URLhaus Database

You are currently viewing the URLhaus database entry for https://redepintadas.org.br/qu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2634600
URL:	https://redepintadas.org.br/qu/?1
URL Status:	Offline
Host:	redepintadas.org.br
Date added:	2023-05-16 19:13:13 UTC
Last online:	2023-05-18 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-16 19:14:17 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:	2 days, 3 hours, 37 minutes (down since 2023-05-18 22:52:08 UTC)
Tags:	BB28 geofenced js Qakbot qbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-18	Wlwtly.js	js	d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37a	23.73%
2023-05-18	Ydewzrsj.js	js	d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9f	22.03%
2023-05-18	Ftyjoo.js	js	d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182e	22.03%
2023-05-18	Vjupwap.js	js	1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0ee	22.03%
2023-05-18	Cnrs.js	js	04ffc642ec3d8109224f1a5dcbc09c0e3ebd697a6ce8314963b0ca3b480a1e1c	n/a
2023-05-18	Lphrvoh.js	js	0f8aac75339d21d38c89f545a30c35990759d0f0123017fad73ed0c8ce34b51c	27.12%
2023-05-18	Gbneb.js	js	56f98c1c97e1453ff995b3a13557d14600aba57f58f3537688826daeba157151	25.42%	Quakbot
2023-05-18	Cofz.js	js	0c7c96dd589f0bc1676f7af1371bc70cbf50d310293d070ff8e1fef3df4533f9	24.14%
2023-05-18	Ikbknns.js	js	356497f781814842756d631b841bd2962b7aba15e1e749956f57352ecf4e24bb	22.00%
2023-05-18	Vaut.js	js	19c40585627ffe423ed5f0a6da7706a51a4e068323d3f9cd2f54a01d45c02af1	n/a	Quakbot
2023-05-18	Vrdjv.js	js	b1c5cdb6f87ad0c3aacbf479218ede289571b85d30eb47defef749332b52c806	n/a
2023-05-18	Nrzlzt.js	js	59b0a76ebb16b7e92fd7040cce169d3cd207567b8293852c5bc0d44574f68077	n/a	Quakbot
2023-05-17	Onhubjki.js	js	2683122550edbc50a5df311f2d51a511e7f980332b26d307f6ed2babdab38325	21.82%
2023-05-17	Wjexv.js	js	3938ff8a3f26ca0c121f461afcbf7394844e31d1fb9e68757fd98de2a4b3238b	23.08%
2023-05-17	Mtbt.js	js	3833419abb83fe2369255a23b3fa983e65047ca005c0dee0d772efbdbf8ee75f	n/a	Quakbot
2023-05-17	Upnfj.js	js	e83bd9c4b21fcd0dac063c512259b7310762d0f7b923cba778206403e5314398	n/a	Quakbot
2023-05-17	Cablalpx.js	js	c56bdfe438e6261fa00e5e48e3e9896927886b959c2947db67582b4cf0f08e74	22.03%	Quakbot
2023-05-17	Jiub.js	js	928de378e1b8690de67deab709ed80da406ac542daf31e7c5859f02c0b9a4240	n/a	Quakbot
2023-05-17	Pkzubb.js	js	b76a46e9b0db483e342c390f25663222fee2e67cb7670205636c7ee748850b86	n/a	Quakbot
2023-05-17	Xjpyguai.js	js	31f4fd4a802684265cedddd3eed02ab478d1ba2e0f74cd59d9bb894d173f4600	n/a	Quakbot
2023-05-17	Khuwtu.js	js	0b170289100c039d38e8e0f7cbe02dbc34cb781662861ff49d630095a3716ece	n/a
2023-05-17	Hyco.js	js	4ec9df1ad130f24b694e8324ae5e72d6605cc1d1fbe37d88b432c20d3aa0e653	n/a
2023-05-17	Ltgqm.js	js	e5f382616c9b3819bd18460caa9597c68fc833550876b87777860167797c62eb	n/a	Quakbot
2023-05-17	Kuupzfe.js	js	6c5f82742359ecb650b658cfdb494cbc4c12634a7163989557d6c2ec7f78d6e2	n/a	Quakbot
2023-05-17	Jwaeuth.js	js	39c20db04a20d97d268da77aaec812fd8c2365b8ef051f2c3440fa9d7ab06dc0	n/a	Quakbot
2023-05-17	Hcuijfsz.js	js	53f33b1ce136fe2424604cbce0d366718c0ba7856618fd894de45693f100f9d2	n/a	Quakbot
2023-05-16	Aeao.js	js	8fdfbadd8c463dcefd9d5e28f860c0607ef54b06fd8ea427aadbe9c5b6c070b6	n/a
2023-05-16	Wqqeuj.js	js	d5f537d2a97350b987fa507d1f8e80223be961d6dffee8db9590cad44aec358c	n/a	Quakbot
2023-05-16	Xfvemm.js	js	a13a6b12a2c94a07c0fda179927fd9d7cc471d23769f5250e236fa30d5a54df8	n/a	Quakbot
2023-05-16	Tjaikinm.js	js	0bf6cb7f614f0dc76e9b7963b9edab4b8fc11c87147d28b3c0a2bf959942b19c	n/a