URLhaus Database

You are currently viewing the URLhaus database entry for https://sumberuang88.com/auq/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635139
URL: https://sumberuang88.com/auq/?1
URL Status:Offline
Host: sumberuang88.com
Date added:2023-05-16 22:01:11 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-17 15:28:08 UTC to abuse{at}cloudflare[dot]com)
Takedown time:1 day, 23 hours, 6 minutes Poor (down since 2023-05-18 21:09:40 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Usxoxmv.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Zlfmn.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dn/a 
2023-05-18Mvzmnq.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcn/a
2023-05-18Irjni.jsjs 5526b208f51ee2b6adbf6b588401d5c1e058973988c16897fef27cdf25f2a51an/a Quakbot
2023-05-18Aalug.jsjs f2a2ace114103a041e79ed5165b96ac32d3595aaa0c8f1ff92533be7728179a4n/a 
2023-05-18Frht.jsjs 134b8da7c15c769cdda57799cf4c8b3e35b0937c9709e7c8e13783183ec10341n/a Quakbot
2023-05-18Hokybgf.jsjs 5cf5a460458dbbeb9dc56a1055cc11cf9105c55fae9b828a1884c3899001033eVirustotal results 22.64% 
2023-05-18Ilqscf.jsjs bb118ed7175733d7b31163818a3948e5e35d0e3ab3627a549e93cf6afa196585Virustotal results 29.31% 
2023-05-18Wbhb.jsjs 2b2ddaf766a72a62c3247e520317d64f6b32231d8802b99b861cdbcd872a7ef0Virustotal results 27.12% Quakbot
2023-05-18Kuym.jsjs 4fd5f473b0f97c7dcf4a244234c780051bb0e3c316acbb18b7f959a6663c9454Virustotal results 22.41% 
2023-05-17Ccsq.jsjs 3f2b1d4fe71004830b3afc87d735391d7ff0033d3264baf0b9b84903c52c16f4Virustotal results 30.51% 
2023-05-17Aine.jsjs 860e36fc5c8d21dbe486debbb3dc78ef1409446eb46d7c84b937f01cd3075364Virustotal results 29.31% 
2023-05-17Flvmxm.jsjs 7524d906b4d42ae7fd1e5e15cb503e8b54fdc1afa702a0b4e4c5f1d6f99edd1bVirustotal results 30.51% Quakbot
2023-05-17Qcfdthzw.jsjs b1580417444140f2311d1f0098c4af6163f27ee7fc99281c6c6904870fdd88e3Virustotal results 27.12% Quakbot
2023-05-17Siagv.jsjs 4c15dba778afb1200f2c6d840c81c397c3fa416e7e47b19d01800000c0ce6f82n/a Quakbot
2023-05-17Ayvrw.jsjs 04b3f1f116a7708cdedfe0d8666eb67090ed3a68f9536288919107e395a0fef9Virustotal results 27.12% Quakbot
2023-05-17Rycjbkts.jsjs 2878ea27fb0bf41510c5a442c350ea2d31a71ee4c1532dcabf74f79b9aa1b3f4Virustotal results 28.81% Quakbot
2023-05-17Mibpdo.jsjs c5b4c29787160ccb71f79ff6637aeac99008ef606c71a4b14629e1281f03f74an/a 
2023-05-17Ciooyg.jsjs 941c4e06ed18c6a5bb923e508b8c9d274ba7d8fafb8ad2d750adbb4769ca59den/a 
2023-05-17Mgss.jsjs 5f2fd0ca5252a1fa923f53ac18a9c6e076a56f51c25ebbf428a9ef58d363efc8n/a Quakbot
2023-05-17Fbaaxn.jsjs 69c8859d6838c806b045dd8ba2e7c40c0c730bbc47ce265d255107c755b814c2n/a Quakbot
2023-05-17Nukvxx.jsjs 41f992703092157dbcf96c0ac51ab489441b84274eaf703fa8f56002d62bba65n/a Quakbot
2023-05-17Ntaru.jsjs b18fd2d7cb79afe05239c7a13712c3d5cc66ec7af63866054983f7bb9f3e20f2n/a Quakbot
2023-05-17Vzfhe.jsjs 1b1af02d91e4b5d8433bd029f0477b1bcbf48d718b79bb7145c5e1ac97e76ab1n/a Quakbot
2023-05-16Dmmi.jsjs 238cb8387bd2b57a73072a411c79b2d2076635d8ec1af180e8ec10fcd06c2e90n/a Quakbot
2023-05-16Nozbavom.jsjs c49daedc6f531b9d4afc6bab624e582b8b92954ce7d21c77718d96b64c253511n/a Quakbot