URLhaus Database

You are currently viewing the URLhaus database entry for https://ukecpakistan.com/xuio/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635147
URL: https://ukecpakistan.com/xuio/?1
URL Status:Offline
Host: ukecpakistan.com
Date added:2023-05-16 22:01:13 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:03:19 UTC to abuse{at}godaddy[dot]com)
Takedown time:1 day, 23 hours, 10 minutes Poor (down since 2023-05-18 21:14:03 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Vtpdgdzs.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Hkipbh.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Hfpjn.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Sfrdstn.jsjs fae629814f35347be8a9c27137a0647d8595c12c56f0a56c838b3af38436c27dn/a 
2023-05-18Zclppcsb.jsjs 35c35c65a46137ab025bfda60be1ea1c10a10b9cae6e337415b9c7b2ebd3df3en/a Quakbot
2023-05-18Ldnkntb.jsjs 02caaf8685c239c1d2e1a5e8440a7c9b39c4b12921ba12cfce6caf0214ea2df6Virustotal results 15.25% Quakbot
2023-05-18Hwzqpi.jsjs 9e158a8d22dc98e3ae057267f1f3abc2cabc910f829c052269762460d602479aVirustotal results 25.86% Quakbot
2023-05-18Mwxo.jsjs ac2f114a6bac8df9444849169360217c9656b866153cfc42dc444cbc6b7b6e35Virustotal results 15.25% Quakbot
2023-05-18Gbtlw.jsjs 6b01b5522683c655f6e33fc4ecfa2ef55bae886a543ba306b61dd976a892fe96n/a 
2023-05-18Sswbkufo.jsjs 07b159de000e3d081a5de88077364dcaec1eff528f38b286c7ba65059429853bn/a Quakbot
2023-05-18Aqtokeuj.jsjs 16c00ed1c4eea2fca24d5ac64106a0261dfc36eb8ff64471f024d0f95efd140an/a Quakbot
2023-05-17Xtjwgd.jsjs 5195290a6bfe72d1709c08345d0210181ab60e363339796ef44c05a17d9c03dan/a 
2023-05-17Xgpfnkz.jsjs 7ef24e8dba41a6e1f91b0d04f772ccc6300b92293dcb30726bd5052c1e2ccca0n/a Quakbot
2023-05-17Gqdn.jsjs da4bf3b68417dffef143d4e6c343ee8adb0fc59559ccca0c4ba48cd6e3e1e5f8Virustotal results 25.42% Quakbot
2023-05-17Hurmrthn.jsjs cc1399eba326d79dc397363937989a81822144dc05e184cd6d904bbf2617e9f7Virustotal results 22.41% Quakbot
2023-05-17Egjck.jsjs c3b7288bc652fda94fb09ac95870f66d2e355b6637b09d5c9fd1b7d64d660a52Virustotal results 25.86% 
2023-05-17Fmelyg.jsjs 8deae0dc00f63d06da4b8491f06c909682b192af1c7ae4467703241c34a509ebn/a Quakbot
2023-05-17Uelj.jsjs 16cf6bcb57e5b6fbd88357c73a7c2e1fea2c60e1facf1122d4f6d9ef672f908cn/a Quakbot
2023-05-17Vsunieqd.jsjs c9405181760bf1482ac0fcca4034002716ef5a48bacdfd80e3cb5353db6fff56n/a Quakbot
2023-05-17Fjgqs.jsjs 50e398401e07db5cf5c2cd097fd86d0808fe2e95fbbb1a0348017308381fa774n/a 
2023-05-17Kuvarekz.jsjs 462849dbc3fdd22f01db34fe1e611020e29dd3b214f4fcd5d3708bee1f1a17b6n/a Quakbot
2023-05-17Cebqs.jsjs c43df493a1c3f99caae794ef04fc5e77f52374d44a5c8cdd13b89b17714943a5n/a Quakbot
2023-05-17Xhdc.jsjs 6271b6d7cdb4a9659fe8703351463072f1b69bd028235431ffd21109e3a91163n/a Quakbot
2023-05-17Lndn.jsjs 08e2ac73d2f62837290f351984fd4f2fd5f8dd5185e3ac9228e814f5b3afb843n/a Quakbot
2023-05-17Uijsxs.jsjs 4c3d6685c2c25dc6d244c0ee834857ee99406edf381bfc43316db505a69be5a1n/a Quakbot
2023-05-16Qshvgqa.jsjs c07dfbc8eeffd1d67c6a0e55241d85bf7fbe0174176c54cc592652ec38b8411cn/a