URLhaus Database

You are currently viewing the URLhaus database entry for https://pokharavalleyschool.com/ai/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2646523
URL:	https://pokharavalleyschool.com/ai/?1
URL Status:	Offline
Host:	pokharavalleyschool.com
Date added:	2023-05-30 16:51:06 UTC
Last online:	2023-05-30 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-30 16:52:22 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	2 days, 6 hours, 2 minutes (down since 2023-06-01 22:54:21 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-01	document_D079_Jun_1.zip	zip	7572ef614ebb7f74f38fd69400874ec336df1e0ff9a21b293cfa3510399e85f1	21.31%	Quakbot
2023-06-01	document_F027_Jun_1.zip	zip	7347647f669fa6c9fb26e2c201d4d4e527768cbda3bfc5733904ec6c0c92b6ba	20.97%	Quakbot
2023-06-01	document_B342_Jun_1.zip	zip	183e1139e7e54c6fe2272d51d2dc2c3169e865c95aad2269b62ec93b1ca3896c	20.97%	Quakbot
2023-06-01	document_A703_Jun_1.zip	zip	b8565576e91ef87f28ed202c38d4363bec4bd011f9f0ee3a2a94a5189d466d81	19.35%	Quakbot
2023-06-01	document_A578_Jun_1.zip	zip	4d577a319853f19218977056ad73ded9a17a4446ee4c57fbe81d180557e34974	22.58%	Quakbot
2023-06-01	document_C806_Jun_1.zip	zip	9584635c5c7de92f7a999be9e4e674e272d3309a0e6d9d8b71c7a81fa22c4cd9	22.58%	Quakbot
2023-06-01	doc_B597_May_31.zip	zip	eb365df8ce5a6502f512c58ff09bfbe292b7a4cba48464251b29b800fccc5915	19.35%	Quakbot
2023-06-01	doc_E147_May_31.zip	zip	71211fc0014e02a615e2d2517d0a180b35a01952dfdf041d0fc2e861494c16b6	19.35%	Quakbot
2023-06-01	doc_E058_May_31.zip	zip	4542f12b012016af7f70a15f3cb509f2a4fa4f1ec4f86d9c754ddc6636780cf7	20.97%	Quakbot
2023-06-01	doc_A826_May_31.zip	zip	3424a79769fa1d3a3d4af96955dba993ff6844b51423aec419a36ec42989997e	22.03%	Quakbot
2023-06-01	doc_B834_May_31.zip	zip	61f397d01e6bbd4a01b3c38d1a2dcdfbad1827ca9ff61cabc856d43878d5f735	19.35%	Quakbot
2023-06-01	doc_F186_May_31.zip	zip	4cdd6aabd5b9f60d42e9e84fe7d3dedc3f8d8bdda4f6de97b1c7d46581d24219	19.67%
2023-06-01	doc_A469_May_31.zip	zip	fe2702c7fba6f805b882937698957392771d62f50f455595a7fc385d7daa2ce2	26.23%	Quakbot
2023-06-01	doc_F452_May_31.zip	zip	2567c61e2bb6b5974acda3bd37a76ca0c2b57c7394622ea09bfbb90e73fad64c	19.35%	Quakbot
2023-05-31	doc_B704_May_31.zip	zip	40fc410111e7371671ca8f271a0a0ecd29ab5149a8ad1d63ad959ee21373056a	20.97%	Quakbot
2023-05-31	doc_E014_May_31.zip	zip	c43635beb4825f63a795a0c051fb0c4062230e7ccbbcb1b6952ced4632d96699	20.97%	Quakbot
2023-05-31	doc_D673_May_31.zip	zip	7b5d2abc67d22a6185eb11cf5602d758f161647bfc9cac8231e9af645debca97	19.35%	Quakbot
2023-05-31	doc_C063_May_31.zip	zip	95a95fcdd9ba862dfe8ebee2bb155b8c0d9a7c10de4fda202bbeca4dcf06f387	n/a	Quakbot
2023-05-31	doc_A159_May_31.zip	zip	f8b0785430a4960ed443ca1be9f3fb262d5fcbf79c88b9ba3c508038c8ca2dd2	n/a	Quakbot
2023-05-31	doc_E815_May_31.zip	zip	0888beb6a83aee535beb30b7366d2f97451b878d6f9183faf394df00536f391f	20.97%
2023-05-31	doc_D045_May_30.zip	zip	935a00b0c31ea83161a21b8f684ff440362e0adb97bddbc6cef96297b1f52399	17.74%	Quakbot
2023-05-31	doc_D035_May_30.zip	zip	077501bdfd0c8a7b289f59cc2826803a43a35bfafd0eeea4b6e800596dd36c99	19.67%	Quakbot
2023-05-31	doc_C413_May_30.zip	zip	5ca8c9840cf72649809650b6439efaefd839c960ab31ffba92d79a7acef46831	19.35%	Quakbot
2023-05-31	doc_D421_May_30.zip	zip	94a180c38a699fdc1fc60c0d4f0067b57781b30a5a53fea6d5a58c0531fc61b3	19.35%	Quakbot
2023-05-31	doc_B924_May_30.zip	zip	3b46a0f50840ef9b4716f486e700d99da313ec8ec7f9efc1d08687a7bf449431	18.64%
2023-05-31	doc_C496_May_30.zip	zip	9c5dbac6625a15ae0a07b441c9fb83b1c828252b83ae62e61f9189eed3cdd2fd	17.74%	Quakbot
2023-05-31	doc_C039_May_30.zip	zip	65622f8621c4e612e5649df047242f2c9e52a3696d95c0ba0c9caf1d4b956c26	19.35%	Quakbot
2023-05-30	doc_A816_May_30.zip	zip	3a333929abbe5bbda9fb1e7531e92e1ac8b06fd171970a2d2318f296cfc6ca6b	20.97%	Quakbot
2023-05-30	doc_A683_May_30.zip	zip	4656008e7ea29a54d6a79303a71db86aba3e5ab2723bb215aab0fec4689e0485	20.97%	Quakbot
2023-05-30	doc_D158_May_30.zip	zip	b4f06720468b01a4e673ea2615c9a1f8dab8e90cbc9fd0d7cb7fc6a186ce37e3	17.74%	Quakbot
2023-05-30	doc_A572_May_30.zip	zip	a7e7a7271bf1aad5b20da42e08755d4529ebd9861b494f60ca6005ffe4ef4848	n/a	Quakbot