URLhaus Database

You are currently viewing the URLhaus database entry for https://sirinatureroost.com/lft/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2639590
URL:	https://sirinatureroost.com/lft/?1
URL Status:	Offline
Host:	sirinatureroost.com
Date added:	2023-05-23 13:07:33 UTC
Last online:	2023-05-25 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU100120251 created on 2023-05-23 13:08:23 UTC)
Takedown time:	2 days, 8 hours, 42 minutes (down since 2023-05-25 21:50:54 UTC)
Tags:	geofenced js Pikabot Qakbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-25	699.zip	zip	9c8ce2f62b6a79e61c183b11227c9b9e0b3e9bc38689ffee87ddaec9e2dd695f	n/a
2023-05-25	388.zip	zip	dc2e5bff4402a480559d6a33d774b35860b13b49db3423ea32bc44bfdd76fe55	n/a
2023-05-25	557.zip	zip	d0b37dd136e10ed9e2d464b4dccaff0999b600bdfc09a4d361c9eaab579b3889	21.31%
2023-05-25	494.zip	zip	c79d3fa03186207f3c442ec766a94e930c04d9f1000812b6ecfa253ceb1eae99	n/a
2023-05-25	300.zip	zip	4675437596a6be9219439a4a0f578f6adafe894d72595798a055d88dc04069b1	n/a
2023-05-25	502.zip	zip	6655567cd9c19359a968fe4f4cd3f383a5476572fa207b3f1872ac1e0e28fd2b	n/a
2023-05-25	BiscuitmakerBol.js	js	0d4d53637b081da9439379cadb58de752c3179053ef48a7a26659c097886dfa6	n/a
2023-05-25	HonouredHorosco.js	js	8a91d818b16e819f8323edb2a39d3994716cfb21d32d20498fa04ededb8c0104	n/a
2023-05-25	Cramberry.js	js	3d71570dea448faf35147af40f1e105ac80a848b5cc63836cb66f95ad3821998	n/a
2023-05-25	Satirizers.js	js	ea91e23e26a543621643f131fdc13dcf99b8b9347c204368427ca1d3450ae248	n/a
2023-05-25	MeliponinaeHill.js	js	61e253472f24a3f3e7139d6245162e0fe7cc7fe1bdcb4ae001032215c24f64e0	n/a
2023-05-25	raspingsSynalla.js	js	0cacd1266a8d2584521a53ea71fdb5dd8e630abf01d4656f2d9a6cf9861a1c74	n/a
2023-05-24	unconditionalUn.js	js	b0e2e3285c33fca6cea242c3dcde33814546e13243ce8442884e0f57476d0947	n/a
2023-05-24	Begged.js	js	308c65035b5576473c1f84ce80047c6c405a4d37270c2f20f4c79b50a59a1910	n/a
2023-05-24	Pronymph.js	js	6d4bac18f363846b0ee68054e356320a261417272135be5cbf2571ce25f6d051	n/a
2023-05-24	SecuritanKingsi.js	js	a51cf367cc9c0c3f1647df3e15fc5d1a9ebc5495c0425f5a995af769ecc9e6d3	n/a
2023-05-24	doc_F012.zip	zip	d7bdaf20d281216c549682350555da9f3f769d4f3e94c20292be05b381bc5076	24.19%	Quakbot
2023-05-24	doc_E856.zip	zip	113ffd8a2a7e0fe20e28f32ed9c7255359131ad0a735cf3c2fa8429ac62adf4f	n/a	Quakbot
2023-05-24	Applesauce.js	js	313a1495076a436838a377e9b64ff864b2899a1dd4d3209f50882b70756e10b8	28.57%
2023-05-24	doc_A692.zip	zip	70c64f80f182893c3cc60b409a11cc6a6752a709acabcdaa5d5c0108218d664f	n/a	Quakbot
2023-05-24	Omnirepresentativeness.js	js	e1c37d5d15b95e5e9cd29ac440efd032ea23fe5436ac30f0db2324861c85664c	n/a
2023-05-24	InobscurableOrthis.js	js	8c78bf286dd5d2bfde080d3de84f50b8b3415a7679e7507473c9c8c6b75bfde5	n/a
2023-05-24	discustomAppellancy.js	js	f6aaee500c0574267fd14740ce74f467586de7be247a8c07e6cc31e366a8ef28	n/a
2023-05-24	MarinoramaKnapper.js	js	f2d4bedce3d86bfa1a1e8d6adf2e6ea7580f6734cb225fc42a0e28748f84e065	n/a
2023-05-24	croisad.js	js	a5d000284a3a6b55e5901b0ab99f310dcae76f0f11fde950795f27d8d9be0a1c	n/a
2023-05-24	Topato.js	js	30094f8b35db48dcdf157aaafdd896585f12bc552c271a72af3b5a57d1de3489	n/a
2023-05-24	landocratBussing.js	js	9eaafd7dad0fbf11ab295e571cd47b49aeabd9ea6884a540b8fee008390da9c1	n/a
2023-05-24	cunenei.js	js	0768da4dea293086bcb34dc79559c60fee166a1e1f0abadd0a72a2532f6c426b	n/a
2023-05-24	unhuntableIndoctrinator.js	js	96dcf99d67b859e9ca3b46cb9a830c06102a1700c0addafbd0bc3f306bbd316a	n/a
2023-05-23	ornithoscelida.js	js	fcadd721bf2f3c84503276f567a2e56a5ca2fd53fc76f1dbcdf19f90af08bb6a	n/a
2023-05-23	Fogless.js	js	0c7885ad0774cb84096770cc68cca03b4e5a866a6972f0a14a56e74ed8ee94ad	n/a
2023-05-23	ZizzleCrottle.js	js	fb8d9189c4b58578ef6e39fabfbe74f1524b54687a26e7cadd49c8d0c607c6ab	n/a
2023-05-23	Unappealingly.js	js	55030983b4a3894c4c61b05069f3a066b61d1f7eb34133d4dc110e9a5485f5c6	n/a
2023-05-23	Subsecurity.js	js	833f365aa0a2663b154310a3479117465b7c35486428075daa5dc968690d4c2d	n/a
2023-05-23	Perithecial.js	js	6c63ece70256e255c8de3fcc2fbed107ef251b0c95184fbb5265c57f2ee84a98	n/a