URLhaus Database

You are currently viewing the URLhaus database entry for https://charlestonunderpressure.com/ua/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634798
URL: https://charlestonunderpressure.com/ua/?1
URL Status:Offline
Host: charlestonunderpressure.com
Date added:2023-05-16 21:53:16 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:54:24 UTC to abuse{at}hostgator[dot]com)
Takedown time:1 day, 23 hours, 17 minutes Poor (down since 2023-05-18 21:11:28 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Qwyrptz.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Wbskqyab.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Ebdejll.jsjs d5f137cffd893802199dc0247b1f1922b4eb136d145bcc409161ae21c955993an/a 
2023-05-18Eprsgong.jsjs 112fb3f4fda57d58405f842081f111d4f583c40ece7f17fd6805832360da7072Virustotal results 28.07% Quakbot
2023-05-18Nhitbou.jsjs 5b903308829f5c7410c0e53ec748a05a9e2205f4400bf2941199cf2223c0e1f7n/a Quakbot
2023-05-18Yioga.jsjs 93bba231e08381a78fea4f6623a38ef11130273ca9bad59f5132b68797d90d23n/a Quakbot
2023-05-18Rkhztyxj.jsjs f6367e6003455bd5ec09ff23726731029805bd0357bc8cd5184dfe270962601cVirustotal results 32.08% Quakbot
2023-05-18Jimhlu.jsjs 9d55c860ce682edea5933b6e9e441703b00b9880087fafd62ecedabf0665836dVirustotal results 32.20% Quakbot
2023-05-18Eamzjekc.jsjs 0d025c1350cd713034b5b581118f5b7a71d0ba2551cc2321adbd286c8493fa25n/a Quakbot
2023-05-18Lpdfn.jsjs d1a92330c8f58a18b81d7ff1a9ea348b205fda7b106c31a2d1e09764a4557fa0n/a Quakbot
2023-05-17Pfbqffzc.jsjs d8227132d7300d02c5cf46a7c7c4ea76a6fcd10c516382dad0a8892266612025n/a Quakbot
2023-05-17Znlrex.jsjs 72c9727d22512473f4aa27d93e0c15ae33a95784d9804b057275d0d7d8b0a361Virustotal results 8.62% Quakbot
2023-05-17Fbwsy.jsjs b3455e378aa4106c5a643052bdcc324c67382149a5eb84a546fdc26f4b5f412en/a Quakbot
2023-05-17Pqynl.jsjs a4d5af2c7491cf9e8c6fc213f49572749af1f591ad0e453bfc3770dd17d884dfVirustotal results 17.24% Quakbot
2023-05-17Qzbtjoqb.jsjs 029b6f2d9cfb0a2a335c9b9377c1dac9e71206e55f6f82c7d3c0e2edceb9b734n/a 
2023-05-17Jgxwal.jsjs d4d054686a5e084363a71c69d138897e7b35fe3a4008cdd377ef2a2121799d11n/a Quakbot
2023-05-17Rbhim.jsjs c86c1628548128bb422565a52454842449b03b3feda538293f7adee9903ef848n/a Quakbot
2023-05-17Cnaso.jsjs 9ef2923ea7a8582260ed9f75b2e96a1cb4421ecb4a080cdb50bd5612ad3d3870n/a 
2023-05-17Thvvd.jsjs 1b5a18651c9ea7efde60c7faf6274f07430a94afb5ed7b6a77deb911065f0b7en/a Quakbot
2023-05-17Edipvm.jsjs 36b273e4bb1bd9c84308d301d8899a3474c1018deaf255ba01165fe3456673a4n/a 
2023-05-17Lnscxdf.jsjs 81ccd2f6d733681c04dbe2e3e37b6ca08165103cd9074ca76a2c7c9ccc5e0f85n/a 
2023-05-17Tgasver.jsjs 95e75869411e11803dc5cf2f284765acf849205b01994bf7e19b076a32c56ed5n/a Quakbot
2023-05-17Xpqlntde.jsjs 5c7f876d804ef67a1c04cf2e6d1f9d616ecf71a7fc4cd11f8c3740c17aff315cn/a 
2023-05-16Rcgpd.jsjs 4243a152d65367538b727f630cee102acf4563a1ee7488af88cbe43d5fdbd59cn/a Quakbot