URLhaus Database

You are currently viewing the URLhaus database entry for https://pipclass.com/snei/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635041
URL: https://pipclass.com/snei/?1
URL Status:Offline
Host: pipclass.com
Date added:2023-05-16 21:59:09 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:01:18 UTC to abuse{at}digitalocean[dot]com)
Takedown time:1 day, 23 hours, 2 minutes Poor (down since 2023-05-18 21:03:46 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Xibo.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Fwbvsldx.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Sxylje.jsjs dca1ba4908a916e7dc3547b112a3529dce82141963ada2366387bc87376fadafn/a 
2023-05-18Jutxosv.jsjs 21fe5b84a05703a96f7e89bc1831bd5ef93ce9c6e1afe08259006454a502ba59Virustotal results 30.51% Quakbot
2023-05-18Mwqtk.jsjs bfbec36fede661575f19295dcf1df9ba2fa3f0ca817dd9cc5efbd152f86a999dVirustotal results 23.73% Quakbot
2023-05-18Pufuytb.jsjs bb62ccf9fa803df4844b790350de975a1f8ea136f9334e3563a5e8ecf4d9b601Virustotal results 25.42% 
2023-05-18Vuyteet.jsjs 112fb3f4fda57d58405f842081f111d4f583c40ece7f17fd6805832360da7072Virustotal results 28.07% Quakbot
2023-05-18Djiyrse.jsjs bc85062a6ed96ba55f83637c5941ebb10dd8734a7486eb2e716a41e21578b347n/a Quakbot
2023-05-18Nhcxsogc.jsjs 8f5bae7c3310650dc125b9223695f4a40a6d1394f6f6f9dff466a3e53099ba7en/a Quakbot
2023-05-18Fqfzyy.jsjs 64dbefc6ce8b2caf9b441a36490ebed30319eed28e49ddf95d43659494906f10n/a Quakbot
2023-05-18Mkqdgc.jsjs c7f9d6c56a28ecc44744a1c617778af39179d5869bca0ccd518016eae401078en/a Quakbot
2023-05-17Iiha.jsjs 40b44314a486ec7a8d570abd6d0edb8d6d9384e75de8dfd5d698783e701d3dbaVirustotal results 16.95% Quakbot
2023-05-17Gffryz.jsjs 07d1842292aa2619ebfbb551eff5580fb24f945283f3de4298dc06f9493b6b20n/a 
2023-05-17Ndglot.jsjs 1d6e41a96832fff256d4c07d7cdb318a251230e1445351f5ad36b87ce958bf1dVirustotal results 25.42% Quakbot
2023-05-17Xqbck.jsjs 41d25fd2c9445a58f5ae64b05b6042873508bfb85efe4b1b00c3c1b03c4f930bn/a 
2023-05-17Ljcufc.jsjs 9fc93269f064d50db15333e3dbcf15dccb35094dc51bedfc465ba99ce6a37953n/a Quakbot
2023-05-17Hotyidss.jsjs 6bf7410f1b32c7fad44030961607fb13ec400a2a008f5817485ba84c5c297175n/a Quakbot
2023-05-17Kmcfd.jsjs 4f062b849c4532c48cb6fda802abe204e5f672c48a02d683ef6af733be186a13n/a 
2023-05-17Htpedtyf.jsjs 6f409b7331ca04cd6b1fcf6de6a02f7241c43ce1a4cfdd97d42a6e656969d681n/a Quakbot
2023-05-17Dizk.jsjs 92bf00fe3caa3cf0971ee5bc1b899b9b780acdd834629aca0afe8c57fe559ee4n/a Quakbot
2023-05-17Tpewf.jsjs 4dcce2293667ed04bd00979019470be76db7f1d73713c8d2263e19ec84fb1784n/a Quakbot
2023-05-17Dvbtvm.jsjs 30a06e3d1ee245e3af405184adbc635f3c3396afc86cfa18132bbb767b1ceba2n/a Quakbot
2023-05-17Ttuqg.jsjs 73d865fedb39a95129b5fe4a33cb2bfff00ae9d9bf3a8d24baa2f9d26f81b5ddn/a Quakbot
2023-05-16Vzrx.jsjs c18a0e3a1042e36bd19554fdd5a6a35b956670812183492b47054a46dda8d12an/a Quakbot
2023-05-16Yyxhpwc.jsjs 1fcd136fb0ae932044c735473f6d1cb2adff13e628645b3aca8ae24d7454509fn/a Quakbot