32.20% Quakbot
2023-05-17Kffpjxiz.jsjs e82f04f537f593c6f5469d18db6332febdcd169b2dc920ed7619f9edab951f03Virustotal results 29.31% Quakbot
2023-05-17Pjcnmvkw.jsjs 9be436ae8d8612af572358c0394b27e9c751e6f50b2597c2b7ae636e99088255Virustotal results 28.81% 
2023-05-17Fgqmf.jsjs 561eeabd5f230ff8d733b3aa53f761558b65f54ba6d32241bf0350b4e136b808n/a 
2023-05-17Hcayrcqt.jsjs 413d25cabd4ec0dad3bde8ab94e899db1410199f71bf3a50225c8e0660a63911n/a Quakbot
2023-05-17Jtgpovv.jsjs 0d1af62d8f07b5046592c8d40e81cea15de5335623b1ff2bbde90e0052fbc01cn/a Quakbot
2023-05-17Xdrv.jsjs b6908440c42d4d91e692bba011e58c7e0a3dd111d9ad453036a33f314c19ccf1n/a Quakbot
2023-05-17Ijlmqheb.jsjs be58ec6da4da22e299c501de230cdd7d912d84c06ff558b47ddc5078305de268n/a Quakbot
2023-05-17Desrfcm.jsjs b9eabc9870c7ac3b103e2b01eab3b26999d539d11e00ee90b20857e482272016n/a 
2023-05-16Rxmi.jsjs 618f4f9eed00c0f13111a89f940678e03c94024e42388d696df9772eb7030aeen/a Quakbot
2023-05-16Kbcxn.jsjs e3b4c856b5c621e16b0e5d4169ab7d683223fbcecf43816296e136a37b8fa125n/a 
2023-05-16Uwdoa.jsjs 2eb09be99d20bcdf4765b8bad5171095103f63d77a0a308c6d078a735795bca4n/a Quakbot
2023-05-16Lrqz.jsjs 211ed0177632874340fc5013b44b5d41a5002c034e34d933856cf87c66f07fa1n/a