URLhaus Database

You are currently viewing the URLhaus database entry for https://playhave.com/ei/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2645698
URL: https://playhave.com/ei/?1
URL Status:Offline
Host: playhave.com
Date added:2023-05-30 12:09:29 UTC
Last online:2023-05-31 23:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-30 12:12:00 UTC to abuse{at}as45671[dot]net[dot]au)
Takedown time:1 day, 11 hours, 7 minutes Poor (down since 2023-05-31 23:19:05 UTC)
Tags:BB30 geofenced js Qakbot link Quakbot link USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-31doc_C850_May_31.zipzip 69b83393460a626c784189285cf23b6786f8c9fb8607af4f44c4a7b7392647c3Virustotal results 20.97% Quakbot
2023-05-31doc_A648_May_31.zipzip a182358d474d073ee4b01d31dbcfe5d074c8a317d981293482a3eab7f8f756eeVirustotal results 20.97% Quakbot
2023-05-31doc_D102_May_31.zipzip 5ea41f655acedcbdfd9c7216fc3cb9d94145c0d08c29ca8593ce36650d6a3afcn/a Quakbot
2023-05-31doc_C315_May_31.zipzip 667d68b9d8e8db2b19d435e6e90f37b8705acd723b473ff4d5079f7523e53a57Virustotal results 20.97% Quakbot
2023-05-31doc_F541_May_31.zipzip 7da83550b74a66d908377c674473d9f8eb7c62107a1c65e5904310df8768fe14n/a Quakbot
2023-05-31doc_B201_May_31.zipzip b0efd76f49fa9cde33896e49f1298b99564dabbee824b21818c4ea4b5f4d372bn/a Quakbot
2023-05-31doc_E475_May_30.zipzip b18e2b57b64ef8ce09a6bb386d6c4f6d60a8c4f49869433b626882144640c369Virustotal results 20.97% Quakbot
2023-05-31doc_A259_May_30.zipzip 3ccfa9c3d6e56c150cd496b54a607c18ccb2a8c43b01716e491186f2edb579aaVirustotal results 19.35% Quakbot
2023-05-31doc_B473_May_30.zipzip 30074f7d3ea7d221de3bef746d9429513c86a2b10cba313c6566fcc75dd3934cVirustotal results 20.97% Quakbot
2023-05-31doc_E310_May_30.zipzip 3d4159a9357678d127590d2e54a98e1c186c9912763dbed181366264b19b12ebVirustotal results 19.35% Quakbot
2023-05-31doc_E316_May_30.zipzip 9e90fa396766892082adefec4ee2dc1c350d6a589619cb24dfdeaa086a6a155cVirustotal results 17.74% Quakbot
2023-05-31doc_E253_May_30.zipzip dc5f2ca7698f9ebbd750be90c37e828200a47a8b75c64e051649fec7e3a0a667Virustotal results 19.35% Quakbot
2023-05-30doc_A479_May_30.zipzip fa5192d456f4249b69d2f115035852cf9e1c87aa8a34cc67c849645b7ee653afVirustotal results 19.35% Quakbot
2023-05-30doc_C496_May_30.zipzip 9c5dbac6625a15ae0a07b441c9fb83b1c828252b83ae62e61f9189eed3cdd2fdVirustotal results 17.74%Quakbot
2023-05-30doc_C862_May_30.zipzip 44f8fee6e4c97b11521a1290779e50341cda1e895236585ec0fc43c3356a530cn/a Quakbot
2023-05-30Cancellation 679733 May 30.jsjs 849f00dab466a34e991c6a3d8ddbb2430b3dac4f7eeae4f9b889271ab691ab83n/a Quakbot
2023-05-30doc_D482_May_30.zipzip 20a7865786811e7b21df3cc2a27dc5de844b18c2f308d6958202ad98f223bfa7n/a Quakbot
2023-05-30doc_F843_May_30.zipzip bdf4e9e027f77d4957a27005462aabc27b2e8ab69675fa66baf61010b9ac5b38n/a Quakbot