URLhaus Database

You are currently viewing the URLhaus database entry for https://infoslotmedan.com/ifc/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634919
URL: https://infoslotmedan.com/ifc/?1
URL Status:Offline
Host: infoslotmedan.com
Date added:2023-05-16 21:56:10 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-18 16:17:09 UTC to abuse{at}cloudflare[dot]com)
Takedown time:1 day, 23 hours, 20 minutes Poor (down since 2023-05-18 21:18:30 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Tarxht.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-18Juijgft.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Hgwkru.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Ewjlme.jsjs 4318c3aca9ea3588152c3542de10b35f44918555530e4ceb7fd675fa62a49bd6n/a 
2023-05-18Wvxolc.jsjs 403516fd88c6e48a70d5ab2c1e966024e8e46c5403dcaa8dbb3b56774715cf30Virustotal results 25.42% Quakbot
2023-05-18Mrvppwmn.jsjs ced3c62c0b0eb34cebf34dbcc0ee8a52ffec9388cc383952b09c7aa421199a79n/a Quakbot
2023-05-18Ibrcltjf.jsjs 66a44d6ecc0bff8550c4f8fd93b40851e019bac6297339dd180d268ed9bba451n/a 
2023-05-18Eskovs.jsjs f7141b5e0f8768e0c1d39b6da886c311b1ba7a4a1db8d4efe2c936270bc2f0c8Virustotal results 27.12% 
2023-05-18Agortu.jsjs b3d737c721d3c5e7e58a28f076c7fc26e6ebaab2f08f52e645c645c0b8536210n/a Quakbot
2023-05-18Jcnk.jsjs 831bcd763103748a036135443a32ea80a8d0c311ba22872149bffc13eec6efc9Virustotal results 30.51% Quakbot
2023-05-18Zexx.jsjs 4199aea159f7829cacce2dcf979b07474ecef8f9e346c83817680cf1cccae1b3n/a Quakbot
2023-05-17Mxzmbtw.jsjs 992ec3c1bccb3793a6ae36e909056122ef9e442c16c17bcf9d771c90b85ee980Virustotal results 22.00% Quakbot
2023-05-17Zihesl.jsjs f80b9a7940830c735c2fbaf225da18389f25dc1ed7ef8e073311c9b3d680a95bn/a Quakbot
2023-05-17Hokltfoe.jsjs cf3f8bcfc47120345a6bf7e2b44265e2cb07dfc6d6aae1290d5552e5f6d2e1f7n/a Quakbot
2023-05-17Fpziab.jsjs 6b01b5522683c655f6e33fc4ecfa2ef55bae886a543ba306b61dd976a892fe96n/a 
2023-05-17Aitcgj.jsjs abc48260d90f80894b8dce196c06da33c2c84c6e28e7f70c81840bf419cf2344n/a Quakbot
2023-05-17Titbu.jsjs 7fc4905fb7d4a1e1c931e869fdfaabceabbdbf242ca9e35ff7178f74e6f7b207Virustotal results 25.42% Quakbot
2023-05-17Utfockyp.jsjs fe38571546fce56178ef24eac652a6bdb02adb17817e8381824c1e1039b5f642n/a Quakbot
2023-05-17Mlgttq.jsjs 360b01d06239b49ebd13f30ba22c51a294cc826a044a01d523643cb4a72216bfn/a Quakbot
2023-05-17Qefidrt.jsjs ccba033fcc4b15fb91d9e05a46c792cec100b0a264291615fd52cdeb2137b795n/a Quakbot
2023-05-17Apnwb.jsjs 8ed792646ca4d47ee4be3acdf8ddccbecd6be9a1b20d7ec0e316fd4cbddd22dfn/a 
2023-05-17Laplfvg.jsjs 811da9d74bb4b9006abaaddf0b14cb1d790dc5bee9af89f9bdf852056299576en/a Quakbot
2023-05-17Jkfk.jsjs 64e8667e1486b98d04c98e99c8ca944a6ae44e1256cf8e9a8cdb343319af0a62n/a Quakbot
2023-05-17Lnma.jsjs 57b8fb5fed134d8d4231e580818826ada10b9e6bee693b60ab679a770c8353d6n/a 
2023-05-17Ytbagdc.jsjs 7dac69a67d60a5dccfcd681ee48e48ceed112babe409671ae588ffcd7d16fc93n/a Quakbot
2023-05-16Whmbnif.jsjs b60cc83040f3eb1d29724f6214148db61ad8171a57a978ae31979e032826070an/a Quakbot
2023-05-16Roqq.jsjs bc26203a9126b35c964d11e205fa68b3439c266a029621ed8ffd025926a30e29n/a