URLhaus Database

You are currently viewing the URLhaus database entry for https://mandastowing.com/tarb/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2640185
URL:	https://mandastowing.com/tarb/?1
URL Status:	Offline
Host:	mandastowing.com
Date added:	2023-05-24 14:13:21 UTC
Last online:	2023-05-26 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-24 14:15:42 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	2 days, 8 hours, 6 minutes (down since 2023-05-26 22:22:20 UTC)
Tags:	BB29 geofenced js Qakbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-26	47.zip	zip	6e2884057d5577d3b8eab31c3dcbb6a1fab5102f8b7d96d6cfa159b95fa6f653	18.03%
2023-05-26	385.zip	zip	96babc11de2ad7b42875e18d7d56bbc4540e5977dd8c6f8fc46f39a269a4e031	24.19%
2023-05-26	111.zip	zip	515df0b1d428f256012e619603d4749df4107e7798bde1756ea69f55e74596a8	20.97%
2023-05-26	866.zip	zip	8400b67554821fd30b4123f0da7dede0e03166cab7d625f7a7c9edfb4d7267f1	24.19%
2023-05-26	332.zip	zip	0255661eb22cc380a5933b5e9eecb86e71160c997e687c6b6b5e3309febbf77b	17.74%
2023-05-26	508.zip	zip	cd01595613caa14c0cef1ef6503fb9eb8dfaa5371f973f38f14c83479cc00c98	24.19%
2023-05-26	311.zip	zip	b6336a18ef4d6f54be43f18725eab4b1985ba1a9e30ad1e6a53c2604d0918b76	24.19%
2023-05-26	826.zip	zip	f7afcb59fe3722f4c82b706cc0d7aa12edb56c6186515ab696fe130acc1f0aad	20.97%
2023-05-26	545.zip	zip	c0dc7a065cb3ef184107f4e4ccfc8de47cd5d740ce8983a526ae83ef14c69b21	21.67%
2023-05-26	581.zip	zip	9fdeb2d54801b5c563bf6bceb7ab2543766f3bb746b91a2dd535937c16d0938a	19.35%
2023-05-26	691.zip	zip	988483556d746936ebd67ec91a3cfa338fe93252d31359b3f761101238812e56	17.74%
2023-05-26	141.zip	zip	9589db472afa4937d9200cb5d74d0f28c6119d5c10af6d6db89e09968bb0069a	19.35%
2023-05-26	44.zip	zip	0c032e1e46131e493f4580bb3574abbb98cd4e9b75d20a0f3c22f886516912d4	18.03%
2023-05-25	172.zip	zip	51dc6ccef2d8313a5c821299f3ee51ad5c6c308d9afec6babb6cbabf1b235510	24.19%
2023-05-25	647.zip	zip	5ba646c4fc3efb85b12c6f5b8a45d29ea1349a51476ce3a5aacb4c2c9d99d397	24.59%
2023-05-25	61.zip	zip	bb7657eb866a7c0cbd895d929aab6923dd2caf564e52159487acd25d6f4434fa	n/a
2023-05-25	45.zip	zip	d5723b112249f99714a344883f518c39ec1ecbe22f2a932d2fc051938d20cbf9	22.03%
2023-05-25	254.zip	zip	583d8e4c2ff11c2b6dcffe7578970904b74a4bc2d98e7ad3de7cde6b132033ff	n/a
2023-05-25	477.zip	zip	6cafc660598f52c635b89456f8879e9c609c478f5863aa98dac35bb7e3029c4f	16.39%
2023-05-25	913.zip	zip	e3896925df4c8e327824b165b9dd983a70b23f0419908ea3e0ba4ab14a4fb501	n/a
2023-05-25	309.zip	zip	27b44454a4b73bcb3611d7ac0282bd01e0b59b8aada5857b65eace01c9904ba7	n/a
2023-05-25	Noncongestion.js	js	c409c58b53046657f4085b676524be7dc89ac5f0e821633bed08a6c290ab0c3d	n/a
2023-05-25	Deliciae.js	js	93146f738ae018e794531fece2ea9db12d9e668e72cf9f0e347002c19018bff5	n/a
2023-05-25	PrevetoesUnnece.js	js	8798d43ea95e562ba477551f800e7c6838ff941aca476271578466065e7f30af	n/a
2023-05-25	TravoyOutturn.js	js	1ee248e54bdcb97750f1d143c79014d6f951f7e9ad8d1089ef9559b7f59552ba	n/a
2023-05-25	MulctsAgriotypi.js	js	41f9823d06add14768769f983e7eb7d7d2982615a51449ef2f5e19cbca2c33f5	n/a
2023-05-25	daylight.js	js	21c6bb3b1d28637e733f1e075833b192fea308a6763ddf1427be95eaed5b6b1b	n/a
2023-05-24	lucific.js	js	531e0efa7a0542282d58c36a6561d57ef6c25956dfb525e3a3f838a627cde048	n/a
2023-05-24	overdelicatelyD.js	js	44482b55ae27280ad24e135d7032f30f3a9f13291bf88e9991b2042603c8b6a3	n/a
2023-05-24	ManualCrevalle.js	js	c87121b167393d39fe42809004f4672f1749dbdd6892e7512de74ad180ca8d6b	n/a
2023-05-24	crackleware.js	js	fa4181aaf5df61175a2d8e97a9687c734ed87611eba0f478da5ae679b0533f0c	n/a
2023-05-24	doc_C748.zip	zip	e4cd2c7fb4c8716ce47307a6daa20bdac751374715c9b0f5a8dc364d8657bee3	n/a	Quakbot