URLhaus Database

You are currently viewing the URLhaus database entry for https://trade-bull.net/avae/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635112
URL: https://trade-bull.net/avae/?1
URL Status:Offline
Host: trade-bull.net
Date added:2023-05-16 22:01:05 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:02:09 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:1 day, 22 hours, 58 minutes Poor (down since 2023-05-18 21:00:54 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Rjiuvcx.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Otijljpz.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Oawhiq.jsjs 4227bd58882d1232ff477c5ab47a078c24b7804e3a142686a74473a6cf4ca56cn/a 
2023-05-18Pmapcn.jsjs 8c2547beb9fb406c4a16f82f423ebe7c1ad3223e438fa0b061c7cc13133a635an/a Quakbot
2023-05-18Mvoogarm.jsjs 9d4e35c32d73270df3c5bf64cd693e2933e614075af8f15eeacb3fcd142f8ceeVirustotal results 28.81% Quakbot
2023-05-18Bckthyvd.jsjs 3b3714312b9a47880e50308268338b4ce72011e082b2bb4bd94f2fbe7f738e56Virustotal results 15.38% Quakbot
2023-05-18Joihgfd.jsjs 285384a5ccf94492475a9af926ddb24dc621f5b0f19df79f8ed7366ca130d544n/a Quakbot
2023-05-18Pikqmg.jsjs a0220d487566d1243b11c30ea5d37349418d84e8f6eb6013e0792aa4b11236c6n/a Quakbot
2023-05-18Ncda.jsjs 89ddd75a9d671f30070d8ed74468e507a72e5ca5699855296beb959dae2b71b3Virustotal results 11.86% Quakbot
2023-05-18Ssznbsp.jsjs 714d6297effa9020249e19940853d50dcb2ba31d5301a716f34ddf73f9a58bf1Virustotal results 28.81% Quakbot
2023-05-18Hipt.jsjs 093f4994d50fb15a657ced4731d4109a45ae410dbe91554d201d3ad2c44501acn/a 
2023-05-17Omnqw.jsjs c56be3ec9c7d01ede485ea9edabc332ef3aa01f6ab679c4eb6231e1db79db675Virustotal results 23.73% Quakbot
2023-05-17Gruvrf.jsjs 5c57b539392768e2e9e8490f11f6528d81875b4aae44e11319d0a94af50b1f00n/a Quakbot
2023-05-17Esdhxgm.jsjs ca3503a47ca92c4d7ffd385bf6501e373e48cae6b42c99b3a1d08f7478278c12n/a Quakbot
2023-05-17Qbzcqpja.jsjs 23c7e26757364f19557ee494d86b6dfc1c19e076aee18974a5443ce434459b22Virustotal results 23.73% Quakbot
2023-05-17Eczmmamg.jsjs 72b50fe52615ed2facfe5a1517ed75f7ba6d2d98e26968645dd646186fa5fef9Virustotal results 24.14% Quakbot
2023-05-17Fiqn.jsjs c7350bae160037853cf976ce2975bb3bf2a766449f69080fe67c733cbe18e005n/a Quakbot
2023-05-17Uoncak.jsjs 5002cf2a22a794f451347414eae921d359f14704e2fc3491ec70ae29266a6ea6n/a Quakbot
2023-05-17Dhxrr.jsjs 06e4ece86f7d3553395a9c9f7754e6905c3a596c1a863bae5e225fc3453b8d0cn/a Quakbot
2023-05-17Ateb.jsjs f6641f4f0aa7754b049f8818671e0eddc6b8712147897a06dc6d36046ef2e730n/a Quakbot
2023-05-17Kpvbd.jsjs 5725eb6524f780e65d76f29e331c9ad732f9d67ca34b4e2c0bdcf228e39a6559n/a Quakbot
2023-05-17Gqpro.jsjs a974e31c226dbb00890c85e63b9dd8005a160b1877e51aa47c7556047944f0d3n/a 
2023-05-17Lpptbck.jsjs ad9058474299e16a03a2cbadbaffa7847b3260662de2d865698dc8a38fb0d974n/a Quakbot
2023-05-17Swxjfzvv.jsjs 8b3040a38920a1f91c3b8671f80273a39b5d24c754f425d2940fd6c81981ca26n/a Quakbot
2023-05-17Ppnrm.jsjs c4e6cde2fd80adc291efcbce0d491e7ad59b9ba7cf647b069e218c5f450c2ad7n/a Quakbot
2023-05-16Ztim.jsjs 6a5d5be9a0d5e3e6587495ccc3abd585f2ca817aa3d06f0be816d29f5cc8efa6n/a