URLhaus Database

You are currently viewing the URLhaus database entry for https://ninetofab.com/smro/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2659237
URL:	https://ninetofab.com/smro/
URL Status:	Offline
Host:	ninetofab.com
Date added:	2023-06-13 16:33:15 UTC
Last online:	2023-06-15 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU100132718 created on 2023-06-13 16:34:04 UTC)
Takedown time:	2 days, 1 hours, 17 minutes (down since 2023-06-15 17:51:05 UTC)
Tags:	BB32 geofenced js Qakbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-15	document_EB136_Jun_15.zip	zip	eb7328b4dd7590b7f0c4a213e3b9e784d54c6f8fb523db1a7ba220a6b6cdd972	6.45%	Quakbot
2023-06-15	document_AB936_Jun_15.zip	zip	4d90cf91a47af509a54807fa442308e18b55334881bc81b64948b421fa607429	6.45%	Quakbot
2023-06-15	document_EF276_Jun_15.zip	zip	c46d3492fb5589695c115cfab615a04dcb51d29717f94b72179ffe381bf7e4d5	n/a	Quakbot
2023-06-15	zfk9tz297bex.js	js	44ce4c89728d1af3e1f8fa2a4209b5f686682ae335d0d1bae11bbea770564a00	n/a	Quakbot
2023-06-15	Te471AD16zDHC.js	js	e56149278cb0259f37589a92c82f35d5eb60c64fa15ee8be714b5a7a369147f7	16.95%	Quakbot
2023-06-15	cPoL775Fq8Morh.js	js	c6509127ce2f1c0896965b13bfacc45112a57a8a5262be5103025a21fe4c31f2	n/a	Quakbot
2023-06-15	6uwQh2bYu9870F.js	js	136e41825231ea8bf80c4746e27f1bd8d7757041f123b31372311238316cff55	0.00%
2023-06-15	CvVs4ynMUAZfS.js	js	96da51c6eb9995914856c5161549252f30659afbbc1f4d601ef7b2716561ee24	8.47%	Quakbot
2023-06-14	H0NxLqLDm1zsVN.js	js	a8513b04f8ba2cdc01a30214cfeaddfd1b39025c50f60629c9a4bfd71b331a97	n/a	Quakbot
2023-06-14	UD1zVNAP9biNY.js	js	4bc9ce843c4572b1ae206adc406ecba1e1c1791126cdd97b191760ad84920d55	n/a
2023-06-14	ep23vmZHvykEL4.js	js	0aa35758c916d3ad9aa747f2bff4dfc67eada01931808442857e0e8610d61b09	n/a	Quakbot
2023-06-14	PiYthxRecu4egq.js	js	c3242db5ceeb2398bb421cda160aacbce70b1a1673ebb2d643963d6d677dec6e	0.00%	Quakbot
2023-06-14	xLQyVdGMefULEU.js	js	2a272653b56b77d03cd623abe943e7f0fe965b1a381184a2e6596be9eb9afdab	0.00%	Quakbot
2023-06-14	HkS1sZKW2qHf7V.js	js	f9bf334845a79050c8648bc6d50fe12fe1ff7eaf9ccfa1b88428d8692c1d9c5e	9.62%	Quakbot
2023-06-14	anHqRHOrsmeEsx.js	js	62458c460bb0e428d772b86e5abec6449defbb88b380cfc79d9a34936fd3f00f	1.75%	Quakbot
2023-06-14	ZU6X7uFnLfON.js	js	08fcba4bd4294f71d9703bdfde10ef905083c55eb4288959983ed7e7dd2b0d18	0.00%	Quakbot
2023-06-14	VqwoObEnguUAB.js	js	9699fb4b5a460c02d05f85377271191d39ea526f91add8dc6dc2acfb74daefbf	0.00%
2023-06-14	B2qQrZh97Vfe2.js	js	39a742588af367f30c7bf2a1427b3fae0c2538272168039d5ff104802ee49bfc	15.25%	Quakbot
2023-06-14	drYPiOsgKA43ff.js	js	d7f93c007acdb729ac24d4761820b3ced62648e526e6371d353be39c663d6649	1.79%
2023-06-14	P7lcXAox8qup6v.js	js	5dcf3bd64484c0eff5bb252233f1bd1633f5eca29c487f0d5dc727be2ef1661c	15.25%	Quakbot
2023-06-14	2DCxkYC8wSAVH.js	js	fd17cd463af9bf449d3eb07975e3ec381c8a7608011d1e56b64d01ce8c363dbb	0.00%	Quakbot
2023-06-14	tar2RVaiYU22ZJ.js	js	62356922472019adcfac4e233a2aabc0eca414f713a656412ee5b5a77dcb4658	0.00%	Quakbot
2023-06-14	OAjjOJzMNS084.js	js	924f8b72bd671b4a7cb46cba011dc50137f712ba891f2ff6c71c1da0b07dd59d	n/a	Quakbot
2023-06-13	kyvmbiJE7M4M.js	js	c9f9c016085e20f6f3cc4ce1a2be8de531b3784c2aed172fd0f3c28b13206034	0.00%	Quakbot
2023-06-13	UQ0eWYPMBpuz.js	js	804163fe4cf333a395e170201f39fb4d515021141c068615fa14e8eabd3ab3d6	n/a	Quakbot
2023-06-13	nn1h9tZPmpBSV.js	js	bf1b90814e0e35786e9c28bf40e8ffbcbe7606b56c4914da4e3c7a27efe65abc	n/a
2023-06-13	SQpYg9aMcNQvc.js	js	e918e17a0a639c0f284a76059249a8398b71eb09bb54e4409fe6ae526a332431	n/a	Quakbot
2023-06-13	F5WaGVReLXmi1.js	js	3dc6376b466935f3e4274c9b2512a32fbf78081607bbb34764f18674b3f487ee	n/a	Quakbot
2023-06-13	2FukacFlvexweJ.js	js	26edb88e39fd3f75356de8be4c5a88f201e508dcee7e4674559eac50932abb7a	n/a	Quakbot