URLhaus Database

You are currently viewing the URLhaus database entry for https://doctorab.org/oenm/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634833
URL: https://doctorab.org/oenm/?1
URL Status:Offline
Host: doctorab.org
Date added:2023-05-16 21:54:13 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:55:28 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 0 hours, 38 minutes Poor (down since 2023-05-18 22:33:37 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Hdrlg.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Gzrtgma.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Wpwh.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Shdln.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.73% 
2023-05-18Usbjclnb.jsjs 02da267c54573d40ada428a54ffa900c222eda3fa8e5c351bfa5951bbc740fa3n/a 
2023-05-18Dpisv.jsjs 4657c8d962a15da8cdc6ff3c1ab3d492a89eebdd09249e8d29eea382791500abVirustotal results 28.00% Quakbot
2023-05-18Ujugtjw.jsjs 973858251132d0779245a2e9dd301914a73702dadb9512759bce343a0fa1cb23n/a Quakbot
2023-05-18Urovxos.jsjs 213ee67765673cf53e5f361c49a1bfe40187ecfa07f72bd5a77d13e1f437edf4Virustotal results 27.12% Quakbot
2023-05-18Dhai.jsjs 43b5fd987f46196b07b603e95e51b7c7676ad0784f913f1b136dcf29bb46e808n/a Quakbot
2023-05-18Gpdfq.jsjs 4bc76e07bcd4d492a60a7464d0a8d6c204b4744fac7ea6748a6b673c6ff31cc5n/a Quakbot
2023-05-18Cvcl.jsjs af1b94948c602627bf551b38dae50d6be3c349f5b15e7fe1d2a792e047809553Virustotal results 28.81% Quakbot
2023-05-18Htmf.jsjs 0204463c040334db593942c0e48063d6f6df33cbfba1fdbf8bfe51aa0bf83372Virustotal results 27.59% Quakbot
2023-05-18Wqyhwzc.jsjs 99ad6e2718d4fa53c8b3e7479802548afcde5a374d0563ab49ffb0405d8e435an/a Quakbot
2023-05-17Oeanyl.jsjs 5526b208f51ee2b6adbf6b588401d5c1e058973988c16897fef27cdf25f2a51an/a Quakbot
2023-05-17Yzappktk.jsjs 11ef57c233cd2baa14c4cfb9579839d381fbdec85d01923f9679f5ed21935f52n/a Quakbot
2023-05-17Fovow.jsjs 8b5a063138d39c424fbf7ce7022dc972afa3c2df792b3a030272c1c77490dc96n/a Quakbot
2023-05-17Ngeuues.jsjs 72495f905e654ea365738e7e3ac93200be27ad81df4327197c8d1a1427209a25n/a Quakbot
2023-05-17Kzmcnjo.jsjs fcdda21a712620d2dbecadb236b7ca8d2b6cef444f9848f2ac95622ed210a4e1n/a Quakbot
2023-05-17Kpybyerz.jsjs 0473836cfc335949eae38f3049dd3932d818dc6cbbe8c178f72c74370912d088n/a Quakbot
2023-05-17Caitej.jsjs ff381efb1295aa36ae2d04328ca9f71aad925eac4e038dc3bef716ad7b7e73e4n/a 
2023-05-17Zwotjjk.jsjs 7189923dc391acf92f8b2665a9634dcb93a515d3f8fd573ad20cc4a415eca27dn/a Quakbot
2023-05-17Rhptz.jsjs 6c206f487cdcc5cd97b062c8d95b824577612d11ef7aaabb7de70f3954d6a251n/a 
2023-05-17Qoov.jsjs 17ebdcd413de1447e40276e2ecffedbefd9911a1c916c9436f2e804d7f3eb105n/a Quakbot
2023-05-17Asrqskbp.jsjs de9601559d9199bafc4d17903285b531928f5588a2bee5008f7da887dc301e77n/a Quakbot
2023-05-17Jghlm.jsjs be1d449dbb102142b8cdb07edc6598fa231b31171691effa16bf63e1b25cb515n/a Quakbot
2023-05-17Fswfglje.jsjs 81feda7ebeca41b7fd5dca183d909afe6b54bba3c76a9565ca05770f4448ec32n/a Quakbot
2023-05-16Yhtpo.jsjs f3d911bd266e16e3eb6ce191c00c0a7fbab10e080e084e6232f3bcd389544f02n/a Quakbot