URLhaus Database

You are currently viewing the URLhaus database entry for https://strategynarrative.com/iis/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635069
URL: https://strategynarrative.com/iis/?1
URL Status:Offline
Host: strategynarrative.com
Date added:2023-05-16 22:00:09 UTC
Last online:2023-05-17 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 23:15:10 UTC to abuse{at}cloudflare[dot]com)
Takedown time:1 day, 22 hours, 27 minutes Poor (down since 2023-05-18 21:42:15 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Kkirnel.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Zyos.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Vkgizz.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Kavhpe.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.73% 
2023-05-18Uxsdf.jsjs fe38571546fce56178ef24eac652a6bdb02adb17817e8381824c1e1039b5f642n/a Quakbot
2023-05-18Vmim.jsjs e29a41a9d60625c8b7ab2e66896cd279af26a9abe095095e8f71d39a518717dbn/a 
2023-05-18Axdk.jsjs 66718c6f0ac9419d7f5bb30cef5272328e503b226e7ee6157072e26782f6421fVirustotal results 16.67% Quakbot
2023-05-18Nfqj.jsjs 2d4fa148f948ad83cb6ea9d45930d0384b699b8dad0de5e48214d4fcd895cad5Virustotal results 28.81% Quakbot
2023-05-18Czwfgkbo.jsjs 75aba79d300dca2a11da16879bf5c0fd15d388a5926381550db24144937b72fan/a Quakbot
2023-05-18Ywxltuij.jsjs 83743f2158c1cfe6f65635d6a1c2aeec71545802940ab5e083fa9d3a98d650aan/a Quakbot
2023-05-18Hayrg.jsjs 9898858b1809b1511e09fbef76498bfa2d39365eb70958ac81ba4a0263c6e209n/a Quakbot
2023-05-18Vzagoljv.jsjs d772a62298f946a1a964db9c0e6aa23473d6590e013fb3056502ad74b75a046fn/a Quakbot
2023-05-18Xfdrxvi.jsjs b5992b77eea93b7005e9637b010d0dd51ae9310c87bea9dc6eb4610e2826d1ebVirustotal results 24.14% Quakbot
2023-05-17Dpsf.jsjs ad9d5d545cd208607067a384f752e68873813a4863a25840901805e6778a5f43n/a 
2023-05-17Cnsdw.jsjs c6a62ee43c36edd934b0aecf8cca18487dbc8612228decd3f37357b043e4e85dVirustotal results 24.14% Quakbot
2023-05-17Rvebi.jsjs a74b08fd8574636c900a77d9d50f0c7d91b058b6a82d501d33a366e1e7c3d343Virustotal results 25.42% Quakbot
2023-05-17Wfrj.jsjs 6c2bc2e984886cdc84fd988cc8504fd8737f22afe09cd972d52344c526d16d5bVirustotal results 30.51% Quakbot
2023-05-17Suvq.jsjs 1518f10a4a3e1bb0772544083dd21336675b9248d73c59f8dd75068406de1474n/a Quakbot
2023-05-17Zerjwgvu.jsjs 9a649ac76d537c5f4ceb023745e2fcb3a6ed8443c46ac1f2dbd7da98f0487deen/a 
2023-05-17Indkr.jsjs 72650299927c8a4512d60b0cd0ec50b2eb522d4a0fa47417dd4ae67fffc49efcn/a Quakbot
2023-05-17Oxjwu.jsjs e0693cd72383a9529e2887daf3f4d1613cd47744c46974b9d6e7c5a7f04dd32bn/a Quakbot
2023-05-17Visgeto.jsjs 1366d8ca781b8199fbf636a354a721c54f2565f3c21840db9ea0b5da802b61d6n/a Quakbot
2023-05-17Ttacxwy.jsjs 46815aa956efe4a264c0ad00569e993bdba6b59f1fa303ea0dd2bd1007321851n/a 
2023-05-17Jxryju.jsjs 035e951532ff6371671ab7829c081898ae11893b93e895d8f5b0bc0fef621c76n/a Quakbot
2023-05-17Atuwhrlu.jsjs 8bb93befb9b9bd227f984851451b72b869a70d112d288057caf7a0248b66a90fn/a Quakbot
2023-05-16Wyyznztd.jsjs 65cd2ca93d77840fc6c6f26fcd7550b5b9eaee6217a4ee049a70106be64ac9d0n/a Quakbot