URLhaus Database

You are currently viewing the URLhaus database entry for https://canalcosmetico.com/md/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634787
URL: https://canalcosmetico.com/md/?1
URL Status:Offline
Host: canalcosmetico.com
Date added:2023-05-16 21:53:16 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:54:16 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:1 day, 23 hours, 34 minutes Poor (down since 2023-05-18 21:28:30 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Npxufgva.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Gtzu.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.33% 
2023-05-18Wgfk.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Qtspepv.jsjs b13f86bb788dec18e6f532239714a411e15102e16a4405aa83267a7bde91bc20n/a 
2023-05-18Qrqrhzs.jsjs 9fc5c95367df0d42df001590faddb4edf2e71a19e7159cb210d5525553462459Virustotal results 15.25% Quakbot
2023-05-18Lcla.jsjs 0259d5d40b143ebaaf60af05f38a325f660c922eb6201a18e664d949c3be13a3n/a Quakbot
2023-05-18Moias.jsjs 6325a36db9c4fb5af943871bce9ae9c80002f6d9379e71cd94bdefe0342b14f5Virustotal results 32.20% Quakbot
2023-05-18Eemdckq.jsjs 03652beb5abeb2e27fe43d5ddbecd035cbcb347a4e522a06b97f53e9c8f2c3a3Virustotal results 30.51% Quakbot
2023-05-18Liecmo.jsjs 7ace3a86b7ee25c1f0e953e1c7228cc835205c53e5ed210b4f3b7fc4291a75ebVirustotal results 31.67% Quakbot
2023-05-18Wliud.jsjs 43a19d17453fa7c2633186d340c06a3b0b794b8cfe7e6ce0adf02f44713c5e25Virustotal results 23.21% Quakbot
2023-05-18Snyst.jsjs a4d5af2c7491cf9e8c6fc213f49572749af1f591ad0e453bfc3770dd17d884dfVirustotal results 17.24% Quakbot
2023-05-18Frqwws.jsjs 287c569bf794a7ec47dcd5f308d39f138b6b4b964ad50c335991038cafd9d476Virustotal results 32.20% Quakbot
2023-05-18Gqvg.jsjs 3ff223428a9d2b7b897fd823e4add6ae4cc119c86e47eb073bdbf5a578a17226Virustotal results 20.69% Quakbot
2023-05-17Skqjiwzj.jsjs 95f993cc876a8c3aa072647ab634b4ef2df037d739e781cb6f6b4e90ae5d6889Virustotal results 25.86% Quakbot
2023-05-17Hjuzjutf.jsjs 43783ef70654df6b8b4c8d132454112d675abe8da1b8cacb358490d7b2159998n/a Quakbot
2023-05-17Vqum.jsjs ca99a531b2e34c4f23683a2cf2f4a2e81bcb2cc4975ba287d0bc6ef71563472cn/a Quakbot
2023-05-17Cxsn.jsjs b77866fad79584d4eeba2fb19ac488731b788c0c7c1ca30001f91741db44e06en/a Quakbot
2023-05-17Htfiyps.jsjs 5284d5807da5986ffb17fdd9761066974cb34030eb5067e7f9a65e48b32f37e8n/a GuLoader
2023-05-17Fsgxod.jsjs 72495f905e654ea365738e7e3ac93200be27ad81df4327197c8d1a1427209a25n/a Quakbot
2023-05-17Kamp.jsjs 0b7fccf63d874ff825b5a3e790311b7dd0923c82b142520db78f43a8191e9216n/a Quakbot
2023-05-17Imejx.jsjs cede2bf429418f7400c6446a84c888bd650f66319d16be46b585ec5434885c91n/a Quakbot
2023-05-17Kaxypn.jsjs 5b771dbac90ad86e4ec67dfa74c637a06ab9362b58488ac4edcdae610d0d45fbn/a Quakbot
2023-05-17Kmft.jsjs d1ad1fd29ef91e66b13b6836fe10600269a29819555a17356da61b3fdd815dcfn/a Quakbot
2023-05-17Veze.jsjs c4f54c2a6866c8fa3aa92ced271c04fd73f814582c1ca8d09d31d021ea100356n/a Quakbot
2023-05-17Lpxziw.jsjs 6e6ecdd719756306035c22f566a805157290e1ed52ebe7b6097c363e948a7025n/a 
2023-05-17Ecqtxda.jsjs 33a0f9fb0253019763348192c69a8fa45f042ecfda86aefa55d8d66f62152671n/a Quakbot
2023-05-16Ggzqiaiz.jsjs 8013f8f7b04524434ae36c7f5a239dbd33e5d9261e3d9e6f3c318ab8c23770den/a Quakbot