URLhaus Database

You are currently viewing the URLhaus database entry for https://pelzhub.com/aa/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635057
URL: https://pelzhub.com/aa/?1
URL Status:Offline
Host: pelzhub.com
Date added:2023-05-16 21:59:11 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:01:30 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:1 day, 22 hours, 58 minutes Poor (down since 2023-05-18 21:00:27 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Njvcq.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Wvle.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Ayqkp.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Oshb.jsjs 28ac57f81ef6bea38802e3476bbb409a174b5ed2bba16b9cf1199a882f8e6e9en/a 
2023-05-18Hlwe.jsjs b4bbe3eb6f77c745b1c296728e15c69c6b766df2aa51d6d745ce4e5fee415e06n/a 
2023-05-18Azojz.jsjs a4d5af2c7491cf9e8c6fc213f49572749af1f591ad0e453bfc3770dd17d884dfVirustotal results 17.24% Quakbot
2023-05-18Rornl.jsjs 83a6906128b93fb8777e46c5a7c736321ce2cabe58ece643b53dd9884a1c6c77n/a Quakbot
2023-05-18Zajxwtvr.jsjs 2b2ddaf766a72a62c3247e520317d64f6b32231d8802b99b861cdbcd872a7ef0Virustotal results 27.12% Quakbot
2023-05-18Rtrei.jsjs 029b6f2d9cfb0a2a335c9b9377c1dac9e71206e55f6f82c7d3c0e2edceb9b734n/a 
2023-05-18Fpezjuh.jsjs 68e8f2f3d6612aa52ea6f93813be80d9984f0626bfb504047a29018c7e7748a5Virustotal results 27.12% Quakbot
2023-05-18Rprqgx.jsjs 1daf295e083f68a10f9527a63f47ad20185bc445825bbe8e6b92086996eeac2eVirustotal results 29.31% Quakbot
2023-05-18Xiuaczz.jsjs ad9d5d545cd208607067a384f752e68873813a4863a25840901805e6778a5f43n/a 
2023-05-18Hjulx.jsjs 2177d925f10e2cd3a5d175b8e14d8faa7413f6cd18da6fc7832edca35cdb5aadVirustotal results 25.42% 
2023-05-17Tnhtiyte.jsjs 9f83e5346339db98db754ee60a6d9de3db2ecaf650f4590c2a11ad9e484c46a2n/a Quakbot
2023-05-17Rwfvltmi.jsjs 2805dc9f718f68c7daf0cae2b00b6ed8bd0a6e3a957fcf340055a17cc4ef7ef9n/a GuLoader
2023-05-17Nmggug.jsjs 724461f309ab96d511ced805b91951db475a6c036216777c4f4570a3ce7fbac5n/a Quakbot
2023-05-17Qcxisrfh.jsjs 32710b418e9ddc449d0548590b62ac23975ad6efba53cc55cb1551326e182cb9Virustotal results 30.36% Quakbot
2023-05-17Rkgktgyl.jsjs bcf9e05bff1a4453dbe187a142eddb6857e41bbaf3869f7ddc598b6ddca0d276Virustotal results 26.32% 
2023-05-17Cepaqrbb.jsjs efc10c85b0f60f774980c7250e0358ab61ded2a4d2f8fed854bf14d05af6908en/a Quakbot
2023-05-17Nytjaacg.jsjs b45fa98328f6170801cd88be88f4ac670f2266e2ed383e78f37fdd5d860dc695n/a Quakbot
2023-05-17Jagrnqj.jsjs 576d80e7bad2be3b3f4ddb0ccbe067bceabbc990bb96e11007cc74c2d6ad7bean/a Quakbot
2023-05-17Viskh.jsjs 1758bcde35bbba134fda3bad605e1a6cfa6fc0b1f81d4f13553a3cab5b35b7b8n/a Quakbot
2023-05-17Mohmmqz.jsjs eea9bb0ee0c14e53961b503991e2a8022c07a51c35a6f908c191d4ace5a3bbe6n/a Quakbot
2023-05-17Pqauzfym.jsjs db8a8b5e001479b117f208de904d2fefd4922421ac1a1cd7df221497fd50ef2en/a Quakbot
2023-05-17Zgzwjk.jsjs e73a2658268b31b26b5cc4c663b8ffae7ec73f3af1e3a3eb0549b6f185cc5b6dn/a Quakbot
2023-05-17Cqvq.jsjs 6736e8041df54c7efe8e1f2ab981f468fa0283b1008f997e8aca2639079c9ce2n/a Quakbot
2023-05-17Dszpsc.jsjs c06027fd1528ae928245f1e1fbd0f8620d664998b77dac54de11c667aabc08fan/a Quakbot
2023-05-16Hlrqnn.jsjs f13c7d168e368c0c42ce95355d02fb4f6dd2ae2abcb9352c39fb49da9b69fd77n/a Quakbot