URLhaus Database

You are currently viewing the URLhaus database entry for https://rowlandsreupholstery.co.uk/xcar/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635059
URL: https://rowlandsreupholstery.co.uk/xcar/?1
URL Status:Offline
Host: rowlandsreupholstery.co.uk
Date added:2023-05-16 21:59:13 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:01:31 UTC to abuse{at}godaddy[dot]com)
Takedown time:1 day, 23 hours, 17 minutes Poor (down since 2023-05-18 21:18:35 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Gyyrp.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Pmnjxzqs.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Egopqcp.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Grylpjg.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Jjevhll.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Ulcuvntx.jsjs 9849e8b42c042a6defef61d4480e90c7bd082abf2efffd0dfcf9bb378dcac611n/a 
2023-05-18Cgusz.jsjs 99ad6e2718d4fa53c8b3e7479802548afcde5a374d0563ab49ffb0405d8e435an/a Quakbot
2023-05-18Sjanrbns.jsjs 07d1842292aa2619ebfbb551eff5580fb24f945283f3de4298dc06f9493b6b20n/a 
2023-05-18Svtcjgef.jsjs e2cd2a44ac9c613f289c14a9d30244223f9949818db49dc69c73a5efc442a948Virustotal results 28.57% Quakbot
2023-05-18Habyidi.jsjs fc9e138d576712bb870d465c8c9568c010f3081a0cee5918a906d5f82a1dfa57Virustotal results 16.22% Quakbot
2023-05-18Izhy.jsjs c7350bae160037853cf976ce2975bb3bf2a766449f69080fe67c733cbe18e005n/a Quakbot
2023-05-18Qjnqy.jsjs 34bf72fbc4370971ff89c72391aca2a8a5b37aac3f1cbb8f2ab5480a3df6ae0fVirustotal results 32.20% Quakbot
2023-05-18Lyluxt.jsjs ee8f7825f5b87fbdb90f5bc8eff0cfadc358c64cfca2dcb37acfd398d5b2f201Virustotal results 26.00% Quakbot
2023-05-17Akvgb.jsjs 456c54257858cdc9347b6b71444659a256ae3a000dc1c82298d0fc65ba890687n/a Quakbot
2023-05-17Dahbawie.jsjs 6637cd86cb6d1780d474d49c347f8accc08a24f73ec7d212ecaa591e370d7e1dn/a 
2023-05-17Daksnorf.jsjs f72249d2446e19299c3e74d70064253963b884cc61a402aaa18a78e044f901ecVirustotal results 31.03% Quakbot
2023-05-17Ubnsh.jsjs 287c569bf794a7ec47dcd5f308d39f138b6b4b964ad50c335991038cafd9d476Virustotal results 32.20% Quakbot
2023-05-17Usechnu.jsjs a84a8c5338c73e889cff9d58c510657f8624b8deedf847eef71befacab5ed60eVirustotal results 20.00% Quakbot
2023-05-17Irpfminb.jsjs bf6a2013ee6092e2d291a06d2f69e617b318a1e842a0d559b91fa1b8f8ea1a1dn/a Quakbot
2023-05-17Kttfpygx.jsjs 19f01a32bff6fe9b165ef850e438aa1e9f6ca0de31dcfa4ad489b61367cab1e2n/a 
2023-05-17Nqqznz.jsjs 92876a6e49420e7cda7ed480a24c6327d427315e8823bb7ad2d6f4ecc3333258n/a 
2023-05-17Vvvwcn.jsjs 5e2aecf63d1a365d83ddee68ed6c62316ad1b5507f6d542d95af3ff606b8dc5fn/a Quakbot
2023-05-17Uxppmppy.jsjs 1c3f528c40d0bb72dd483339fc60c965184c5d7d6491528590036f84d60bb780n/a Quakbot
2023-05-17Kwpnvw.jsjs 7204c812821c62d16649685ada2e2cce5db1892db1e84c82cff6378c1a0e34a6n/a Quakbot
2023-05-17Jxgiuen.jsjs abcab637ce65d69a1e88cda9c11ab050404389fabcca9b0c4f82b8b08901faebn/a Quakbot
2023-05-17Gxuqlc.jsjs f7939a9a21f8ea851d64ea28e396431efef0a20987c4d1a9bcffa93913c0f917n/a Quakbot
2023-05-17Wfthoph.jsjs f82e33eed2aa95dda34952d0a67b3d3f45dd5c712db9007e8d767abcf73bbc8bn/a Quakbot
2023-05-16Qtqhcnq.jsjs 8b1f4561a35f8fbb1dc80a66c2e12bdfed301b907223009d0bbb330457951a28n/a Quakbot
2023-05-16Ukns.jsjs bf93c46d7e8fffa8950af97fc008f176fccaedf89020fbfc2ecededaec56c412n/a