URLhaus Database

You are currently viewing the URLhaus database entry for https://rocketscience.com.br/meu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2659342
URL:	https://rocketscience.com.br/meu/
URL Status:	Offline
Host:	rocketscience.com.br
Date added:	2023-06-13 17:52:13 UTC
Last online:	2023-06-15 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-06-13 17:53:17 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:	1 day, 22 hours, 22 minutes (down since 2023-06-15 16:16:11 UTC)
Tags:	BB32 geofenced js Qakbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-15	document_EA130_Jun_15.zip	zip	301adbea0798d98ab20d66fa7dc8035ca9799b04140ac7cae8bcd4ed714ffadc	8.06%	Quakbot
2023-06-15	document_CA182_Jun_15.zip	zip	01ab266bad02db4aa2179d95d07ff29c4097fb1114f451ab48b0d5e96ff496e0	6.45%
2023-06-15	document_BC821_Jun_15.zip	zip	bfc77b452cef9bd358c5720eefda9fcc36870e94b6c16391a211331d361a8fd3	n/a	Quakbot
2023-06-15	ayUq6VA1IY9YSQ.js	js	6af25ceea2b5b8b61576d10d749f23f017c4318400fff3e8cc46824c18b10850	n/a	Quakbot
2023-06-15	YUtF1peCcc4b.js	js	c90272f44857f85a41787bdd9ae40cdf04e53de0cf01c632e32de00f07406c18	16.95%	Quakbot
2023-06-15	5ChLGgdMzPsMN.js	js	5f84f210857c549f065b3527e79b5cb698140b770781cdd4d2495429cf2d2a7e	23.73%
2023-06-15	mon1lynATyRF.js	js	491a9bdf1803b922409031a5e84e71d78b890aa69a42324444d7ac9acdd99971	n/a	Quakbot
2023-06-14	1oiyz5Wly99v8g.js	js	fe87d532372fb4f78feca368b18a5a7008787ee4f107a748cadb1f4bec13a4d6	n/a	Quakbot
2023-06-14	kKKflVIHrXMnP.js	js	4e3a6078184907ae7bd25d2324a1d4d3122216559c0bd451056a374d3eb29986	0.00%
2023-06-14	7yQCGFu2m1Xc.js	js	69431eb1fb446dd86c0e155746b816da3b91ef8b46df063ab17c48dcd210549e	n/a	Quakbot
2023-06-14	docu_CF097_Jun_14.zip	zip	0a996d5b05d81fb90a9d9d59e5477fa060cdc0c5a57c1012eb3dac5bb9e49400	n/a	Quakbot
2023-06-14	7leyLefUWx2sdf.js	js	0ec076e646a6a43d641036e033a038fe774efb92da652b618515c35f7aea76bb	n/a	Quakbot
2023-06-14	SVBnaxZLzhrhkY.js	js	a1b497bd1aced6b5fee5f8047389f7ee2356a9a964c8e5ecb4456cfdb4e66b46	15.25%	Quakbot
2023-06-14	F5WaGVReLXmi1.js	js	3dc6376b466935f3e4274c9b2512a32fbf78081607bbb34764f18674b3f487ee	15.79%	Quakbot
2023-06-14	LBwdkF3na7Y2.js	js	978259ac07ee66dcc817ab3d39ba82672a31ad51ebdfcf56024bba26859dbaee	1.72%	Quakbot
2023-06-14	nmV4mshfVwKnFB.js	js	784399d6d2e3875a39ca8acaabbdc39a65ab09bb8ae606316725238361ff2257	1.69%	Quakbot
2023-06-14	JG5BHo4wzSVKz.js	js	7841a17722296c7ab0cef5982fc317916d62b939bb8b350643eade96ac5ff9ab	3.39%	Quakbot
2023-06-14	e0RDWV3G9aAC.js	js	27caea170dece7169f1c5d9778c4c23a6b2d1e05518aa8b5f643349f20ae0ab9	0.00%	Quakbot
2023-06-14	tbzDKn7mRpEE.js	js	344a1e9b38709ad5b49622515847a46e9097620d10cd2ef55242fb68263b518b	16.95%
2023-06-14	drYPiOsgKA43ff.js	js	d7f93c007acdb729ac24d4761820b3ced62648e526e6371d353be39c663d6649	n/a
2023-06-14	XrCUi3s7h57d.js	js	958342a90502bd278b7e87d0eaec2224d8b4856a579385d30092496561d6638d	15.25%	Quakbot
2023-06-14	RF6RkjbXoHHSH.js	js	cb3e1f933184aa926916c16ca694a0999fe40084d1e5c337e8701a14e1945398	0.00%	Quakbot
2023-06-13	r5cz0pEHb6ArN1.js	js	5eea81f407b155be93aa48edd476f92d55970ae0345c6050704e37a100797936	n/a	Quakbot
2023-06-13	G0b66yOa9kD3v.js	js	b963868d82f7d86824006963e689109a63d9a98c5531e84a90bb2d25071b15e8	0.00%	Quakbot
2023-06-13	ia1PXomRcyyS1f.js	js	022a002f99460822964864476d3d9de4dabc165556d9cc242d6bd7037e02e4be	n/a	Quakbot
2023-06-13	QfpFkvvNhO7S.js	js	457a814a86507539b3cba66c89ffef0fc5a9368981ef445f27813ccb05f2743b	n/a
2023-06-13	EE0XR2vPjygZ.js	js	62e19a10016116eeda057ea57be07429e37d899d590237a0066002722f46bdc8	n/a	Quakbot