URLhaus Database

You are currently viewing the URLhaus database entry for https://aliazam.design/xme/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634746
URL: https://aliazam.design/xme/?1
URL Status:Offline
Host: aliazam.design
Date added:2023-05-16 21:52:14 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:53:35 UTC to abuse{at}cloudflare[dot]com)
Takedown time:1 day, 23 hours, 35 minutes Poor (down since 2023-05-18 21:28:37 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Nrjcgqq.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Inzzfkw.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Oxpluu.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Hrulk.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Ngrjwwg.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4n/a
2023-05-18Ltah.jsjs 93be05e8c37282bca34649a25ba07962fb7da33e5799c01e05c15cc3b72589ecn/a Quakbot
2023-05-18Efrrhqtf.jsjs 4c15dba778afb1200f2c6d840c81c397c3fa416e7e47b19d01800000c0ce6f82n/a Quakbot
2023-05-18Bgmovkud.jsjs 78416fcca7554fb3cc440610418511210e0dc5abcebf75ace7c1ef65d4d29216Virustotal results 25.42% Quakbot
2023-05-18Cbbjwju.jsjs 5848de38e1e0698b0e24ebe9bf6c45ef062f0f7d7dd7444e4a32d6731d5802aeVirustotal results 33.90% Quakbot
2023-05-18Dmjxkc.jsjs 134b8da7c15c769cdda57799cf4c8b3e35b0937c9709e7c8e13783183ec10341n/a Quakbot
2023-05-18Yhgqq.jsjs 2a95cf3c1e69da726dd11f2d5621a546ce89b168fa1cab3506197a63de008d69Virustotal results 11.86% Quakbot
2023-05-18Mcuqq.jsjs 749721b74088db119de7bccbe5cea0c9486f42bb570461ff262c5ed324b4ca16n/a 
2023-05-18Dxpw.jsjs b4bbe3eb6f77c745b1c296728e15c69c6b766df2aa51d6d745ce4e5fee415e06n/a 
2023-05-17Tapcyrir.jsjs 4422126c61949a9848ddc759de968eb699c5364973a271dc9aac631121591d13Virustotal results 27.12% Quakbot
2023-05-17Lqkojabp.jsjs 2312d94387e675afd3db56f1fd5419a3a083bea7bc690341fa3d49d3e3f69f53Virustotal results 25.86% Quakbot
2023-05-17Yfgf.jsjs f4454d45458f3aaadcdfc328fc4107a6c670b1c0e04df1d476ca56e831b83818Virustotal results 27.12% Quakbot
2023-05-17Zjdfg.jsjs c56bdfe438e6261fa00e5e48e3e9896927886b959c2947db67582b4cf0f08e74Virustotal results 22.03% Quakbot
2023-05-17Bcyoi.jsjs ee8f7825f5b87fbdb90f5bc8eff0cfadc358c64cfca2dcb37acfd398d5b2f201n/a Quakbot
2023-05-17Weca.jsjs e0642fe2c08773c4f9cd1e58913df9c41ba972e034fb64016f0f078efca68bc7n/a Quakbot
2023-05-17Sufwhzn.jsjs 80fc6bc22b972a2f7976468afbf26152a90501570de0a295a92cc9b9c55b15ean/a Quakbot
2023-05-17Diso.jsjs a035b3fa3928b84d2508c250c5891872bf9605af2ca7385b86ac3d9a4104c190n/a Quakbot
2023-05-17Oxikjnv.jsjs 21d814b822973196022e98bb5121d359aba56b48a792e52c8dda3e34adfa695en/a 
2023-05-17Fgmsn.jsjs 67014133519ecd163adfbb03685cbd26272d6af9fa7ab2de419edaf53ba47160n/a Quakbot
2023-05-17Uvjob.jsjs 5079f87c63eff5360b737651a23fff37ddbb71238118d7e98c22967143e60369n/a Quakbot
2023-05-17Mzpbha.jsjs b5036024d2355e76d78f31ae2fe658b5039121b714acfb1b6598dcf7f536b39dn/a 
2023-05-17Aggves.jsjs f493f09e644786979f27ed04edeb22ffee1f8e470c42695b65998147d25a376cn/a Quakbot
2023-05-17Stwyo.jsjs 4cd6cee4084b1bf699dbde4c69f56e5df88f7e20a967a45481c8feb30f5ad05dn/a Quakbot
2023-05-16Vopiou.jsjs 64aecf68389c2b9c7c0b76612acd9476f7523d2fb6b7d7c5017f17a03ba07c39n/a Quakbot