URLhaus Database

You are currently viewing the URLhaus database entry for https://colorcaribbeanbeauties.com/ppto/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634802
URL: https://colorcaribbeanbeauties.com/ppto/?1
URL Status:Offline
Host: colorcaribbeanbeauties.com
Date added:2023-05-16 21:53:18 UTC
Last online:2023-05-18 20:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:54:26 UTC to abuse{at}bluehost[dot]com)
Takedown time:1 day, 22 hours, 38 minutes Poor (down since 2023-05-18 20:32:59 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Jdtrme.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Dmwcg.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Twaj.jsjs 2c55a1f8c3579ec813595ce4f2f940d663596a2866c56f09e4cd9205db100aa4n/a 
2023-05-18Gdvx.jsjs dc0d873178c61dae13dac14d65611d4716e9c28ebfa216e32126dbdd1ac971beVirustotal results 28.81% Quakbot
2023-05-18Vlsd.jsjs 95f993cc876a8c3aa072647ab634b4ef2df037d739e781cb6f6b4e90ae5d6889Virustotal results 25.86% Quakbot
2023-05-18Htsfokm.jsjs b64790ef2bb214bf0fea83cb0aff305cd66dd38f065ab3cc62b9ddf5d3570eecVirustotal results 23.73% Quakbot
2023-05-18Noopf.jsjs b207edc0255d1a287ff3c8f2e769e9540966bfb78068188cac44e1c350f704a4n/a 
2023-05-18Hwgu.jsjs 09d00cc1758af4e79c7a38e65ba9555ccb18dcc1f628a22c1d9bd5a337b03d88n/a Quakbot
2023-05-18Lmzsxhil.jsjs e7958ccd8a002219ae5c0a15fe85c42f33e3433270f0ba102d597f19a494e2e8Virustotal results 27.12% 
2023-05-18Nqojekl.jsjs ccdc371fa95a2dc8192ecf73826f489942857addced0e8ce4b9aa969aa98381en/a Quakbot
2023-05-18Zrvsubbm.jsjs 23c7e26757364f19557ee494d86b6dfc1c19e076aee18974a5443ce434459b22Virustotal results 23.73% Quakbot
2023-05-18Lyjqtn.jsjs ff4f21489a82d5367cbd581c4dde86dc238f869b950e07bf20f3928f7e6c7567n/a Quakbot
2023-05-17Cqtoj.jsjs 90fa0f56e8df4147606c0590d9bf8794253f48339dcf3295c0bd6d7b2dd0664an/a Quakbot
2023-05-17Xtbn.jsjs 73b1e3fe01be0b7a83d8ac43d397530b110d3ece6e3ff93d424b36d0b7336aa8Virustotal results 26.67% Quakbot
2023-05-17Fcossc.jsjs 6a2662394ca0402750ab97d8fe3a3010858b9dd07c373ce3b2579f8f0b13364eVirustotal results 27.59% Quakbot
2023-05-17Epchojqp.jsjs a1f08963f5715bb8830f2ea036c6be1f8a5f34bc8a6bc799c36611f79e54b14dn/a Quakbot
2023-05-17Qhuf.jsjs d5310c601c98c90eb1149ea53a24b05711bab888bf14ec14f88d5c7bb5dd59ban/a 
2023-05-17Zsmlb.jsjs c97e0d75191c3cd583de9edf9cef56be0b4b4bb3e072a64e3fd6133eef6ea96dn/a Quakbot
2023-05-17Eggs.jsjs b1c5cdb6f87ad0c3aacbf479218ede289571b85d30eb47defef749332b52c806n/a 
2023-05-17Aisa.jsjs ac727d36a1c82b5e0dd196fa480176f864470087e5c073e0d6f4c9b745d3842an/a Quakbot
2023-05-17Gdsdalbt.jsjs 3ef141385dbeb2cf694881f6ba8cb4ba41aa4bd9e096213a6720f2349ce6bc73n/a Quakbot
2023-05-17Bwta.jsjs d7cf6337387b188bd1e5128fa7d8ddcc54b391c4f3409646d70d4ba7c5296a0an/a Quakbot
2023-05-17Mourf.jsjs e13ac08f5556e19ccd4fe3a08140c39b724b8741d89f942d43828c8e334391cbn/a Quakbot
2023-05-17Wezbpnu.jsjs 59a357294692f7d2abc7190bd6e124e6508440e9c676e7247084a8046d41a2adn/a Quakbot
2023-05-16Vtnkenv.jsjs 0a6f1b333fc3c4fad05f76fabfe8966e2bb14ba5793c8379a1ef2a479ed149e0n/a Quakbot
2023-05-16Oxye.jsjs 814189281c45d5e510381933d8b880f6bd5bbc1dfcf6834c4043a6d337f68384n/a Quakbot