URLhaus Database

You are currently viewing the URLhaus database entry for https://petraacademy.org/sbtn/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635025
URL: https://petraacademy.org/sbtn/?1
URL Status:Offline
Host: petraacademy.org
Date added:2023-05-16 21:59:06 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:00:03 UTC to abuse{at}colocrossing[dot]com)
Takedown time:1 day, 23 hours, 26 minutes Poor (down since 2023-05-18 21:26:48 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Qutrf.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Kubzfcgt.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Aolsxtf.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 29.09% 
2023-05-18Yufvgq.jsjs 2148fe2b647b8aa1006957e65de07d42e631ced18a21aa3d1aef1ad5d22ffae2Virustotal results 29.82% Quakbot
2023-05-18Vhmsi.jsjs 5284d5807da5986ffb17fdd9761066974cb34030eb5067e7f9a65e48b32f37e8n/a GuLoader
2023-05-18Cybtgrhy.jsjs 569b94ae6e9101918add0cbef52c7d0516b8faf8e79f3273d7d102982c544c18Virustotal results 22.41% Quakbot
2023-05-18Cfqral.jsjs 2ac229fd994bdb64a7cde85dae50a0f2f6a3229eed9afc763d5f8d0e9b4f0ef9Virustotal results 20.83% Quakbot
2023-05-18Grmezubk.jsjs 973858251132d0779245a2e9dd301914a73702dadb9512759bce343a0fa1cb23n/a Quakbot
2023-05-18Waapw.jsjs a23cf11c2f986f5d2412a9c98d50dad0b0a02cd2dbbd6fdb1eb47c20cb7dd2bbn/a Quakbot
2023-05-18Aknry.jsjs ccdaaebf2ae2ce525ab5ccf2b4d74cf6b58e7d9515c21c0d46e2b8e0709eefb6n/a Quakbot
2023-05-18Jksxoe.jsjs 9a649ac76d537c5f4ceb023745e2fcb3a6ed8443c46ac1f2dbd7da98f0487deen/a 
2023-05-18Pfgwte.jsjs 8323339fe9864a8ae4d4d40aaccb4bf92a9b3ba6b545c2210dec09fb28bf9374Virustotal results 27.12% Quakbot
2023-05-17Qckcptjq.jsjs 0d19b7d7e092df5355727bab9cbf454b5b17f90d5380ef6240d0cada7cb5a1c0Virustotal results 15.25% Quakbot
2023-05-17Omvunbg.jsjs b4a90889250c70642150c7b822ece35979290cb3664a5f778ccb8195b4c440ecVirustotal results 25.42% Quakbot
2023-05-17Josblczi.jsjs 79b1f8ec256643dd38b44883fae1a1c46e851db6d07560d38f8cb371756b1fa1n/a Quakbot
2023-05-17Wxpduagi.jsjs 0a6a1598b501c10c9f5b674586502de9eb32d51063c42dfce137a78f56aa4388n/a Quakbot
2023-05-17Lllut.jsjs abc48260d90f80894b8dce196c06da33c2c84c6e28e7f70c81840bf419cf2344n/a Quakbot
2023-05-17Kpgrp.jsjs b80551abdf45ba18befb113fb4c02517cb49680bde72f8ae92ef07e61857ec89n/a 
2023-05-17Hsztzi.jsjs 0ae16f66866567a01f4af47c0c7b2e49d1e54eba4e457b2de97f88c48016cedcn/a Quakbot
2023-05-17Ayyw.jsjs ac79417838135cc0ab089b58c8e8d22fb425c60f883261a14b776af913a73e17n/a Quakbot
2023-05-17Ppmja.jsjs 43f9bb0f16d662cd37d2d89b41a3e0d5238e2b215f1fbb503d928cbdd89e301fn/a Quakbot
2023-05-17Yvvchsbd.jsjs 5724f1885c774b30c352d08430833f19f416b7f55434be224925d842d285be38n/a Quakbot
2023-05-17Ecxa.jsjs 3b485c8bcfeaeadde9e7e0806191c94dd17d077658da1cce5771cb53932d9a41n/a Quakbot
2023-05-17Rcwe.jsjs a6f4556791ac24ea1701db8724c772748bbc47eeb06c7bd138fd14493e99d103n/a Quakbot
2023-05-16Aozrr.jsjs 9b5bb037d402e493668f8cae5d6c97f34c0979c0955808e7b89453bb4074ed77n/a Quakbot
2023-05-16Beyr.jsjs 51fcdd4871e332e608129932d01267d1f0e665d5180d67268bfa3cb0f9683a30n/a Quakbot