URLhaus Database

You are currently viewing the URLhaus database entry for https://marebole.co.za/um/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2659364
URL: https://marebole.co.za/um/
URL Status:Offline
Host: marebole.co.za
Date added:2023-06-13 17:52:19 UTC
Last online:2023-06-15 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-13 17:53:40 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:1 day, 22 hours, 0 minutes Poor (down since 2023-06-15 15:54:31 UTC)
Tags:BB32 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-15document_DC168_Jun_15.zipzip d71653e41510add6260f96645705b4ab0cf4ea9dec940df9ce9963879c727e21Virustotal results 6.78% Quakbot
2023-06-15document_EF829_Jun_15.zipzip a33ba239f5afa262fe2a62b50a2d0c2a422c59ef480c623b45d733377e6263f4n/a Quakbot
2023-06-15Os66u2JenIQCgj.jsjs e4adf95657c8d9ea0302f0911cf65e7761ce3d4e8ad81d1bee57f371fe8b24bdn/a 
2023-06-159aWBGR1yRTw7z2.jsjs 3479f8d2e553cb45bf30ca6891512313eca9e6cfe20be44dc1f23a8a3ffa0c94n/a Quakbot
2023-06-15d4gLqx4gYBpK5B.jsjs c34a56a0f2d0162505b9f3fbf2b4579377a7765111fd804b3da20caaea2dee6dn/a Quakbot
2023-06-158e8hakHQaVFjY6.jsjs 32b74b9aef987c063929ea9e21295eef0516feb573db81131ad17cc4d448a1cfn/a Quakbot
2023-06-151oiyz5Wly99v8g.jsjs fe87d532372fb4f78feca368b18a5a7008787ee4f107a748cadb1f4bec13a4d6Virustotal results 3.45% Quakbot
2023-06-14jt6vjydxXOyc2L.jsjs 582d3d591d61930f1435654f21bc714eef558ad8f76dbb9111b1e5ca4bc7a95eVirustotal results 0.00% Quakbot
2023-06-14DrOafeT1YzapOA.jsjs ab784e81d8badc957178158f67712ec1590a366c91c460c615b2c6d72c34716an/a 
2023-06-14docu_EC312_Jun_14.zipzip 9e9b1086497db38c09eb1656166e80dee988374c371fd1486b7ac153f8b445bdn/a Quakbot
2023-06-14docu_AC132_Jun_14.zipzip aa759129343f21ccab5c67e77a2b210de0c80585b4d411b1f5dff9e82a5c786dVirustotal results 1.61% Quakbot
2023-06-14VqwoObEnguUAB.jsjs 9699fb4b5a460c02d05f85377271191d39ea526f91add8dc6dc2acfb74daefbfVirustotal results 0.00%
2023-06-14XGxip1yVle4eR.jsjs 5d08881aa3a04ff8fe738c44d7b2cccd96603a5c02629ce83036c6280774e64dVirustotal results 17.24%Quakbot
2023-06-14Qvp9KA6vRsxre.jsjs bb8759ef43fe68f47088825593a27fefe39693d115e9935c8d7c14201e0ac965Virustotal results 0.00%Quakbot
2023-06-14MgqEYfHy5j2D.jsjs 38a6586c4f844456e251c103e557855978c935d14429e42aee6e9f4431dd9317Virustotal results 0.00% 
2023-06-144IvxQxO2IfcP.jsjs 7925ad09738164468bba03f2540cb53fb9642c59a589549a26bc7838cf55cf5dVirustotal results 0.00% Quakbot
2023-06-14B2BnZLFK0PBhRi.jsjs 4304e41f662e2f2d1daf566caa548a3dd07c92147deee4e71ef1ab7028e2d723Virustotal results 0.00% Quakbot
2023-06-14PvW45L1ZR9ZJ.jsjs cb0f9659d6db0f642b743d4693dbb40655dcb22fe13d065d433939d37a5498e8Virustotal results 16.95% Quakbot
2023-06-140RLJ2jYCK9iZk1.jsjs ead7404afc283fa9220fc075a31ebc6e8ed89ac21a419131d1f48fb46b46ed10Virustotal results 0.00% 
2023-06-14wGPLf6J1zy0HUP.jsjs 58a104218ed7ece5c31800e1f1fdc76882c4f6a6009bee726a54579874e99460Virustotal results 0.00% 
2023-06-14YF3gPyYh7aZYWi.jsjs 37d170d57b5f82fc9d95a643c729644d9b44f06f248a0a26daebd1c54a0567f9Virustotal results 17.24% Quakbot
2023-06-14ZcfWDkeld8r85p.jsjs 3ee16b577ee32fab665db753b79031e1de22fd16c928db3f0e5000213409f70aVirustotal results 0.00%Quakbot
2023-06-13p6GW5N6nxRD5v.jsjs 9dc959ee18bb50add173d7d7579787e090cb0994ea7fce829fe2862f3d54ee2bVirustotal results 0.00% Quakbot
2023-06-13cmHIO5MbXKhvFN.jsjs 0421037bf8c72cea0d5d21c7ec0f9f227fcba9064c67c688f774a110943abfe5n/aQuakbot
2023-06-132Ld6UTiEEsoR.jsjs c68be9349047d743f4cfb1a611b2fe8e178211a43418d42f07c9c8c26553c4f5Virustotal results 0.00% Quakbot
2023-06-133OOhVGBfyaHnl.jsjs cc049dacdc64957bbf78ab648752227d2466c211ffd79afd2e121afa29679535Virustotal results 15.25% Quakbot
2023-06-13FxMjLMJKKx2hW.jsjs f430f567fd803a9912cf105f9a5a9cc2864a52bd7089bdd191e2a8c5fca206ddn/a Quakbot