URLhaus Database

You are currently viewing the URLhaus database entry for https://sendasa.org/rtba/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635076
URL: https://sendasa.org/rtba/?1
URL Status:Offline
Host: sendasa.org
Date added:2023-05-16 22:00:11 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:01:44 UTC to abuse{at}hostgator[dot]com)
Takedown time:1 day, 23 hours, 15 minutes Poor (down since 2023-05-18 21:16:53 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Fqner.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Ajklrws.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Mhjvlg.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Mdkee.jsjs 56b0340dbe9149436b391d2aa66af956f9dfc12adda70464c736a52d24538be0n/a 
2023-05-18Mmzvl.jsjs 3fddbe5cee0b2b8ebbfc9637b8f112873fa786d04365ec85c4ff1f3ef1962ce2Virustotal results 23.73% Quakbot
2023-05-18Vhcmm.jsjs 023250d4f9af49d2f7968647280c712aff55b6146a5a06b7b302bab288a405baVirustotal results 29.31% Quakbot
2023-05-18Tpwvmsy.jsjs c7350bae160037853cf976ce2975bb3bf2a766449f69080fe67c733cbe18e005n/a Quakbot
2023-05-18Fkzpued.jsjs 0c002b88627f5df1e7415950b066ddc51bf3e0f4f3ef5a2b01a266b2c4282ee1n/a 
2023-05-18Acmin.jsjs 26e8f5245d3928df93af31946f3ff6dcf2291861ef4835e6b23e145cfcf9f8d5n/a 
2023-05-18Hvsvzqps.jsjs 9e158a8d22dc98e3ae057267f1f3abc2cabc910f829c052269762460d602479aVirustotal results 25.86% Quakbot
2023-05-18Xilkim.jsjs abae955795961dc369ba3d41196f2f4238001efcff8a2dc429ababf4821ca7f5Virustotal results 22.41%
2023-05-18Ywrglw.jsjs ba7f993248a05baa4fc8af51ce3e8f89889e817065c4b964cb37bfc088ae75d1n/a Quakbot
2023-05-17Aaejnmup.jsjs 5eecbea9208745932f291b3156e7036997e4b1e93f7bb53a270cae7c125aa079n/a Quakbot
2023-05-17Rerc.jsjs f32e1256022a37c93429f2df0c87540583119ca913c038a1bce835786a3891a9Virustotal results 27.12% Quakbot
2023-05-17Hvyyay.jsjs 749721b74088db119de7bccbe5cea0c9486f42bb570461ff262c5ed324b4ca16n/a 
2023-05-17Qbqw.jsjs c7f9d6c56a28ecc44744a1c617778af39179d5869bca0ccd518016eae401078en/a Quakbot
2023-05-17Ifzghv.jsjs becfbdbbd5a9cfbb918940eafdd8f586133d77eb11bfc5dac1f96e7787abfd65Virustotal results 22.81% Quakbot
2023-05-17Zqtqpqr.jsjs 8b2b3c3498bea970b5883a908b36e4437b9809a010cf2df44004264d33d66dbdn/a Quakbot
2023-05-17Wtpq.jsjs 4fc44d998f2dd5c9dd8a2b1113af13a124201f3cd8b1f55511976b52294ef5e7n/a Quakbot
2023-05-17Vvka.jsjs 96cd8fbdf6ab7a72b6e7cac7032f18f0db86370c7b0995d9b7346c98b5488bc2n/a Quakbot
2023-05-17Hozoqcli.jsjs 3e5b12dc50ac08d76621243e8c74793dec4d4489503c849a2eca2309b8a24ce2n/a Quakbot
2023-05-17Rcekr.jsjs 55ba17c306ac63d31afc7430b3e63e707a36fe338952a9048ad5c4262ac433b9n/a Quakbot
2023-05-17Urqe.jsjs ed29c42929e2a8eb00eef6250696d76bc6996b5a2640c5d82d88d1dcd08a6dedn/a Quakbot
2023-05-17Umyogoc.jsjs 36136c821242367603134d56c91d7f1118f577f289abc210a253417c70494f00n/a Quakbot
2023-05-17Lrvdjsgr.jsjs ccabebb537082013aa34fdb5ca439966bfd1100f44c9e5384ef9b15116f8b784n/a Quakbot
2023-05-17Zzod.jsjs 3d3063c5d603f29cfe4e52be1756d356d8ff589ed6997f9f473a98ee13fc7030n/a Quakbot
2023-05-17Nhpalyiz.jsjs 24859ef46bcec738d5d5a7900db427db2aa3c92f382fe03cc0adc8cb2d4f0c06n/a Quakbot
2023-05-16Xvkr.jsjs 8c3893dae2669b97edc9a5c94eda775a437ffdd254ee25d82bd861b38dad1d0bn/a Quakbot