URLhaus Database

You are currently viewing the URLhaus database entry for https://heyheyitsme.com/aqut/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634906
URL: https://heyheyitsme.com/aqut/?1
URL Status:Offline
Host: heyheyitsme.com
Date added:2023-05-16 21:56:07 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:57:25 UTC to abuse{at}hostgator[dot]com)
Takedown time:1 day, 23 hours, 29 minutes Poor (down since 2023-05-18 21:27:11 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Vmej.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Uflig.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Jherere.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Noif.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Knlboc.jsjs a2e78240342fffabd6d5fcec41706850da2e693b5d306dc7e1836c2eeb572ed5n/a 
2023-05-18Lxaftl.jsjs fae629814f35347be8a9c27137a0647d8595c12c56f0a56c838b3af38436c27dn/a 
2023-05-18Fsokzx.jsjs 7b0e64b5b88495d402a11b16ad7776cc5e0d44a07992e8b9cf9c7006a92ac8bcn/a Quakbot
2023-05-18Fmixtp.jsjs 42c81982e5f4b734f8ff57da5bebf9b6d8f79c468dd97a2b69b831657bbc8258Virustotal results 32.20% Quakbot
2023-05-18Adagf.jsjs ace729a8273c30f923532f7f1a8c2d214aeb49b0c3109d8eff64612384b29140Virustotal results 31.03% Quakbot
2023-05-18Izkvlfbb.jsjs 5c02cc26158109b9e14b2601be5848cda11477e56c521a791dfdc4081366da0bVirustotal results 26.67% Quakbot
2023-05-18Rdofqfn.jsjs 584680760762a6814ff84e38f5de401a9ba356c834f6302e03634c8883180fd4Virustotal results 24.14% 
2023-05-18Qqbpo.jsjs 9b64ae131a9769a5a9c68d07ec022e6c1bb857b911fd3e4ba914453db7e4b317Virustotal results 25.42% Quakbot
2023-05-18Bzuxu.jsjs 479435405ce11b58fbf16a8d7d4f3f1b2d8952718a2dd79f8c0e4ecb91176be8Virustotal results 32.20% Quakbot
2023-05-18Gcmfqq.jsjs 9f9b7a0d9944437dbf0052fad1d08898979bd6c9a9d937a98cea3c757a5f15d0Virustotal results 27.59% 
2023-05-17Cftqw.jsjs 023250d4f9af49d2f7968647280c712aff55b6146a5a06b7b302bab288a405baVirustotal results 29.31% Quakbot
2023-05-17Yrlqrv.jsjs 47838303934003e958511bf93e4b40816c144d7ddb6c99ad7cdda7145ee5dcf8Virustotal results 24.14% Quakbot
2023-05-17Iskdiwca.jsjs 13429cf0cc28ad9378b2b6c46f7c85f5356150262bfc598353fc15c0530e893aVirustotal results 22.81% Quakbot
2023-05-17Lsxng.jsjs cadf3b701a796ab414a9adb1d3c761ea95dd6b2b518dd9d9f1034a9982d8fc30n/a Quakbot
2023-05-17Rcklxvbr.jsjs 294b64c51f30b3884a2067b27a59ddcf4f5c3284a38a7260148eca0e86061a53n/a 
2023-05-17Bknjdp.jsjs 743cf712f367f3c69cc6bfc3a3734a66d19bef6e76aabcc6a8b97c534a3b5557Virustotal results 30.51% Quakbot
2023-05-17Nowraa.jsjs 64dbefc6ce8b2caf9b441a36490ebed30319eed28e49ddf95d43659494906f10n/a Quakbot
2023-05-17Riftimql.jsjs 8b4bed5cdc5e8c2a435e776eb76bc2a3ad5af955fbcb95ad44e3f734b6240ffbn/a Quakbot
2023-05-17Kpwng.jsjs 8bb862112945a2b0fdfaab1b5cc6e76d54949ca484496154b1b344a9f60edf6bn/a Quakbot
2023-05-17Wyjre.jsjs c1e15ac8faab08b1d95d726787eac018a4549afb3a82667c67844c9a7938dc31n/a Quakbot
2023-05-17Oexx.jsjs 1d0d427a35ad39b854825b8eea2b8546717bf729e23b1638646a096c2d3922fan/a Quakbot
2023-05-17Niwjn.jsjs 330d60b045bfdd83868d5edf61706b25e39f1b93a039abbb42b33607862516fcn/a Quakbot
2023-05-17Yrkeou.jsjs 9e30c3409ccf6100d7a3effbb912a09bdafca3c1518c61838c4fd19652dabd05n/a Quakbot
2023-05-16Jgha.jsjs 2d70a73d2f2210308d6ef9c50b666bdb23743ab160567bd1ddd92766abcc414bn/a Quakbot
2023-05-16Japxr.jsjs 2a5273857a572d9c8f409949a3b016860019bc593778071c7316ed72af272c76n/a Quakbot