URLhaus Database

You are currently viewing the URLhaus database entry for https://oscarmontezuma.com/fr/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634985
URL: https://oscarmontezuma.com/fr/?1
URL Status:Offline
Host: oscarmontezuma.com
Date added:2023-05-16 21:58:09 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:59:12 UTC to equipo{at}brutalsys[dot]com)
Takedown time:1 day, 23 hours, 2 minutes Poor (down since 2023-05-18 21:01:36 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Dbapyvpb.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Memhnbk.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Steas.jsjs f36cd5d546571a052082d15f6ebb624b8c95d80a39caa08af6596b394f6c4617n/a 
2023-05-18Woazyt.jsjs b3b212df7bb0cd8b1bedeead78a593031af0a490cc4b880a9ad06b0f1c5275bbn/a 
2023-05-18Ixbvk.jsjs 9b45c4614db7627fee14ec88aef1faf7e97115a9755ad170998bf331df8c2b0dVirustotal results 27.12% Quakbot
2023-05-18Fkkhloi.jsjs 8cb9812b4c0409176b2f0770497520692218130496cf0a2a363b4606ce28f506n/a Quakbot
2023-05-18Dproyy.jsjs af020f4121ed33dba057c101c7d8fb714a2c96c883601c63acf7dc505818a5a6Virustotal results 27.12% Quakbot
2023-05-18Ezpz.jsjs dd49f4bd134e3d669ea1daeb866bffdb27dd69e46b07dfc3b04758e718b40700n/a Quakbot
2023-05-18Mdtwbuza.jsjs ca9502bdc52560b18884b4483fd8adca417142d736bc92b2039511c11483e4f0n/a 
2023-05-18Qrtzkbir.jsjs 3bc2c76bd30c4f67c56425ecd3201a7bd43655778be5fee4b7a2f72478c57d5fVirustotal results 26.67% Quakbot
2023-05-18Qxnkixv.jsjs 3302a636901e95a2eb9b66a8fdda7e3cf8997cec8749d879da126651b259557cVirustotal results 26.00% Quakbot
2023-05-17Kuim.jsjs 26a9ccdd2cb5bd68aea8b06532a4945f8f6585f5ee8e03fd64c7dd7ba9bde535Virustotal results 25.86% Quakbot
2023-05-17Cmfyyct.jsjs f33a199b902aff95c3dede5cbfe632298042593120c23bc925987f2dcdcfce53n/a Quakbot
2023-05-17Xkswtxc.jsjs d1a92330c8f58a18b81d7ff1a9ea348b205fda7b106c31a2d1e09764a4557fa0n/a Quakbot
2023-05-17Xhhhryro.jsjs 80ab380263a5873a2a0e5bf0f6970a2c5a2f1bb6ced244bb881a685269c5d92cVirustotal results 15.25% Quakbot
2023-05-17Loydk.jsjs a22b66a10925ee0bc864c2b920e30792c9c23d171ffe1d926a43d0403fa0f1c5n/a Quakbot
2023-05-17Uvlkp.jsjs 67ff580532af15d6457fe1b6aa59886c46bd5c72906c86b58aae1e7aab70fa3dVirustotal results 25.42% Quakbot
2023-05-17Lmlzh.jsjs 345e76a5091b5ecf319a57a8901fc203f48dae4dcc62b70fdc4d1e542d1a1f46n/a Quakbot
2023-05-17Kybijw.jsjs 769c4dfb2db91a241a8edbccb6d27bddbd41408fa9542596dd0bf30a47ad1b5en/a Quakbot
2023-05-17Ftwbxc.jsjs 5d1b4ef3941a9e81aedfe2b616b6f3d5299ded92fdf5993d0c7c234e83684ae4n/a Quakbot
2023-05-17Ejfkvkzu.jsjs 309f5584b5712ef4c98b99df7aaea32de17f4431e2fd36a4e7d6f0620cc082e4n/a 
2023-05-17Xakg.jsjs 2001bae83839d29f483f704ada89503eaab87647a0702ca6bc0d2118f7d542adn/a Quakbot
2023-05-17Iiep.jsjs b460935fdcfcc871161c0922e3f942e3ff1117e61fe9f13fa6b5a46e19438cc2n/a Quakbot
2023-05-17Vklx.jsjs 112cb501b3eab261d068fe28769c1bd86929475e9d802427a6e24beb6bd08dbfn/a Quakbot
2023-05-17Ksucnfys.jsjs 536d093e456ba880384cc7668c293363013ec5cc5487e93f03c76a9f5c645e20n/a Quakbot
2023-05-17Ihnv.jsjs a20a305fe67cbe90ed9c6231111a1b10e6025ba120e7e6b2d3537b43f138bae8n/a Quakbot
2023-05-16Vvviqj.jsjs 4df7d020131f788512895db0a008beb9479df80ac8013dd7f0b57d626da30041n/a