URLhaus Database

You are currently viewing the URLhaus database entry for https://alkouser.com/duu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2659256
URL: https://alkouser.com/duu/
URL Status:Offline
Host: alkouser.com
Date added:2023-06-13 16:33:17 UTC
Last online:2023-06-15 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-13 16:34:29 UTC to abuse{at}hostgator[dot]com)
Takedown time:1 day, 23 hours, 48 minutes Poor (down since 2023-06-15 16:23:04 UTC)
Tags:BB32 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-15document_EF746_Jun_15.zipzip 4b4875983327cdba73fc3510038c49be29061cbe57854ddeb3a7f32e66252991n/a Quakbot
2023-06-15document_BE875_Jun_15.zipzip 71aac931fda487fdef4fe1d3b095cf3ecd78eb6028def015a1402b662157495bn/a Quakbot
2023-06-15document_ED917_Jun_15.zipzip 9c8cf06698e91db48b48a9f0a4a4cd2a36dba098173c6e852015e032b84bf51cn/a Quakbot
2023-06-15o0wNx0mowAheM.jsjs 6ffbe5a82b8827796d3974e17596e8fa43db3c579bb21e84887ce065145e34bbn/a Quakbot
2023-06-15rT0NEVZAzqz5tc.jsjs 9f03fde8c3006707d1e2033c3fbdfabe897770e619c29c97dd59e31add9c0f9an/a Quakbot
2023-06-15FYrCD5HjD3kJaX.jsjs f0e05a54804ba6dd3c861013404bb029face05928bb980d2e8b9d8fac32f43f1Virustotal results 0.00% Quakbot
2023-06-14wYlhhzElbSSpy.jsjs 54028e894dd48268a588562e0864a85970ca56788af10ba2474af3ec3a3fec22Virustotal results 0.00% Quakbot
2023-06-14fNjcIyZtSpMfS.jsjs d875228aa95e7972a6dc7f348ecb7901e7eff13651c6eac111b7615967201519n/a Quakbot
2023-06-1439XosXtAqSN9.jsjs 5e8f705edace298a3fa06aa1c511640747f8fe0435f2059e528be5b40d82ab68n/a Quakbot
2023-06-14docu_BA301_Jun_14.zipzip 197c2db0857bc2cd2b24856ea3966173990489709337aa4a3bce6ce17e9e9b22n/a Quakbot
2023-06-14SDE6rwvn0gPlmh.jsjs 38366372c790cda6ca1c286ae922e290d34fc010d76004b18a9773f165e96b52Virustotal results 15.52%Quakbot
2023-06-14cW0i4FvDUQOMc.jsjs be8bda9b2381310721ec9c6984328de60aba2660ca5c45193af121363547cae1Virustotal results 0.00% Quakbot
2023-06-14IPlWrbQZlcxuZ.jsjs 5bd5540f6d3a9e5c60722dc3244db3c1458ca0614f1355bd03120b5b5679f99fVirustotal results 1.69% Quakbot
2023-06-14EE22XfspgzgfbF.jsjs 59eb669a757058561ea4c07b922431289017a7bce6a4f8a1fac76b85c30ece5fVirustotal results 0.00% Quakbot
2023-06-149W4aPVNugXYk5.jsjs ed82fc7a3017a0f4a0dfc33f46ba8e4ded77a271124ad483de1211c8ca3ba03eVirustotal results 0.00% Quakbot
2023-06-147lM6oR0kNKez8f.jsjs 1e1217449d7d999b39a1c6d11b8e22e7e5b66cea10f423c322f9f1072e178a7eVirustotal results 0.00% Quakbot
2023-06-14x1R7kjBcHlBvwD.jsjs 780b7a66bb9b05d1a3f2995cb0878c3f03f9e0857f1b2b2d1eab1304c4735e16n/a Quakbot
2023-06-14sL525ZOVSkCv1.jsjs 9df95efbc4e258fa1d2b4b3bb15abaebd1044a1c52aaaf506457523a40fe9a13Virustotal results 16.95% 
2023-06-14Yea2QDFuLFAR.jsjs 67076bab342d29b913071be1cd29b60d1800fda7c0f4379f8f5adfb4e3b6f0cen/aQuakbot
2023-06-13bJQrQIPQrhCO.jsjs f3c89b57ec700157818293b4ab3cc6998e1cc99bce9e06431180baed8e8f8333Virustotal results 0.00%Quakbot
2023-06-13v9r9uYCeoTe1.jsjs b4a8b583d41a21ff7972851dd6f0f38096101909cba59db3f204f0b9a19cf146n/a Quakbot
2023-06-13Dw9oG90uWY4wL6.jsjs 8b6c27383170e8257c1b3dd1ea763aefbdc57087a182bb3684fdca4c6b99c404Virustotal results 0.00% Quakbot
2023-06-13Qn7DqtRNohDm.jsjs 9f3de48d50ae11c8416b11db22eca5f04706871ac6c58bc9ab556b5947e3ab55n/a Quakbot
2023-06-133OOhVGBfyaHnl.jsjs cc049dacdc64957bbf78ab648752227d2466c211ffd79afd2e121afa29679535n/a Quakbot