URLhaus Database

You are currently viewing the URLhaus database entry for https://torunit.com/eaum/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635124
URL: https://torunit.com/eaum/?1
URL Status:Offline
Host: torunit.com
Date added:2023-05-16 22:01:09 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:02:20 UTC to abuse{at}hostgator[dot]com)
Takedown time:2 days, 0 hours, 41 minutes Poor (down since 2023-05-18 22:43:31 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Yykvqw.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Aygsi.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Xnconjk.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Jwurjjy.jsjs 0d03621d16d16fb6d97999fe283bcda0761c8c65a2e8e27367b275b6d477ae79n/a 
2023-05-18Fcdts.jsjs 6d5e3d77360658771bba4d35e8dd94a77d30f33a7c30ab86b66e271b54d2a638Virustotal results 20.69% Quakbot
2023-05-18Hnzjj.jsjs fd0ca1aeb929c31a64a1ec9c5027c0c2c644161a6fe7faacf6ea8ec30ca8806an/a Quakbot
2023-05-18Gmwd.jsjs 42c81982e5f4b734f8ff57da5bebf9b6d8f79c468dd97a2b69b831657bbc8258Virustotal results 32.20% Quakbot
2023-05-18Yfdka.jsjs b896df419a5e1ac8fe67ede2b9594d6252e8dbf87ef64fd093ceacc52a84798fVirustotal results 24.14% Quakbot
2023-05-18Mvmdvp.jsjs d67719607166b2f101544e674067b1d8a66a134620ce0e19794356da09e033ebn/a Quakbot
2023-05-18Hdocwyvb.jsjs f5aa3695ae64a4d74e1b05d3df7788674c2071ec3266a262521991149f02fc95Virustotal results 16.95% Quakbot
2023-05-18Lxyx.jsjs 4aa5d2a8e1f14eda407f7f6020bae48610ad7ecca61519bca8d513c840e454dfVirustotal results 24.56% Quakbot
2023-05-18Betafq.jsjs 9aa3958dd376fcd792957165b53999bc05bdb411a0ea61e30b7787e1a7cdfbf0n/a Quakbot
2023-05-18Fxghlpkg.jsjs 97961abc6b3628852a890d9f074e8095b28bd2f9f186169b33981286e6f0529cn/a Quakbot
2023-05-17Iyaiks.jsjs c936abc12d461d92641e807274f5df2fb3c02f2e568920845092ed9547299bafVirustotal results 8.47% 
2023-05-17Uhuwjlva.jsjs 53b3144d6c4d4163d5317d32d6bfcc11069a721edc167234c3599a6e2aae5274Virustotal results 25.42% Quakbot
2023-05-17Cypxlz.jsjs a45416e3d9aa47760feeee7375be42c3748b04b0d9c6c573bf4db2cfa07929b5n/a 
2023-05-17Rdeakses.jsjs c9405181760bf1482ac0fcca4034002716ef5a48bacdfd80e3cb5353db6fff56Virustotal results 25.86% Quakbot
2023-05-17Imwbrrse.jsjs 0259d5d40b143ebaaf60af05f38a325f660c922eb6201a18e664d949c3be13a3n/a Quakbot
2023-05-17Vsnhgbau.jsjs 50ebb94dd22b6d976b5ec46e2aaa6756dd807058f1a4fe1497d72c4a355b3c2dVirustotal results 25.42% 
2023-05-17Yaqivxr.jsjs 9487aeedb7473998494f4a53f02cd176e21f14043b6e2e75cff9016c277d0c0en/a Quakbot
2023-05-17Geamu.jsjs 810ada1d42f67452a00b5ac007636e097f2cf12b8c0fd0d88bd798d30a09a5b2n/a Quakbot
2023-05-17Wnvtgkde.jsjs 3ed3359f37f8fe5a4f18b8230b9b7842c03fc9b3d1b45d316bee32f98f3b72a0n/a 
2023-05-17Xvjp.jsjs 59b1cd9833eae0d94ab69944e98c906e2988bce694b2348f90456dc007e6a0c6n/a Quakbot
2023-05-17Mztz.jsjs c8cb289a94ecdbbf7b0f5dbd93de916b4bf77fcc8467803b4ddaea974887650cn/a Quakbot
2023-05-17Xtnx.jsjs 4a9cf998eebc867d0bc5a7d2a18cb9943865cea46356a0a29685f7c9ff5383fen/a Quakbot
2023-05-17Vhxghp.jsjs 60730d1ff0b08580d6e61ccb356420bb4717cf0983a05b6f242562fbba72d647n/a 
2023-05-16Bcdwpcw.jsjs aec392369317ade0e71a7abad73df61e74fb799f4ae732261362bfc4af1230fdn/a Quakbot
2023-05-16Fnomofej.jsjs c06b4e7282f069a0ae47afc56d54195460fe5f0c15197441c13f5f5b73d2e334n/a Quakbot