URLhaus Database

You are currently viewing the URLhaus database entry for https://zhgarments.com/mii/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634650
URL: https://zhgarments.com/mii/?1
URL Status:Offline
Host: zhgarments.com
Date added:2023-05-16 19:15:16 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:16:07 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 2 hours, 1 minutes Poor (down since 2023-05-18 21:17:15 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Pzdei.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Cjwl.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Pjlfkmpx.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Uiqseium.jsjs ba041501621423745d04ac875ca5846f1f8916cbde983614e4e6a6fd5a718ce8n/a 
2023-05-18Gwqlvi.jsjs 256b5693dd43ba9ac782255a11f52251481f5d72c27042d4b6f9bb05aed317f2Virustotal results 24.14% Quakbot
2023-05-18Lltmob.jsjs 86cf4c93687b588dae11523a8db9355990fe06f4481aa096e4acfcd8555b8e25n/a Quakbot
2023-05-18Yxijnfp.jsjs e21d7ce5a24617b4a823482fea8b703cee1f434028f5ee807b3d77bcb4197988Virustotal results 14.29% Quakbot
2023-05-18Xawhx.jsjs b896df419a5e1ac8fe67ede2b9594d6252e8dbf87ef64fd093ceacc52a84798fVirustotal results 24.14% Quakbot
2023-05-18Dvjpopo.jsjs 5848de38e1e0698b0e24ebe9bf6c45ef062f0f7d7dd7444e4a32d6731d5802aeVirustotal results 33.90% Quakbot
2023-05-18Lrio.jsjs 8116e7914df0a4fae9adad12da668660206754557fac016131c53fcd305d537fVirustotal results 32.69% Quakbot
2023-05-18Oerjtul.jsjs e98ab08e4897807987344800297aa41a72fc207a57b0e89510243b3b8ad0e144n/a Quakbot
2023-05-18Jils.jsjs d7efcadce017eaba7ee055cac3f1fb9842bd54107fb46729f546ede523c09e5an/a Quakbot
2023-05-17Nfrp.jsjs e50886cba40b1a43e2a678f24566fd07c951a78a554670ec3b2f25a3866d0d57Virustotal results 22.41% Quakbot
2023-05-17Cbvvrzvt.jsjs 2570cf55120f499263bb8841172328a59101385bd1804bb919458e9bf167319bVirustotal results 25.86% Quakbot
2023-05-17Kgtbg.jsjs 47838303934003e958511bf93e4b40816c144d7ddb6c99ad7cdda7145ee5dcf8Virustotal results 24.14% Quakbot
2023-05-17Fcwmanh.jsjs a7559adb58fb8ca343a880d3a323c7307621cf7e95fee410922b0ee0d24d8bc7Virustotal results 31.03% Quakbot
2023-05-17Zqgpy.jsjs 971bd37b998eb4ec97738fb7c5f921bcf1fe5ca6625167693aff2cb06a748e7bVirustotal results 27.59% Quakbot
2023-05-17Kfcotnka.jsjs cb2b2c5c8e0ff33bbc082310f5ad09305fb6f7b7e6d660efa2c02393341d6fd3n/a 
2023-05-17Hpxfwij.jsjs 8b5a063138d39c424fbf7ce7022dc972afa3c2df792b3a030272c1c77490dc96n/a Quakbot
2023-05-17Fzlsdon.jsjs ed4b4009ba340ee9369058f34b9f50d2cb0057933fa2033412123538dd6093ecn/a Quakbot
2023-05-17Apzmyb.jsjs 24e9efc341912ab8e9dfa4a0b162b329ca6ba85aaf0971eb54fc257ed19b8efan/a Quakbot
2023-05-17Ctmw.jsjs 3ea2158744c1e439c202bd36e02eaad8381482b24e130436c1401151d56218den/a Quakbot
2023-05-17Easpzkt.jsjs acb90d671a5c5afd67e3d0039775a417045f4c58e5c92d28b9aafb9441eebbdfn/a Quakbot
2023-05-17Qobbajw.jsjs e229b40584b14297bb6ce292d9135d5b3b0822d730aebc4c4e57c067f16d76e3n/a Quakbot
2023-05-17Mwfkuz.jsjs 56ddc8b43abadb499e94d15c1be425a7a2336d78a6f4eaf3daa45c7b4ce9836cn/a Quakbot
2023-05-17Telgbsl.jsjs ad9ad07400ac95b22e93f9cfc7015bc0151d7aa1d34973501e87e72b577ea608n/a Quakbot
2023-05-17Wkfrb.jsjs 4b4e4ccfb006232df689e5b1d45df2d51b3a8bf5bef5968eaee35c269db762e5n/a Quakbot
2023-05-16Mmxhc.jsjs 40ae32f10d6f9c16ec718f021822b2452ad4df00bfb1293077df38fe48e7146an/a 
2023-05-16Zmddxzp.jsjs 2d708e39db0fc42e99a3d3340bbe2a3649a768bde4239d948ef7e2bae6eacfcdn/a Quakbot