URLhaus Database

You are currently viewing the URLhaus database entry for https://torunit.com/ahlr/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635132
URL: https://torunit.com/ahlr/?1
URL Status:Offline
Host: torunit.com
Date added:2023-05-16 22:01:10 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:02:20 UTC to abuse{at}hostgator[dot]com)
Takedown time:1 day, 23 hours, 13 minutes Poor (down since 2023-05-18 21:16:01 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Xpacien.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.73% 
2023-05-18Uhkwzvq.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Xtfjssyb.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Jcxuppxy.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021an/a 
2023-05-18Ogtsh.jsjs 22e7416d854f754fc6daa1c1612f1ee4b0fa6e0ac81b96acc270d7669bad6a70n/a 
2023-05-18Mjsjvs.jsjs 98e65224d86b8f3b2be7f45d6b5bc6711e25eba8a298bf06d24ad94bfa8b2089n/a Quakbot
2023-05-18Fvaunjf.jsjs 321c1a3f14a23d2a9aa660e3c3d41d7c92fbba4788fc20057ac697e402248405n/a Quakbot
2023-05-18Lihrzf.jsjs b9c9809b0db8c089d16e6f9223ed8a4e5c74ac2b18b9f60ffdfb52ab0e82ab9aVirustotal results 32.69% 
2023-05-18Ahbiiwb.jsjs 23fb378ba68beb5c6b1281c46215b56754ce9f89836c50f35b59615c2f79b455Virustotal results 25.42% Quakbot
2023-05-18Accfl.jsjs 3f14bbee3c8ce3a67b5dfc257b5cff8e6f131ed1b17c77a50e705cb44af1c616Virustotal results 22.03% Quakbot
2023-05-18Tlbqeoa.jsjs e50886cba40b1a43e2a678f24566fd07c951a78a554670ec3b2f25a3866d0d57Virustotal results 22.41% Quakbot
2023-05-18Qdvmgrtp.jsjs 3e294b83a7ced7203c04c79e0e2893c636344ba211f59ff49a66d91a93fe3bc4Virustotal results 13.56% Quakbot
2023-05-17Lsilmrzo.jsjs f7bc14c8c137444d5d046f1c1304ca9eb96509ce61adeffaa967dc07f21c17d7n/a Quakbot
2023-05-17Vnifelb.jsjs 2e6fa76c0870d4318d71a8defd95759f831cb88397931327f00478d853bc9525n/a Quakbot
2023-05-17Eedkw.jsjs 7100bd0704b52e63e4581b308b07b43d48da5998a03a3ef43b8e78bf0d855d17Virustotal results 25.42% Quakbot
2023-05-17Tctjy.jsjs 7aabd12a63a4289e6a5f5fc62d866ed2ade8e917a6f2d203bdfd37c0f87ab265n/a Quakbot
2023-05-17Lioaj.jsjs 3cc62e68f657fa870eabb640cd8e651d4ee69a242db9feadeecdbe6a0435ea99n/a Quakbot
2023-05-17Bsnegkyg.jsjs e33a486361f2b596983444fdfcab380bffa678c31788687e1d8fb8e9aed9f6b0Virustotal results 32.20% Quakbot
2023-05-17Cjwlmgm.jsjs 3657123d41437d5c2c4b48b03e14153b367398907ae10d30021c974941a5b64cn/a Quakbot
2023-05-17Rbycrm.jsjs 5058b0ab18a174398413798e655e1f00408418493c371ea109decdfcde2e1608n/a Quakbot
2023-05-17Lcdze.jsjs 59e3c591bc1ce5c8298bb1d0c00a4ffe65c8151cb72b30399a90b742b9b791fdn/a Quakbot
2023-05-17Clda.jsjs d24f133a68f1dff374b59e4cd3d8671d70f76f5b404adcf8f17fac1c9fe282b0n/a 
2023-05-17Aybgspy.jsjs 64147883db20c0ea166f87162244555d393038418749579a2d0e8ebb60a3844cn/a Quakbot
2023-05-17Rqgas.jsjs 43c71e50a5853e8fc09c28f9fea823ccbdcbc9db7049e8ea97377d72a1c7c512n/a Quakbot
2023-05-17Nynk.jsjs 1a7c0b3bce02c4fe7ed99f8ce655a2c0900a8623d380c8701d9ed8e9064b5028n/a Quakbot
2023-05-17Wooq.jsjs 90bf1afb685f3d6872fa3e7457de1b8c0abe3b9fa10af261bb509abec25f6e8fn/a 
2023-05-17Uwcfyy.jsjs 499ed12c94bdce0f00071527b9dc9ab20c76e1d920e3cd4e91d6f59ba0061558n/a Quakbot
2023-05-16Dalf.jsjs 76f6d0ca9d0d22c1df3c3b73aabf010be96c96c906a97bd529b3078fe72529b3n/a