URLhaus Database

You are currently viewing the URLhaus database entry for https://perutrek.net/dt/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635802
URL: https://perutrek.net/dt/?1
URL Status:Offline
Host: perutrek.net
Date added:2023-05-17 13:06:38 UTC
Last online:2023-05-19 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-17 13:10:04 UTC to abuse{at}bluehost[dot]com)
Takedown time:2 days, 8 hours, 45 minutes Poor (down since 2023-05-19 21:55:32 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-19Ktorghej.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 25.42% 
2023-05-19Lupxautn.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.73% 
2023-05-19Yjyyy.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Aailyo.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Fjeixnq.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Bytbtqvi.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Xcvsehh.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Metb.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Etgnmejo.jsjs e463d828275eb5f9791b1726a57f118f81137f31be86826c718b8a71e82349f3n/a 
2023-05-18Vgvpgijr.jsjs 0b7fccf63d874ff825b5a3e790311b7dd0923c82b142520db78f43a8191e9216Virustotal results 22.41% Quakbot
2023-05-18Hkhewxj.jsjs 43b5fd987f46196b07b603e95e51b7c7676ad0784f913f1b136dcf29bb46e808n/a Quakbot
2023-05-18Rniso.jsjs 35a99626b0db91409ed1ac874964033c1490a20549ae611e95fa7f81dbd98d44n/a Quakbot
2023-05-18Acrpxqoh.jsjs 502aa2d56dbba3e18971b863336aff4b696a67a0935ca0cc3d9186a3c2c8550bVirustotal results 32.20% Quakbot
2023-05-18Beet.jsjs 875bccb572b756073e35cf697abde47c18a8fc4156b093bd6d229ef766faed99Virustotal results 28.57% Quakbot
2023-05-18Hsmd.jsjs c7018ff287088c076eb317d0b9402bc9dda25e832c0b205e91a3aeef7468bcd4Virustotal results 33.90% Quakbot
2023-05-18Xpjyhb.jsjs 8116e7914df0a4fae9adad12da668660206754557fac016131c53fcd305d537fVirustotal results 32.69% Quakbot
2023-05-18Cwcrnlep.jsjs d1a92330c8f58a18b81d7ff1a9ea348b205fda7b106c31a2d1e09764a4557fa0n/a Quakbot
2023-05-17Awftz.jsjs 6cb675336525f3ee63666c008f21faa80acdb6e41fec92d7d75201b385880e2cVirustotal results 30.51% Quakbot
2023-05-17Bknx.jsjs cc3f6d63f84cc1a94c7b2a3942b9e0df2af0f247cf2a81b2ba18f33ce401310dVirustotal results 27.12% Quakbot
2023-05-17Cdbhxygw.jsjs 17c72916bd400a92cce59ce208e3dc0e55b97f9b3926f0819456072bfb9090efn/a Quakbot
2023-05-17Wiujfva.jsjs 0b38200ce89d27eea5fb23346b4015cb585d0af5fd4f176a7c9bdb20ae369a4eVirustotal results 25.42% Quakbot
2023-05-17Lsylokh.jsjs 35c35c65a46137ab025bfda60be1ea1c10a10b9cae6e337415b9c7b2ebd3df3en/a Quakbot
2023-05-17Kxbi.jsjs 819e1677a9b83e3e2c5f43d5b2dc0f2f54147bd8257c067505fb818330efc68an/a 
2023-05-17Ekfignxb.jsjs b95a6f4518de9f894317d0fe03a9dbf1132ea5b5053e9f11d63ac0746afde62bn/a Quakbot