URLhaus Database

You are currently viewing the URLhaus database entry for https://manubirdinglodge.com/md/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634974
URL: https://manubirdinglodge.com/md/?1
URL Status:Offline
Host: manubirdinglodge.com
Date added:2023-05-16 21:58:06 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:59:18 UTC to abuse{at}bluehost[dot]com)
Takedown time:1 day, 23 hours, 3 minutes Poor (down since 2023-05-18 21:03:03 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Xsrrlnr.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Dastkt.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Qybbp.jsjs b506350897a824484b893d2bba312f8091478e5825643d2a2c820ca83480a1een/a 
2023-05-18Uvjjso.jsjs 6a36fcdbced70acfd047d3132e249ef81960cf97f62f9e391e672db0ecd19f13Virustotal results 27.59% Quakbot
2023-05-18Kbhlb.jsjs b267e2261f79527d447d6a639751fcabcf68f9640e62a3c3106b4f750cb07b66Virustotal results 32.76% Quakbot
2023-05-18Hxfmylcw.jsjs a957652292b9f2b69f858cd1f3221d9c4ae8b165a295b91459fd2bf2eedce715Virustotal results 25.86% Quakbot
2023-05-18Enxrnomj.jsjs 7f1024ee7a57ad586eb6a36dbb25ba4f7e78cbd55b3c87d5209716b7628bc53cVirustotal results 28.81% Quakbot
2023-05-18Tgihgy.jsjs 7d4c05f2b21fe02c34ffc3bc7077929482fa7cdbc01c894e2647cf6e38ab20bbn/a Quakbot
2023-05-18Gztra.jsjs 36032c143a4485946e82aa6aab03ac420e5589d6c74224bd71b3b6bc62b6dfecVirustotal results 27.12% 
2023-05-18Yrop.jsjs 64dff88a0434f88beb3fac1ad7fb2945b374f90e6ee2ee7322665681b945e790Virustotal results 30.51% Quakbot
2023-05-17Ylrwkfig.jsjs 0af9a445f31e51c20a58fad5f35d353da59c49e684bf1db02c436c4d7f7f18a6Virustotal results 27.59% Quakbot
2023-05-17Kwlgocn.jsjs 5fe1ce92222b0ef2d0fe599c26907689fbeb05acb3c14dcc9cd468d2db479a26n/a Quakbot
2023-05-17Xulevmrd.jsjs 5b081d8987954ca182f1f9c83eb5c24851ef6647e29f84c5fde150d826531e53n/a 
2023-05-17Pjggxyqz.jsjs c6712a15900f7986ac9ad350dec34f50284b50e708bdeb42e320d99659f8d46fn/a Quakbot
2023-05-17Kcen.jsjs 6da4a8bacb02c6d1b3251c5978545168c0712fb14b5ec2731a867b73a3daeacan/a Quakbot
2023-05-17Pvoby.jsjs e50886cba40b1a43e2a678f24566fd07c951a78a554670ec3b2f25a3866d0d57n/a Quakbot
2023-05-17Xvxbl.jsjs 3f5e5c65bd5814cdaf300e4fff7de23851e1c5fcc764d920ba42761515bc506an/a Quakbot
2023-05-17Hqnctwhp.jsjs f179dd48d26da146fad9084ac3bbb7f0b205fe2beb16847ca18cbcea384f7428n/a 
2023-05-17Hwtlepn.jsjs 990bfc2a6d8a3eed41630f3fe4a43e09a04848177fe54f8bc00915cc74ca2dbbn/a Quakbot
2023-05-17Laltpz.jsjs 580bc88df680a07cd42577ebda91818e23b061ed5ba3bcf18159381bb4cdae98n/a Quakbot
2023-05-17Jklw.jsjs da43d0165f6fc0bf5fed7055dccc7309101ec44b5556bb412f2df5c5895968bbn/a Quakbot
2023-05-17Qoqzvwew.jsjs 963e78f95842d7893206e6d06d52d6af8c75b4037f56562afe71ee1e54435df3n/a Quakbot
2023-05-17Yzqjvtc.jsjs bba51192fc44f0da9293f16a286a8089101bfc111060559449edf58b2c46f8cfn/a Quakbot
2023-05-17Cpfhanz.jsjs 80b59ea44fe0b20e338b578433ec4a4e975cd271890d96e779f50518f479cbc8n/a Quakbot
2023-05-16Ilry.jsjs 44328f70649c8496e2b9c83305aa82e47dc9384307796e2a85c39af6999bea8fn/a Quakbot
2023-05-16Gafypvv.jsjs d3acd209aba60e92da106dbc6bf19bfd1124d2b5e1731ea185edfc10835d0ca4n/a Quakbot