URLhaus Database

You are currently viewing the URLhaus database entry for https://countrywidecapitalgroup.com/ti/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634801
URL: https://countrywidecapitalgroup.com/ti/?1
URL Status:Offline
Host: countrywidecapitalgroup.com
Date added:2023-05-16 21:53:17 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 23:00:12 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:1 day, 22 hours, 0 minutes Poor (down since 2023-05-18 21:00:24 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Fjqbada.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Gmkftfz.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Ppembdt.jsjs 9e0b8e687a55104adba6e2b55e1219a8c07ac7248d07446ca0516b97e30ab418n/a 
2023-05-18Wygmnrd.jsjs 89ddd75a9d671f30070d8ed74468e507a72e5ca5699855296beb959dae2b71b3Virustotal results 11.86% Quakbot
2023-05-18Zexdrp.jsjs 67878c5898e4d6118aea2d8059896ec493c2cb1b7f3bdc563068504a0bca9373n/a Quakbot
2023-05-18Bvuh.jsjs d6cb8ae70d4f102ac987c9de47abc6d962e10fa9755d74ea54a68edb6173dad1n/a Quakbot
2023-05-18Mwtv.jsjs fab89deda2e8de1afcdf4d43b713652dab42ebcad6b4eddcd3b225188a7e3078n/a Quakbot
2023-05-18Yijknvs.jsjs 5ed6c54055399ee6ffdf3adfc06337fb1dfa9ee1a6c1766091b74c1ebe2ebda1Virustotal results 27.59% Quakbot
2023-05-18Bfirbn.jsjs 03cdab834b6a7165627af8e82df4d52dde740aa3481625a88ef76e122b7b2894n/a Quakbot
2023-05-18Txmjly.jsjs 6e988a313f3e3723e109adec17cbf1513010e50c972114a245ebf3ed743e84bdVirustotal results 24.14% Quakbot
2023-05-18Slmtv.jsjs f74f3f66b468e91f7060adfeff51f084fd09fb44b5d93a66ce1b2cccdd016bdcVirustotal results 25.42% Quakbot
2023-05-17Ctqvpgc.jsjs 6a23cf1558f0a3efb0abb0f298f9716be0446165e859f1116485a847cf57442eVirustotal results 32.20% Quakbot
2023-05-17Ukhbf.jsjs 80ab380263a5873a2a0e5bf0f6970a2c5a2f1bb6ced244bb881a685269c5d92cVirustotal results 15.25% Quakbot
2023-05-17Qbdyc.jsjs 32786105579d9ee90c2b3e3c5c1aa115af93c9931e8629901c02b41150fa1636Virustotal results 27.59% Quakbot
2023-05-17Slelq.jsjs 784d0c23a7299fe8f5a79ce4f83765cd48535cf1afc25d542a0f854f8049d149Virustotal results 27.12% 
2023-05-17Xqszoe.jsjs 1518f10a4a3e1bb0772544083dd21336675b9248d73c59f8dd75068406de1474Virustotal results 23.33% Quakbot
2023-05-17Lqommru.jsjs 8f29c702a43f99c1cfc18167ff61035ac4068757aba92e0eb5e9dde5ad72a0cdVirustotal results 31.03% Quakbot
2023-05-17Yzdi.jsjs 43a19d17453fa7c2633186d340c06a3b0b794b8cfe7e6ce0adf02f44713c5e25Virustotal results 23.21% Quakbot
2023-05-17Jnaqy.jsjs c1460321f81f5ddaf0e6965fdc14511326240b2d261c1e2c98e92f73eb1accd4n/a Quakbot
2023-05-17Aqthaxev.jsjs 72cf42d4219a880cae2342bf334d66b965cf16d3ef4e71af3da74af153cfbbd5n/a Quakbot
2023-05-17Wsslkgv.jsjs cd99723abd58a7d5a7d7e39284839ebbcf0bbf01a8a1b18f3257865c6996ddabn/a Quakbot
2023-05-17Sfww.jsjs 4d6386b2fe5c0e90d4972712c4972786611bfdd4014679e891c4ef3d55b3a8e5n/a Quakbot
2023-05-17Eltq.jsjs c5ccba0d0f755be335290adf1d64063a9eac3abf2e1504c68d8f1ce6d4a23563n/a Quakbot
2023-05-17Axelj.jsjs 843de5d343cb8c657ddd63a057a01a900783c993b613b1a30023ead28ae7a3c0n/a Quakbot
2023-05-17Zxvnsqcs.jsjs ba3768820b9e75923142f2eb57d7e55c8f4137ee49d857d25437770687903e2fn/a Quakbot
2023-05-17Upxelqlx.jsjs 0c82e05fbbc23c8f2db0f7ae0d84abf3002f0d26a918833af80630419ca4e375n/a Quakbot
2023-05-16Dyplaxic.jsjs 03b23a578240ef0751d223c5daa33e77be9344b6edd6be877cc3caabe0f43391n/a Quakbot