URLhaus Database

You are currently viewing the URLhaus database entry for https://menangmudah88.com/eemc/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635023
URL: https://menangmudah88.com/eemc/?1
URL Status:Offline
Host: menangmudah88.com
Date added:2023-05-16 21:58:18 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:00:01 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 0 hours, 7 minutes Poor (down since 2023-05-18 22:07:08 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Uvozgy.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Edtbptut.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Rivmq.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Qjagybrv.jsjs 3cc5422658c2598cbbc2122322d49628059f49038bfcdd2b2fdaad8db8f9fee9n/a 
2023-05-18Pimflyjt.jsjs 3f2b1d4fe71004830b3afc87d735391d7ff0033d3264baf0b9b84903c52c16f4Virustotal results 30.51% 
2023-05-18Rcpgnjw.jsjs 74e7f951fe5dcd84fa5c570a1b2e27991662022a85a90f8f38cff80d462e8541n/a 
2023-05-18Rrje.jsjs e84b4920d25503f9505dfe8813b964551aa485cc176eb30dc5ac5e46dd5d56bbn/a Quakbot
2023-05-18Tsevam.jsjs 93be05e8c37282bca34649a25ba07962fb7da33e5799c01e05c15cc3b72589ecn/a Quakbot
2023-05-18Rdbcuoa.jsjs d8227132d7300d02c5cf46a7c7c4ea76a6fcd10c516382dad0a8892266612025n/a Quakbot
2023-05-18Zguxjdtk.jsjs 00662b73e2bd3a971290d1314c7c89f0f6d0d7244ebb8fde1721be20fa50a8daVirustotal results 30.51% 
2023-05-18Rewe.jsjs 72495f905e654ea365738e7e3ac93200be27ad81df4327197c8d1a1427209a25n/a Quakbot
2023-05-18Hisgu.jsjs 6880ce894904976fa0bcca1c18a48cf2a862737e355802fd26301563e6a09454Virustotal results 27.12% Quakbot
2023-05-18Bkxokzuc.jsjs fb639f61394301ec51c3c82b270fa10118b12150f177db33a72560d80ad79f25n/a 
2023-05-17Hvsk.jsjs 6ee195c06baf35069572750e08cf581ee2a7a59c0b75faff8c5284a839f34ee6Virustotal results 32.20% 
2023-05-17Zjvw.jsjs abc48260d90f80894b8dce196c06da33c2c84c6e28e7f70c81840bf419cf2344n/a Quakbot
2023-05-17Gsozmzhe.jsjs a7559adb58fb8ca343a880d3a323c7307621cf7e95fee410922b0ee0d24d8bc7Virustotal results 31.03% Quakbot
2023-05-17Vbzttja.jsjs 2f457141989cd8db7267b3dd982bc3aca3c0d763161cfedf75384aaa9b27bfe3n/a Quakbot
2023-05-17Inai.jsjs f7e8b96be3ac805e339ea8216ff018b90165280b8feba0fb873973b6f18ca747Virustotal results 27.45% Quakbot
2023-05-17Bvtu.jsjs 3833419abb83fe2369255a23b3fa983e65047ca005c0dee0d772efbdbf8ee75fn/a Quakbot
2023-05-17Tiagkxo.jsjs c321a1664d74da4f73b983c793c4059b38202d4116be2e9f53f9aa1d4320d830n/a Quakbot
2023-05-17Tjifi.jsjs 2f5a37b1c41f4eaa483ca0e6b8ef14c0b656cfef1e713f74510c05a462ffa8b8n/a Quakbot
2023-05-17Wthhfoyf.jsjs be67d60d56901d48a44bc142936b6e28a2f67a12f26648df608040ee246777e2n/a Quakbot
2023-05-17Jxwgskte.jsjs 770edc4bf1912bb5feebf8a5b92f9d319a8dc469127de7bde4611ed08903085bn/a 
2023-05-17Jkccgwn.jsjs 930e6e133fe2f5e4adba54909e6bfce4821f97d4fcd39a9723fae0d490506ef2n/a Quakbot
2023-05-17Ohky.jsjs 3b2e0798b89a39328ab5ca89100b24db240f8560451757fe71607b353b288fb8n/a Quakbot
2023-05-17Euhz.jsjs a127550b500569d758df2d429ee67f3a9f395483b2de730a3b086e1abbf1c0e4n/a Quakbot
2023-05-16Nkbkig.jsjs e42ca0fc7a85bd4eead60c901d2c0e942fca01ad035c0c538cbf36b4831f21d9n/a Quakbot
2023-05-16Buhvyu.jsjs cfb668b6b769136e79eb9a5e8b255ac2a109f369c3dd17e296019efe0c6bdae9n/a Quakbot