URLhaus Database

You are currently viewing the URLhaus database entry for https://klimabilgisi.com/te/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635837
URL: https://klimabilgisi.com/te/?1
URL Status:Offline
Host: klimabilgisi.com
Date added:2023-05-17 13:06:44 UTC
Last online:2023-05-19 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-17 13:11:27 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 8 hours, 30 minutes Poor (down since 2023-05-19 21:41:49 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-19Vgwphwfe.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-19Lmesjpzz.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-19Nqkx.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Pgrnn.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Jxvgj.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Fwppt.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Ewldbv.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 24.56% 
2023-05-18Gudaec.jsjs 18708e765fd8d77033769ad5129fe1750d4530d884fda8b76706d9832cee8afdn/a 
2023-05-18Frcyz.jsjs c426bcba8c0bf1790fa05cb78d763ad67bedd1b1bc3eec6b4902700e097a1a0fVirustotal results 24.14% Quakbot
2023-05-18Knxwwe.jsjs 6debfe0d45ae5dd2dc9622ccd7c9480a487bacf847087e1fc8c10ca87a65e7a2Virustotal results 27.59% Quakbot
2023-05-18Dirkueeo.jsjs 32191ec86c3fda99957a4e78362b4bad01545ffe830b5b5c5c32ed9c92fc58ebn/a Quakbot
2023-05-18Fuvphy.jsjs aa29c7434c1bdbe52fd461a295dac0931392a0852902d70bd91693bedfc48375Virustotal results 31.03% 
2023-05-18Kdysbj.jsjs 0af9a445f31e51c20a58fad5f35d353da59c49e684bf1db02c436c4d7f7f18a6Virustotal results 27.59% Quakbot
2023-05-18Ftwxkz.jsjs 7237114103b60a76ef6a67916d0d6fc1e14dc707087bd27684d1093748393f39n/a Quakbot
2023-05-18Zerukkm.jsjs c2b44422f7f4e7dc1cd2abeab300413b55a00cd9d34fda7542a467dd852bafb4Virustotal results 27.59% Quakbot
2023-05-18Nytng.jsjs 80ab380263a5873a2a0e5bf0f6970a2c5a2f1bb6ced244bb881a685269c5d92cVirustotal results 15.25% Quakbot
2023-05-17Lguoqso.jsjs ccfd3d544f060b0b45133acf8df8a753724ec29a916820e53f6e7692dd785c8dVirustotal results 21.67% Quakbot
2023-05-17Bagrsbq.jsjs 2eaa6ab373b017bafebcf7e8d12609c6c9958b230ee8d4a3e4f96294f5ea826dVirustotal results 32.20% 
2023-05-17Ufusg.jsjs 3c65c87cf0e371c576074e364d5d415f782faa5f2381909a0cd1d6d3e16b21a3n/a Quakbot
2023-05-17Qyhzjgx.jsjs 561eeabd5f230ff8d733b3aa53f761558b65f54ba6d32241bf0350b4e136b808n/a 
2023-05-17Iebl.jsjs fceef22558799ba34afb830f44f63ff2d0386112e3506a24549d220e7ab2f4d1Virustotal results 15.52% Quakbot
2023-05-17Ehwypk.jsjs 5e30b39e34b262f145f195328ba0967ae018af26240225770cb9bbac24dc377cn/a Quakbot