URLhaus Database

You are currently viewing the URLhaus database entry for https://seodayton.com/nii/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635083
URL: https://seodayton.com/nii/?1
URL Status:Offline
Host: seodayton.com
Date added:2023-05-16 22:00:12 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:01:50 UTC to abuse{at}hostgator[dot]com)
Takedown time:1 day, 23 hours, 12 minutes Poor (down since 2023-05-18 21:14:42 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Pcekgj.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Eeuo.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Llihcky.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8n/a 
2023-05-18Jdngyr.jsjs 3fe82998dbbd1b56d6f2bf670fec8d276ac794d97facd50002a2cae0c1f41b02n/a Quakbot
2023-05-18Budcysk.jsjs 6da4a8bacb02c6d1b3251c5978545168c0712fb14b5ec2731a867b73a3daeacan/a Quakbot
2023-05-18Aeefms.jsjs 0e3f95cec4063907bf68a435963ea684b5f9bbcbdd4ac6337048ae70087a81fdn/a Quakbot
2023-05-18Cujq.jsjs 2936b6742f1d05f0f4625a1582b4bb5e44cf16340984eb0eaf2118709e5f7933Virustotal results 30.00% 
2023-05-18Fifnmzva.jsjs 3e294b83a7ced7203c04c79e0e2893c636344ba211f59ff49a66d91a93fe3bc4Virustotal results 13.56% Quakbot
2023-05-18Roelapyx.jsjs 906e50a48250213ff6fa64b72219e204e4f47e919757a5b1214a5e7682a44da1n/a 
2023-05-18Eshchzh.jsjs f91b22ef75c62115177abfa54ffc898319098f3de31ddf0b2a964dae96c3b376n/a Quakbot
2023-05-18Nxnr.jsjs 8496ebcccb2676a1fb21ed0fdf36c320fabcf9036d275af7acc025b0182e7963n/a Quakbot
2023-05-17Frti.jsjs 9d4e35c32d73270df3c5bf64cd693e2933e614075af8f15eeacb3fcd142f8ceeVirustotal results 28.81% Quakbot
2023-05-17Qadtbus.jsjs 4765e3f8945205cf00c99d49497f3f90e74523fec9fdbd0bf9ea1f6163c07512n/a Quakbot
2023-05-17Tkeewtro.jsjs 66a44d6ecc0bff8550c4f8fd93b40851e019bac6297339dd180d268ed9bba451n/a 
2023-05-17Qtewmpsg.jsjs def1eebe55f3bc428d1f39ef2f6c7d61a64a48dcc71389a348eefbb797e07653n/a 
2023-05-17Ququygu.jsjs 8b5a063138d39c424fbf7ce7022dc972afa3c2df792b3a030272c1c77490dc96n/a Quakbot
2023-05-17Eolzvjop.jsjs c2b560cbbb7dc30cad06a2a6b715f07591269b172bde5101a639fbb04e4dd9cfVirustotal results 27.12% 
2023-05-17Qphnc.jsjs 79126f299d6fa3d58aff457d118ab11356537345d798c52cf1849567bbd9156dn/a Quakbot
2023-05-17Bfsa.jsjs c6acb46e483e7792474a50acd3a7ad70626f538da57050c7153b3061376b4f02n/a Quakbot
2023-05-17Zjfmq.jsjs a93143a705ea2361a8b721b2283ac9ad4c098605247a49996415880261eb277dn/a 
2023-05-17Uvte.jsjs ca63f6c43eeef53cac2fee6ccaded5dcbfa96469137405169469f1ebc8cbf368n/a Quakbot
2023-05-17Fncab.jsjs 8475abeda70147c009ab0880d87b6c8967542b9653fb575cc525d970bcb7703fn/a Quakbot
2023-05-17Edrqfs.jsjs 85d925c6cf38b8d0b0df5bc1f4ae695b64f968ed3012e31e5e0d95e046537bf1n/a Quakbot
2023-05-17Eodhdvr.jsjs f0bcbbd958b45841925ecd87d4b1260c7104dbf2bdbb69c121c760dd967ab1acn/a 
2023-05-17Rzmmlny.jsjs 66d5ed5c6229671210a1037c76369110e67fd57b83d298cbc7f9b9e263d54129n/a Quakbot
2023-05-17Iwwjl.jsjs 1cb7dc90b52ff9e9740669856fd9368639abdf55366a151301b430f431571cabn/a Quakbot
2023-05-16Kpxovc.jsjs cb729c0392cb9a73e51744e3170da6380e32b1d05c52a2c1025c41b85ef3b49dn/a Quakbot