URLhaus Database

You are currently viewing the URLhaus database entry for https://zambianroadsafety.org/eom/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635179
URL: https://zambianroadsafety.org/eom/?1
URL Status:Offline
Host: zambianroadsafety.org
Date added:2023-05-16 22:02:13 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:03:48 UTC to abuse{at}hostgator[dot]com)
Takedown time:1 day, 23 hours, 17 minutes Poor (down since 2023-05-18 21:21:47 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Rfyfakyh.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Szksb.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Jortsmd.jsjs 1c0af10cb305c3741cb289913998258ecd97f888e28f2fb3ca92c143fd00cf29n/a 
2023-05-18Voxyse.jsjs b76a46e9b0db483e342c390f25663222fee2e67cb7670205636c7ee748850b86n/a Quakbot
2023-05-18Jpyufvbx.jsjs d67719607166b2f101544e674067b1d8a66a134620ce0e19794356da09e033ebn/a Quakbot
2023-05-18Khjnel.jsjs 6cc345a8ad3df8d8da07821f31095f9c217201e0065038c5bb7e15aae14a9035n/a 
2023-05-18Jqni.jsjs ceb8cce48cb241bf1dbcb587ed7d6d8d4c9fdeb5f87bea993602228464eaf9a5Virustotal results 11.86% Quakbot
2023-05-18Wtlyitk.jsjs e83bd9c4b21fcd0dac063c512259b7310762d0f7b923cba778206403e5314398n/a Quakbot
2023-05-17Sbki.jsjs aa29c7434c1bdbe52fd461a295dac0931392a0852902d70bd91693bedfc48375Virustotal results 31.03% 
2023-05-17Wjdrt.jsjs 0778e11b34038a33e15f6d85dc45a87e23d2ac68fbb8e3d9c914b1edf5987187Virustotal results 26.67% Quakbot
2023-05-17Fknxr.jsjs fe6c3afc81fba017285089bb2240464e993b83edbf51755fe47e70d5ce454558Virustotal results 22.64% Quakbot
2023-05-17Rfbuysk.jsjs 562698d61476d96d6f3b0fd847585b9c5e4d1f9eb96f8153ba577725aa0eb697Virustotal results 27.12% Quakbot
2023-05-17Vpjnh.jsjs e0a76560e4dfa1a02a0ed9070737950e644f0b851388f7a580a8c384ba1ae3aan/a 
2023-05-17Jzvko.jsjs ced3c62c0b0eb34cebf34dbcc0ee8a52ffec9388cc383952b09c7aa421199a79n/a Quakbot
2023-05-17Nkqbmo.jsjs e097747aa43ca0c5787d98ebdab3ab67fda12444d287a4a0702a670f0b2494d3n/a Quakbot
2023-05-17Mbywhv.jsjs 1344c91f569b20a842e23c12af2bd03ee140cbb2d006e327deafa47ea59ebf5an/a 
2023-05-17Qgahjej.jsjs 8aa2646f9a62416b0982892e619e2b5d63693de6901791d1cb90c73392416f57n/a Quakbot
2023-05-17Arpwfdn.jsjs 684466b1a40741ef81c7610bb45a1313422688679a1ffa5567f95b952b4a7181n/a Quakbot
2023-05-17Bdcdlk.jsjs 8f3117513b7e26b99674159bc67c33394c9f8edbd706f072418ef3829d1aaf66n/a Quakbot
2023-05-17Wsccrap.jsjs 96c8dd3bed41858180e6a887a62d7717aabeea85d4b4315dc43ff53446c71acfn/a Quakbot
2023-05-16Mljnp.jsjs 22e554446ee4fe7cbd79d1027940577895e54174ae4d460317299fa4e18af7den/a Quakbot