URLhaus Database

You are currently viewing the URLhaus database entry for https://batamtrading.com/mqr/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634735
URL: https://batamtrading.com/mqr/?1
URL Status:Offline
Host: batamtrading.com
Date added:2023-05-16 21:52:13 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:53:22 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:1 day, 23 hours, 7 minutes Poor (down since 2023-05-18 21:00:57 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Msbn.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Unyv.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Solblc.jsjs feeab1be03008c309abd238cfcf4a099ee01537c3231d9e23f3de06b51db482cn/a 
2023-05-18Ernsvya.jsjs 7217ae2adc382459d109d0ca1135074318d85578de92f3c231dd520402b6d647Virustotal results 27.12% Quakbot
2023-05-18Qrwlygwm.jsjs 2a38d5dd759f5e13e433429b8fbed42e9b1fa7de9f671bf87d0739862847c16aVirustotal results 26.67%Quakbot
2023-05-18Rnelqh.jsjs f91b22ef75c62115177abfa54ffc898319098f3de31ddf0b2a964dae96c3b376n/a Quakbot
2023-05-18Okahzuv.jsjs dff43d93176f7f0b50d2b960680eb78be307c219d3a2f9b42d969390818a467fn/a GuLoader
2023-05-18Kpakunbh.jsjs 1187259a79f3d0fa43b025751bffb4506d955db2a1072f8e61e3707c5250edadn/a 
2023-05-18Hxnwctd.jsjs 13c75bb7b88d3903fbb5263103d8e12f736ce24e98fc6397eb0286451317c087Virustotal results 27.12% Quakbot
2023-05-18Qpwwnegz.jsjs 245d8b4566da1f99cc5bba4998955421b38764ee0718c94a6fe8019674ccfcd1Virustotal results 27.12% Quakbot
2023-05-18Ieawtf.jsjs 962531faf5a4bccd1d88868db9f0b5a79c3073f110ae5e4b9f61d7ea15f8b855n/a Quakbot
2023-05-17Ezhfvae.jsjs e4a27492752db4f16d33fd2962a507bbf88d2a2714ae618f3dfa598bdb44db2an/a Quakbot
2023-05-17Xnaxlfzp.jsjs 17ee5a686914f6713574da4e30d7902af9bdfc03eb0173e1143cc97a4fa37b75Virustotal results 22.81% Quakbot
2023-05-17Xbujkfcx.jsjs 7524d906b4d42ae7fd1e5e15cb503e8b54fdc1afa702a0b4e4c5f1d6f99edd1bVirustotal results 30.51% Quakbot
2023-05-17Gftepjdn.jsjs 8c854caf958691cbcce8d6a84edd87a8ead04c306a6a625c058d479d3b472059n/a Quakbot
2023-05-17Ksqik.jsjs 8772156f90eaf1afea7ef8aede91a10a14f6ab0bbfc0cb8629917994af09f843n/a Quakbot
2023-05-17Rfxvqan.jsjs a0220d487566d1243b11c30ea5d37349418d84e8f6eb6013e0792aa4b11236c6n/a Quakbot
2023-05-17Amibebow.jsjs 56f98c1c97e1453ff995b3a13557d14600aba57f58f3537688826daeba157151n/a Quakbot
2023-05-17Ysvzsmte.jsjs 902451f45335d5eb34e5b6b86524a2b92100f8cfa931496eba9566f045b5847an/a Quakbot
2023-05-17Utjzjlu.jsjs 3f4cf18f2442a1a1ce320c45029efd18879ff753671dbf56184aedc5f396986fn/a Quakbot
2023-05-17Behunk.jsjs c9b0eddf0c0d65ad80bca166fec6337a42e1580f4ee719a90f8f31a69909b383n/a Quakbot
2023-05-17Sxrbedt.jsjs c963d3d940818daf72e50e7d62a1221e48cf622e4dbfc295e747a41437a18878n/a Quakbot
2023-05-17Ekva.jsjs d41680dbcdc8c643a3ac78bf5a86c227dfb35a054cf4f49b8f50fa0f5428b599n/a Quakbot
2023-05-17Wtklvl.jsjs 28a591153c5ab4230f0c31a3795cbe6e305d88ee51f92b6ef5a98c3ac09dc161n/a Quakbot
2023-05-17Zhgpoj.jsjs 0c05b6b4231353efe0cba7ce32a6acdf2fe73fc972b8e2df747d5cb756b141dcn/a Quakbot
2023-05-17Trsm.jsjs 1de0914780436845811959731638ad5438026111a7842db7ae4f757dd2a21100n/a Quakbot
2023-05-16Parl.jsjs 9efbed685ed84d265f8bdc9c6c7f10ea93de189d677253e559ddce2516e27641n/a Quakbot