URLhaus Database

You are currently viewing the URLhaus database entry for https://renovavel.net/ci/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635048
URL: https://renovavel.net/ci/?1
URL Status:Offline
Host: renovavel.net
Date added:2023-05-16 21:59:09 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:01:24 UTC to abuse{at}hostgator[dot]com)
Takedown time:1 day, 23 hours, 12 minutes Poor (down since 2023-05-18 21:13:56 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Gnjpob.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Jquff.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Iciyxw.jsjs 8d677183a1526f381d202c26a4b323d90fe186278e501aa7aab1b2697a5d7addn/a 
2023-05-18Dwbzrega.jsjs 4ffb85021d6164060c67daa09fdf36dd4bb6801559cd72715aaab76afcd5a510n/a 
2023-05-18Idnkapsv.jsjs d7c515caf105f46c900f5862443f7dccfef29b7544788a80e4bf47e410fb0106Virustotal results 27.12% 
2023-05-18Nfledis.jsjs e8cadb2bfe88e91c6f0a88fbfa3c83c7cce944155ffde2920ad925df8ba77f75Virustotal results 24.56% 
2023-05-18Fhyfpdgu.jsjs cca9ae0f45d9d362a7e18d9f86ed7a18a1340c3f3d4811c7a2ddc658408bd496n/a 
2023-05-18Mhqdjns.jsjs d307232640d2944029109ca441be49052d7c8d24590a54096c256c48e4d7da1an/a Quakbot
2023-05-18Kmmcs.jsjs b64790ef2bb214bf0fea83cb0aff305cd66dd38f065ab3cc62b9ddf5d3570eecVirustotal results 23.73% Quakbot
2023-05-18Vdow.jsjs f80b9a7940830c735c2fbaf225da18389f25dc1ed7ef8e073311c9b3d680a95bn/a Quakbot
2023-05-18Uauc.jsjs 2a38d5dd759f5e13e433429b8fbed42e9b1fa7de9f671bf87d0739862847c16aVirustotal results 26.67%Quakbot
2023-05-17Olotqygy.jsjs c977474e11ea0066144f719c48b4f2d5ae32da3a13eab7d64cb3433546b8d738n/a Quakbot
2023-05-17Dkkon.jsjs cac584e2ff62f01ca51db682d0b6d32ff11123c3bc3b6a5e9794606ad51844fcn/a Quakbot
2023-05-17Ecbme.jsjs 50181b4f3b73fded444a5822e9aae57537b05f693c1a1887d0f8b54f0f597de3Virustotal results 24.14% Quakbot
2023-05-17Wuhg.jsjs 8323339fe9864a8ae4d4d40aaccb4bf92a9b3ba6b545c2210dec09fb28bf9374Virustotal results 27.12% Quakbot
2023-05-17Ygzo.jsjs 58b0e516ec4c36b4a0582314a01bc968a5e3a7acce646abe2179ef5adde91a24n/a Quakbot
2023-05-17Qxresygz.jsjs e5f9fc33236b5ba2988d71e8585b3802d96cde07263ae499ce6ac56cc9db183an/a Quakbot
2023-05-17Tijedze.jsjs 3dfefc0e91ce9c601581448bcc12aa145f0ae317f0c3bf6cd09b4605cf679ce0n/a 
2023-05-17Oqzad.jsjs f7141b5e0f8768e0c1d39b6da886c311b1ba7a4a1db8d4efe2c936270bc2f0c8n/a 
2023-05-17Ajwbr.jsjs dc0d873178c61dae13dac14d65611d4716e9c28ebfa216e32126dbdd1ac971ben/a Quakbot
2023-05-17Vfpjgozi.jsjs b424e0eb8da96b40e1dfb974dfa426c8c28475a8ac7f51d708a530888876f6c9n/a Quakbot
2023-05-17Qych.jsjs 30efb377638be434ef463608a75e4baaad7a1274b04160e7fa079b7d3bc13c7dn/a Quakbot
2023-05-17Oszjqcwl.jsjs 8e4879a3ddb43f74a41b17f3f199791a799ebee5e9ef3579037c970ccc165503n/a Quakbot
2023-05-17Pcpmt.jsjs b6194b2125dbb39b67ed8e84740115f65e1b16ca94321adc7bae254b718532den/a Quakbot
2023-05-17Hodz.jsjs 1a56627073b2852b665cca82a0e83f61670a02ff21a3643add273e1a1c20f454n/a Quakbot
2023-05-16Ywcnnil.jsjs e935c6b03a75e1574f2c57406aa4b4b6891cec81408742bf48dc7c3c20831575n/a Quakbot
2023-05-16Wzjh.jsjs 1566ec1546356b3b1f7a5d176538d16c55fef034ff693aec0206b214f16492d5n/a Quakbot