URLhaus Database

You are currently viewing the URLhaus database entry for https://abovemediamarketing.com/tn/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634721
URL: https://abovemediamarketing.com/tn/?1
URL Status:Offline
Host: abovemediamarketing.com
Date added:2023-05-16 21:51:12 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:52:13 UTC to abuse{at}bluehost[dot]com)
Takedown time:2 days, 0 hours, 54 minutes Poor (down since 2023-05-18 22:47:06 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Wmpv.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Fdatykl.jsjs 5ad154136a4ddb99ee867ed74c82d3ea71eb2a08d575ac535779d39876d7682en/a 
2023-05-18Ppokdbv.jsjs dcb4d36d51f163518e7ef97ffd77d55e49a72dc3b351a6e4051187b5361ecf7fn/a Quakbot
2023-05-18Lqssaoms.jsjs f95ae26c9bf7ecb6970afb88bfa12c71eafd8b35160d2c1658e57d36ea915477Virustotal results 29.31% Quakbot
2023-05-18Cbperaa.jsjs c6a62ee43c36edd934b0aecf8cca18487dbc8612228decd3f37357b043e4e85dVirustotal results 24.14% Quakbot
2023-05-18Rblvmawc.jsjs 321c1a3f14a23d2a9aa660e3c3d41d7c92fbba4788fc20057ac697e402248405n/a Quakbot
2023-05-18Gdgzua.jsjs 2643a0ad4d4922d9f4428188cfe85112015c48ec78826051b8fc118affc60fa4Virustotal results 30.51% 
2023-05-18Tnnxbil.jsjs ca0444007c6c56cf207e9de8f069644d774953d9bc532784f55d5deebc62acbfVirustotal results 26.67% Quakbot
2023-05-18Lzzn.jsjs c7f9d6c56a28ecc44744a1c617778af39179d5869bca0ccd518016eae401078en/a Quakbot
2023-05-17Urojk.jsjs cee11dd3e06833ff80c75ab19feaefb05e62b347d9ed97e9ecb8f4ac5a889f95n/a Quakbot
2023-05-17Xawfuz.jsjs 7237114103b60a76ef6a67916d0d6fc1e14dc707087bd27684d1093748393f39n/a Quakbot
2023-05-17Charudoj.jsjs 7fc4905fb7d4a1e1c931e869fdfaabceabbdbf242ca9e35ff7178f74e6f7b207Virustotal results 25.42% Quakbot
2023-05-17Ipytx.jsjs 3a2fe931e43de04dd026f5fa57590b2baf3539c2930e6d9239ec3a95a1ec6bd7n/a Quakbot
2023-05-17Obmdt.jsjs d188bb106c47296a6f358dc69226ce3c9b48abe1399e7cf924fc4afa813b1505n/a 
2023-05-17Lipjzl.jsjs a8eb045b2d1d87810f357449c7dedb298f451b8c9954a4f844965479bbe1f9c2n/a 
2023-05-17Wpwq.jsjs a1fb3e4775d560254c0f1407f7520aa79f395f40bb42c18bac38762f3a51a29fn/a Quakbot
2023-05-17Iapfc.jsjs e00ce42e66d56f992f2bcbdc4b71a351e6913c022d99146e4d2573bf0102b813n/a Quakbot
2023-05-17Ckdnnc.jsjs befb70b06fd08a31f10912826e35cc93a9ad0f5c35efdb52b5f2535aafdc74acn/a Quakbot
2023-05-16Xpnwvykf.jsjs 0ab5de3951aa7b667b9469e9e8104e12d30944f90de04a4c2caa2bb2639ed1aan/a Quakbot