URLhaus Database

You are currently viewing the URLhaus database entry for https://canalcosmetico.com/pl/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634785
URL: https://canalcosmetico.com/pl/?1
URL Status:Offline
Host: canalcosmetico.com
Date added:2023-05-16 21:53:16 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:54:16 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:1 day, 23 hours, 23 minutes Poor (down since 2023-05-18 21:17:40 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Tnqdayqt.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Mabe.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Pqalqznf.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4n/a
2023-05-18Bptljhf.jsjs acffec733f9e3bf8d275d89635b55024309a49cd993a7b97872ac940033d4374n/a 
2023-05-18Zgsl.jsjs 8f29c702a43f99c1cfc18167ff61035ac4068757aba92e0eb5e9dde5ad72a0cdVirustotal results 31.03% Quakbot
2023-05-18Xasovcxo.jsjs a6974773e37cbd56791b75effa167213997aeaaa65d704bd1de8aac6d9dd42ceVirustotal results 30.51% Quakbot
2023-05-18Pmfo.jsjs 47838303934003e958511bf93e4b40816c144d7ddb6c99ad7cdda7145ee5dcf8Virustotal results 24.14% Quakbot
2023-05-18Rsiulr.jsjs 5ed8c2a8ffd44a6f80d52c65210bcb3ab9bbfc42a217a03db9d435fe66f68833Virustotal results 25.42% Quakbot
2023-05-18Ezverc.jsjs ace729a8273c30f923532f7f1a8c2d214aeb49b0c3109d8eff64612384b29140Virustotal results 31.03% Quakbot
2023-05-18Lhbpz.jsjs 4a91fb2765da3056fe04bf5254fac9eb72f1fb4f8026845d71ffe672d4daac8cn/a Quakbot
2023-05-18Xbmzmr.jsjs 92bcab1aebfd8fc6b8ed37048bab5574189469b98f8152e71b4c41106be5e52en/a Quakbot
2023-05-18Lkakwwpj.jsjs e29a41a9d60625c8b7ab2e66896cd279af26a9abe095095e8f71d39a518717dbn/a 
2023-05-17Tyjktsxy.jsjs f74f3f66b468e91f7060adfeff51f084fd09fb44b5d93a66ce1b2cccdd016bdcVirustotal results 25.42% Quakbot
2023-05-17Lqwwz.jsjs 42c81982e5f4b734f8ff57da5bebf9b6d8f79c468dd97a2b69b831657bbc8258Virustotal results 31.03% Quakbot
2023-05-17Akuhoifc.jsjs c5b4c29787160ccb71f79ff6637aeac99008ef606c71a4b14629e1281f03f74aVirustotal results 22.22% 
2023-05-17Kvhzgba.jsjs 4657c8d962a15da8cdc6ff3c1ab3d492a89eebdd09249e8d29eea382791500abVirustotal results 28.00% Quakbot
2023-05-17Dywymb.jsjs 288d425513bcbc2368880669d2eb2f2b553edb8962acfb77e4a967d751235520n/a Quakbot
2023-05-17Altarbfw.jsjs 8fe6b80c39f345411e663560d164edb44cbf0ad7ba4914ba79f02bb403348f27n/a Quakbot
2023-05-17Yznjuqt.jsjs 427cc38fc0ea8fd6a595bd286c7462e1aacab083aeb6a2f8a01ff643efba367bn/a 
2023-05-17Kjfcmm.jsjs c8e3905734e865e5b051e87fc3d1f2216522745b3eb70b069b62a5c879594e26n/a 
2023-05-17Hmjkpzp.jsjs df1456ef787981857eb2a010cdb5eb40d4cec0e5b4b33b90469f654f0eb777ebn/a Quakbot
2023-05-17Fvotu.jsjs 3ce2f00843c6a44d4236d753ba8582809dff8fd39ace43bb653670263cfd79e1n/a Quakbot
2023-05-17Jcpo.jsjs 81392ce495f66956dad81748c4b9e6be62acce81eca0d67cbc520cb77f7e84cen/a Quakbot
2023-05-17Lgpj.jsjs 8f87005ba2fbfd7c01100faf157ed2ed0c85ba16e5759c3cdb2a16eae02a4d6fn/a 
2023-05-17Jvowjxil.jsjs 7411a255961f8a0edbe6ccc0f805adfb2018c3570cb9eacc7e6d505e79002222n/a Quakbot
2023-05-17Rhahucjb.jsjs 4d091aca0baa9f10b05d10434e504282f67601c9e2d88024c306a0da668771adn/a Quakbot
2023-05-16Hrcp.jsjs 4566c900ad8706223c0bc67783aaccddaee597b6483656009e3e7e9bcaa39158n/a Quakbot