URLhaus Database

You are currently viewing the URLhaus database entry for https://playhave.com/sapt/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634609
URL: https://playhave.com/sapt/?1
URL Status:Offline
Host: playhave.com
Date added:2023-05-16 19:13:23 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:14:27 UTC to abuse{at}as45671[dot]net[dot]au)
Takedown time:2 days, 1 hours, 49 minutes Poor (down since 2023-05-18 21:03:37 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Vwzovf.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Yhsds.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Xyzw.jsjs 0d1baed7654ea1bbe3ccc69ee4bf6b98fd213480408b5f97c8296b0c3726ce38n/a 
2023-05-18Azgcyu.jsjs e6823880248255f28dad73af6553cfbae133b6df9f78eff124a379d793265ac2Virustotal results 27.12% Quakbot
2023-05-18Cqpxdr.jsjs e70a77365ffdf3f446781b46a826a0796adf73d479c783efd6763a7d83aec549n/a 
2023-05-18Fvkibja.jsjs e097747aa43ca0c5787d98ebdab3ab67fda12444d287a4a0702a670f0b2494d3Virustotal results 11.86% Quakbot
2023-05-18Nmgojipx.jsjs 29d88d7a73d988b2b2c5ddc76ac150742366a2a8c379758bf47f13c2fcf01346Virustotal results 27.12% Quakbot
2023-05-18Cijwe.jsjs 649828b67fb96d9addc5f4c9518dfd03c7eaef5dfe3afd081708297f2d160360Virustotal results 25.42% Quakbot
2023-05-18Hcle.jsjs c56be3ec9c7d01ede485ea9edabc332ef3aa01f6ab679c4eb6231e1db79db675Virustotal results 23.73% Quakbot
2023-05-18Llotwxar.jsjs 6325a36db9c4fb5af943871bce9ae9c80002f6d9379e71cd94bdefe0342b14f5Virustotal results 32.20% Quakbot
2023-05-18Bdavznkg.jsjs ef903a00f557175fbe1af9263796fbdaad81dc6578e948729821675219196f43n/a Quakbot
2023-05-18Omcibq.jsjs b3d737c721d3c5e7e58a28f076c7fc26e6ebaab2f08f52e645c645c0b8536210n/a Quakbot
2023-05-17Vfxosljn.jsjs 0473836cfc335949eae38f3049dd3932d818dc6cbbe8c178f72c74370912d088Virustotal results 28.81% Quakbot
2023-05-17Jtxuhth.jsjs 8a9af030d5759e428811a44e1582012c64fdef7059286c4c1693f13566e2d3b1n/a Quakbot
2023-05-17Xyxya.jsjs fb2bca8ce3aa4207fc636e9ebc34bb47cc0d9b6a233352bff3b6875b6bedce3dn/a Quakbot
2023-05-17Nnoxi.jsjs 44d23f66a1f4b2d201da3bd9764d30d67431194d1ffbbc0ee587ea63d892dee1n/a Quakbot
2023-05-17Amowkzxi.jsjs 1e96a7079b653386193018082948ee18ee1ca517dd96395eb46b4d5e30507b87n/a Quakbot
2023-05-17Ujhndn.jsjs 3833419abb83fe2369255a23b3fa983e65047ca005c0dee0d772efbdbf8ee75fn/a Quakbot
2023-05-17Snguuk.jsjs 5eecbea9208745932f291b3156e7036997e4b1e93f7bb53a270cae7c125aa079n/a Quakbot
2023-05-17Bnyrbpqu.jsjs f070473c2591118ddb7661ea58c25430636c7b6c777041b921f71ec67d2b102an/a Quakbot
2023-05-17Uoyymgbz.jsjs 0185f8addc3881b8c1d6819bb3dfd155908accbba996436abc6ff0085b9457ban/a Quakbot
2023-05-17Ajlbfatl.jsjs 76a8ef7424cbf81fbbaa2c958eb8d7f5cdfbd6a82ff7fc5ed3bbb1dea85cb6a0n/a Quakbot
2023-05-17Enqonwsf.jsjs ad3b3e6d7d65ec6fda7fe6a2266f73bd8904a49eb6eeecd125786dd0c3207c3an/a Quakbot
2023-05-17Ewgzd.jsjs eee2d51291b88107c71a9bb4d4c8d02cbf3c776a5fcd64bf1d87ea7f33ebed18n/a 
2023-05-17Hdoyqctw.jsjs 5f47c66b9a17d243181853eb845be9c8c27a6f3eff91b08607cbac11e19a043en/a Quakbot
2023-05-16Hyxz.jsjs 9c74dc73250fc268cc85fed2d8379ad0a59ea7a17c098a81c0c6f6152edd8d81n/a Quakbot
2023-05-16Ozmjahc.jsjs 3a8d5637dbef180ea53807ce688d38d12900f61b7e22e981ed32e5eb6cda4e84n/a Quakbot
2023-05-16Tcoyvmvt.jsjs ab37a9121e65d9021843008cb91b93996f6ee08adbda0c3a1f3391ca2cbdc181n/a Quakbot
2023-05-16Phyv.jsjs c8c36afcf289ee153875b49c8049d326605ab0b344d4b10dfac52bb87a37d068n/a Quakbot