URLhaus Database

You are currently viewing the URLhaus database entry for https://marcusavila.com/it/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634978
URL: https://marcusavila.com/it/?1
URL Status:Offline
Host: marcusavila.com
Date added:2023-05-16 21:58:07 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:59:33 UTC to abuse{at}cloudflare[dot]com)
Takedown time:1 day, 23 hours, 9 minutes Poor (down since 2023-05-18 21:09:24 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Oohvgpit.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Ifrklw.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Lqzlevne.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Uizpiw.jsjs aaa6397c3b5c5cbd1cab295f5a1309ebf8461828123df6a8c037d0cd3ace880fn/a 
2023-05-18Vmoqt.jsjs 3833419abb83fe2369255a23b3fa983e65047ca005c0dee0d772efbdbf8ee75fn/a Quakbot
2023-05-18Jcqe.jsjs 1ef243d363359aa7c5d8ab0a55ffa52a9302f63a3750df5b8408c99641bb9ab9Virustotal results 27.12% Quakbot
2023-05-18Qtvc.jsjs 0f84fb63f382f7d5fa07382924a980e68a9af465c630f026b8dbfeb5a804c7ffVirustotal results 29.82% Quakbot
2023-05-18Ltzaxlt.jsjs d4d054686a5e084363a71c69d138897e7b35fe3a4008cdd377ef2a2121799d11n/a Quakbot
2023-05-18Wkncoo.jsjs fc9e138d576712bb870d465c8c9568c010f3081a0cee5918a906d5f82a1dfa57Virustotal results 16.22% Quakbot
2023-05-18Lirj.jsjs e0a76560e4dfa1a02a0ed9070737950e644f0b851388f7a580a8c384ba1ae3aaVirustotal results 28.81% 
2023-05-18Yltkuj.jsjs 5b903308829f5c7410c0e53ec748a05a9e2205f4400bf2941199cf2223c0e1f7n/a Quakbot
2023-05-18Gtuzniz.jsjs 714d6297effa9020249e19940853d50dcb2ba31d5301a716f34ddf73f9a58bf1Virustotal results 28.81% Quakbot
2023-05-17Sxasynu.jsjs 64dff88a0434f88beb3fac1ad7fb2945b374f90e6ee2ee7322665681b945e790Virustotal results 30.51% Quakbot
2023-05-17Mqcnmpa.jsjs 23fb378ba68beb5c6b1281c46215b56754ce9f89836c50f35b59615c2f79b455Virustotal results 25.42% Quakbot
2023-05-17Lyest.jsjs d307232640d2944029109ca441be49052d7c8d24590a54096c256c48e4d7da1an/a Quakbot
2023-05-17Rdzfry.jsjs 9024a49a844d092fb509a2d8e48a42cd4209b347497199616d579fa84a136fc5Virustotal results 25.00% Quakbot
2023-05-17Gjne.jsjs 3a16d7765c95e4f1c085fb18814d67ba3d65e6bf93e38d064ef74c1f9d15ac83n/a Quakbot
2023-05-17Blzmnzve.jsjs 559259d8417125f8b762aadbb8a48b34058c7ee430dbe672ad8c7bc3fb919103n/a Quakbot
2023-05-17Yjjnakn.jsjs 0d025c1350cd713034b5b581118f5b7a71d0ba2551cc2321adbd286c8493fa25n/a Quakbot
2023-05-17Pdjn.jsjs 56e1630e4d5a2e6b1c2e4e5494d4f0934129788140e2bb2894da4d50c48ece66n/a Quakbot
2023-05-17Fvyrtzpi.jsjs 9623a924d569da48816c787020b935e694233138b0a191e071b22ef04faf948cn/a Quakbot
2023-05-17Upzomrk.jsjs 1b39a01038b200010613a0428273625a89d9644be8a502d8ae9ac4ff7a5b219fn/a Quakbot
2023-05-17Yxtgjecq.jsjs 5f3260908ceb9baf368257eb06e0903f989f93abeb1061b00bead6b95e751cd1n/a Quakbot
2023-05-17Uiah.jsjs fa401c94e1c0c24669ee9264e690623d156fb01c44619a53085bca3a57ba1ec6n/a Quakbot
2023-05-17Itszhfza.jsjs 6efc0b90a11934a109182c0df76eae8106c300dae1c12eb7540de77b36af8881n/a Quakbot
2023-05-17Nvqi.jsjs 70071982509b7736b0280647f3cc1aecbf118d9cea16847b7dce3a1bd0eb8f6dn/a Quakbot
2023-05-16Aohy.jsjs 6d77e158f4c2e9583a6200c883e39d22831c898057f608a913bbf5fb8374112en/a Quakbot
2023-05-16Solior.jsjs 22e3843c9bb6730ee05faa06c01afec669e171150a9f112e465c2c56dee94429n/a Quakbot