URLhaus Database

You are currently viewing the URLhaus database entry for https://thetuxedoshoppe.com/itlu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635153
URL: https://thetuxedoshoppe.com/itlu/?1
URL Status:Offline
Host: thetuxedoshoppe.com
Date added:2023-05-16 22:01:17 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:03:25 UTC to abuse{at}bluehost[dot]com)
Takedown time:2 days, 0 hours, 44 minutes Poor (down since 2023-05-18 22:48:15 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Odbwswd.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.73% 
2023-05-18Czjrym.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Zceitoc.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Rcix.jsjs b56bba5bc59e3733da2fac1529d9bf22a428c3c3fae8d46bfd8e4e9bb8a09f44n/a 
2023-05-18Hyas.jsjs 935d2fea6488c7d2c6ec2b528f43f43c49b96750bbf21401284b5c42710e8c75n/a Quakbot
2023-05-18Veaw.jsjs 029c7e0d1aaf9b325f8d1adf729b367d04954a895d6c1988c91f700855d91db6n/a Quakbot
2023-05-18Hedzg.jsjs 6a36fcdbced70acfd047d3132e249ef81960cf97f62f9e391e672db0ecd19f13Virustotal results 27.59% Quakbot
2023-05-18Hnbeaa.jsjs d5e6e30f18f2d0670de3202c27c125583667cb6be60aee992f59e72d23eed864n/a Quakbot
2023-05-18Strwcjt.jsjs d2087d9119d773d88b9ed612b2300de62865eab8a6dfbab02955c20d0bd11582n/a Quakbot
2023-05-18Tzrhht.jsjs 2177d925f10e2cd3a5d175b8e14d8faa7413f6cd18da6fc7832edca35cdb5aadVirustotal results 25.42% 
2023-05-18Igwcml.jsjs 03652beb5abeb2e27fe43d5ddbecd035cbcb347a4e522a06b97f53e9c8f2c3a3Virustotal results 30.51% Quakbot
2023-05-18Sznh.jsjs 49255538015c01aa00ddf4828db000a7ef75677681ed98234a94a9ab84e159cbVirustotal results 35.59% Quakbot
2023-05-17Xbhhfbax.jsjs b77866fad79584d4eeba2fb19ac488731b788c0c7c1ca30001f91741db44e06en/a Quakbot
2023-05-17Vfzyks.jsjs 8d8b15db563271d51b6caabd1d280fdd09e2262383534714503ad6903b1dd6fcVirustotal results 31.03% Quakbot
2023-05-17Vauyfgw.jsjs c9405181760bf1482ac0fcca4034002716ef5a48bacdfd80e3cb5353db6fff56Virustotal results 25.86% Quakbot
2023-05-17Jhpdcmm.jsjs 1f4c2a4e8c95bab7ff916109a3978612cf0969f85e9f00ded884776dda11eefbn/a 
2023-05-17Lpcw.jsjs 0901cf7055bc662e98c048f651a2daa00fc1cec5bc745c6a25f315d5c31dc4dfVirustotal results 25.42% Quakbot
2023-05-17Qcwz.jsjs 4ade6f7d7cfcd03dbffdfe401ed93fa601500252c858fa6010e54b0587fa0249Virustotal results 27.12% Quakbot
2023-05-17Fvmciw.jsjs 3ac894a6a388d20bc81ae5f8474ee788079f5036842b1542150a55c8fed2059en/a 
2023-05-17Ixjtomua.jsjs f16b3c48ca1ba324e53c48a72c3bc53329423b16779e1cd1d0d40447f39cfefan/a Quakbot
2023-05-17Obhvzubl.jsjs 5267b74660198c03542da2e37baa8555892d4311af1af3267e7d47ff19256644n/a 
2023-05-17Jdsxsbo.jsjs b2df27df7c3c376eb0d360c68cdfec26443b6159e9daf43743586cecbd91e02en/a Quakbot
2023-05-17Osaii.jsjs 90151920f2ecf7e3b0c6f0afb05d1909cbf5bffe7c447f8cc5b5260ee36d42f2n/a Quakbot
2023-05-17Edobag.jsjs 9a520bb10003c044632d2b015c198c390769fad26a3446ca1808e274eb5e50ebn/a Quakbot
2023-05-17Dwirq.jsjs 740332789f575fe40495cd16993abdc75f51fa258dc5f317b99f699d98ba36c8n/a Quakbot
2023-05-17Csimf.jsjs 474fd54054b26ac54db5d1e523505795dc7a5e313092db7c2502dfe3c648913an/a Quakbot
2023-05-17Tudefdj.jsjs fb903535df633a93a1c273c89d6e9f21e6c5473211218b6d1601b34b89de7552n/a Quakbot
2023-05-16Ngshepk.jsjs 56ad9fce9250ed3d988e9d271cd4a488afb5ccc9dc5d7dcc5d86c4b50fb2d993n/a Quakbot