URLhaus Database

You are currently viewing the URLhaus database entry for https://shalamasonry.com/tei/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635752
URL: https://shalamasonry.com/tei/?1
URL Status:Offline
Host: shalamasonry.com
Date added:2023-05-17 13:06:30 UTC
Last online:2023-05-19 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100117232 created on 2023-05-17 13:07:24 UTC)
Takedown time:2 days, 8 hours, 8 minutes Poor (down since 2023-05-19 21:16:07 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-19Swpgpwqk.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-19Krwwl.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 16.95%
2023-05-19Fxff.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-19Xjvsxzso.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Yqarh.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Olcgk.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Ndrz.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Irvm.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Rutqcags.jsjs 4fe5ec9e728dd35327f58b7aa401862e51ae5663df7c3a1a3845df9971ff28b5n/a 
2023-05-18Pqmbk.jsjs fceef22558799ba34afb830f44f63ff2d0386112e3506a24549d220e7ab2f4d1Virustotal results 15.52% Quakbot
2023-05-18Ohfwnju.jsjs fc437c6d702c5302119f00f15fd16ab7ac0bf3d40875a890571b0d7d670b7a71Virustotal results 18.64% Quakbot
2023-05-18Vsbtoxad.jsjs f2a2ace114103a041e79ed5165b96ac32d3595aaa0c8f1ff92533be7728179a4n/a 
2023-05-18Oqgtkuo.jsjs 71399d25c8497d7f81c87b8f5ec8d5071d8a62ac85ee254638bf8d24feccc5adn/a Quakbot
2023-05-18Xpxetyc.jsjs 42046702c8332860c6d6224d63344bbd919246deac12c67a32bee542c7cde41cVirustotal results 25.86% Quakbot
2023-05-18Hcixtfn.jsjs 2dba215a58d9e94365ddf7dad401aaefe0258795b13308a0521c655fc8cbbb26Virustotal results 15.52% Quakbot
2023-05-18Zznxuedf.jsjs 345e76a5091b5ecf319a57a8901fc203f48dae4dcc62b70fdc4d1e542d1a1f46Virustotal results 30.51% Quakbot
2023-05-18Tslf.jsjs fd6447c1e9b59d7114534e32bd988bd00fb674bcecc4c3d958b096bfc06b4acaVirustotal results 29.31% Quakbot
2023-05-18Inkf.jsjs 009f072fec4afeeb62ee51fc61e387113eecca3d907b9784a9e4b79ca0c64ddan/a 
2023-05-17Eara.jsjs 4765e3f8945205cf00c99d49497f3f90e74523fec9fdbd0bf9ea1f6163c07512n/a Quakbot
2023-05-17Irfdji.jsjs 6d9b8f4761b3d2b4e1c031cece4e6ae593e6a9e7de18a01dd28c1235bf7900d7n/a Quakbot
2023-05-17Wksohc.jsjs 043c810fd7d77672928841fc44891531ce536c6b4cfb9a4e54529c20b36eecd2Virustotal results 30.51% 
2023-05-17Vtkir.jsjs a957652292b9f2b69f858cd1f3221d9c4ae8b165a295b91459fd2bf2eedce715n/a Quakbot
2023-05-17Vgbbfgx.jsjs f74f3f66b468e91f7060adfeff51f084fd09fb44b5d93a66ce1b2cccdd016bdcVirustotal results 25.42% Quakbot
2023-05-17Mfbpmmjy.jsjs f093b882b8fd4a20a6b626c96af959ed31285d4cd57354e4cf7de124fb062b81Virustotal results 30.51% Quakbot