URLhaus Database

You are currently viewing the URLhaus database entry for https://autovanilla.com/pra/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634742
URL: https://autovanilla.com/pra/?1
URL Status:Offline
Host: autovanilla.com
Date added:2023-05-16 21:52:14 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:53:29 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:1 day, 23 hours, 40 minutes Poor (down since 2023-05-18 21:34:10 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Kmbn.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Svhdx.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Jqlk.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Fgaq.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fn/a 
2023-05-18Amnpuh.jsjs 27f17e9ee4e8f78f3e02acac452da67130c961c7c0d07e9ac05fe68ed2f3c07an/a 
2023-05-18Etkqrzeu.jsjs 26e8f5245d3928df93af31946f3ff6dcf2291861ef4835e6b23e145cfcf9f8d5n/a 
2023-05-18Iyba.jsjs f74f3f66b468e91f7060adfeff51f084fd09fb44b5d93a66ce1b2cccdd016bdcVirustotal results 25.42% Quakbot
2023-05-18Puoyvuan.jsjs 981c8836ca3485400bc8fa7a73067986d2347ba02a058d61f1ee31be71d09a3cVirustotal results 25.42% Quakbot
2023-05-18Pkbvl.jsjs c6a62ee43c36edd934b0aecf8cca18487dbc8612228decd3f37357b043e4e85dVirustotal results 24.14% Quakbot
2023-05-18Hdkf.jsjs 905a894ac3b18458a8372c05faec1cd015ea3d7f3a5d248f87684a3062f2ca5fn/a Quakbot
2023-05-18Gbaqtcb.jsjs 611f39b0fe3d00c6bc886929f93aab5028192d0d7398bd8621b700c05e99dcc9Virustotal results 25.86% 
2023-05-18Nkmxxbnv.jsjs 2b2ddaf766a72a62c3247e520317d64f6b32231d8802b99b861cdbcd872a7ef0Virustotal results 27.12% Quakbot
2023-05-18Nzpkclg.jsjs 2eaa6ab373b017bafebcf7e8d12609c6c9958b230ee8d4a3e4f96294f5ea826dVirustotal results 32.20% 
2023-05-17Scrgtu.jsjs b4b9340a057e2f27555df973e95af7d75b991cadbf943c5f48de2cbda1e3edcdVirustotal results 29.31% Quakbot
2023-05-17Lkmhqpq.jsjs 4aa5d2a8e1f14eda407f7f6020bae48610ad7ecca61519bca8d513c840e454dfVirustotal results 24.56% Quakbot
2023-05-17Wscl.jsjs 9fc5c95367df0d42df001590faddb4edf2e71a19e7159cb210d5525553462459Virustotal results 15.25% Quakbot
2023-05-17Puvyv.jsjs f252bb947741e263a585e14d04e2ccd38b535351fa818233c9ab294b4b174275Virustotal results 27.59% Quakbot
2023-05-17Vvzdvkj.jsjs 50ea4195ce44fd0c177d6c8bca4b2a4f34676b3b8cbddaa734fe11cf5a265f01Virustotal results 24.14% Quakbot
2023-05-17Freulg.jsjs e2334bf18981148d6120cbe4ab94a09cd0bb833ae95e71955079aadd6cfc720dn/a Quakbot
2023-05-17Xblmlowg.jsjs 297aea95e62d09c96218bb4bced99218e69685fa46660026bd8b96cbe1a90943n/a Quakbot
2023-05-17Zwihgz.jsjs 91a87434964825b4dabedef12012cf2bd2750498d9ad6c30aa79bf03698a3803n/a 
2023-05-17Pftipl.jsjs 508ba5aa1b6263852116b737361d67da111d0166c6e52e62a3ce728e3f6567abn/a Quakbot
2023-05-17Pewcmkqh.jsjs 545a169cf8e9adf3de59b22507cfd6e3f90b9729323e9aaa1fc02f5430224af1n/a Quakbot
2023-05-17Pnfsn.jsjs ec3d40bfd700aa645c1421f3a508f7e1da8cde85fdddb2ed12f11aa44973c3f1n/a Quakbot
2023-05-17Tpamq.jsjs 521a4f813c570691e50d586838574ff85a32c314cbc2b57807f3ac92ef4f1035n/a Quakbot
2023-05-16Oqzfatx.jsjs 1fd763bab5eb46673520cdb4de2e7c7d73994b36bbcf78a7290c62e7a87ff610n/a Quakbot
2023-05-16Ijxervmd.jsjs 8eff5935c756dc4f44276ab49112118b404dc0f39679ef6d4a1d254cb0e53f6bn/a Quakbot