URLhaus Database

You are currently viewing the URLhaus database entry for https://karvanalkhasais.com/edu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634943
URL: https://karvanalkhasais.com/edu/?1
URL Status:Offline
Host: karvanalkhasais.com
Date added:2023-05-16 21:57:07 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:57:56 UTC to ocloud{at}stablepoint[dot]com)
Takedown time:1 day, 23 hours, 11 minutes Poor (down since 2023-05-18 21:09:22 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Jguwrj.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Nqqu.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Tppjmen.jsjs f6eab20312b4e8f7aa1444139c874202c5abfab308a3d8f2df08829f22c7e9f7n/a 
2023-05-18Erxmmu.jsjs 17c3055ce856c6ee8bbfdfa36ea81dedf3d495e3aa418145fea73358747d4cd0Virustotal results 25.86% 
2023-05-18Msdgny.jsjs a6974773e37cbd56791b75effa167213997aeaaa65d704bd1de8aac6d9dd42ceVirustotal results 30.51% Quakbot
2023-05-18Asof.jsjs 20bd75aa446aa0b87c0d7042cd6119cf26dee2dedc5fe401477ada73a6c84e1eVirustotal results 22.81% Quakbot
2023-05-18Sfus.jsjs 07903a989b7e8631bdf7709c9f662e13388037ed84e2a225ce9707ff6d5679a7n/a Quakbot
2023-05-18Czlf.jsjs 0eb9fa07ffbdae465ca7afa7b68b6b38311315046844cd6ac97c9e3b77d5fe99n/a Quakbot
2023-05-18Ngyxich.jsjs c3e99de4200fa77aa025ca9c3691f352cd668d0a77b4f467305f66cb4f933618Virustotal results 16.95% Quakbot
2023-05-18Hprlop.jsjs c82de2729716408ddf8dadbc7c96d591774e13040bd782c4b2f6f56ee2b039d5Virustotal results 30.51% Quakbot
2023-05-18Yaifno.jsjs 7f4b255930c48f8c5845c7ee4b70176ed27fac14ad26798578fbdaf327bc1157n/a Quakbot
2023-05-17Bxaxcpq.jsjs 7c13bc2d2d42fdea47cb32e74e359fa9939073a81098e801e04a6daaee5e9ff3n/a Quakbot
2023-05-17Nbxk.jsjs 53b3144d6c4d4163d5317d32d6bfcc11069a721edc167234c3599a6e2aae5274Virustotal results 25.42% Quakbot
2023-05-17Augew.jsjs 0204463c040334db593942c0e48063d6f6df33cbfba1fdbf8bfe51aa0bf83372Virustotal results 27.59% Quakbot
2023-05-17Qmtuj.jsjs a3b99e8c39ad9b207f02de2422a94864986aae304adc635dc0cda1b27ac9e322n/a 
2023-05-17Yynygjjk.jsjs 91bf97c2e5d25bf79ff22ef99cccd3bdb7aab412d34521e172610b16562203d8n/a Quakbot
2023-05-17Zsdsgum.jsjs fb2bca8ce3aa4207fc636e9ebc34bb47cc0d9b6a233352bff3b6875b6bedce3dn/a Quakbot
2023-05-17Lfuqd.jsjs 77a97bbae92dc7a7845ded72bd28a849a3c41c2912628816d93ff4b9a27ed45fVirustotal results 32.20% Quakbot
2023-05-17Jbocp.jsjs 0a976cddfcc0bc1b5776cc8cce0d9d1c9fbddfee4017434169358a45936d3ab5Virustotal results 27.12% Quakbot
2023-05-17Btim.jsjs 29d88d7a73d988b2b2c5ddc76ac150742366a2a8c379758bf47f13c2fcf01346n/a Quakbot
2023-05-17Fhnlgiqj.jsjs 4633db34262f184b07f3dda2573599ff37c537f204a16992bc9d96d12fda0dd7n/a Quakbot
2023-05-17Ehak.jsjs 56c8f0d638f1e739888e036b3824317be2191417e764c65cd8a25b0cf2d02d28n/a Quakbot
2023-05-17Niuxecog.jsjs b03a776c0b61b004631c2c76a4257ad12b456b73d88021a9e2e6de14d927a9e7n/a Quakbot
2023-05-17Plyyniba.jsjs 4676949d758399b6e7cd5a711cb6ed65e3d2246de3981b7edfa71d117603c0b9n/a Quakbot
2023-05-17Iaydrud.jsjs f951afa07fb8008a8bfe7770059580ddd74579bce91b14a8410b4417b7cd8e04n/a Quakbot
2023-05-16Kbioo.jsjs 78ff19e36de99824386eb0055110f4fbce4908cf5c5774f23bde0981f516eb07n/a Quakbot
2023-05-16Dxgeb.jsjs 4536176750d5b4508a78e8863814ff1264fef64f7af8f109490e6b6039d88684n/a Quakbot