URLhaus Database

You are currently viewing the URLhaus database entry for https://meuniversal.com/luop/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2659429
URL: https://meuniversal.com/luop/
URL Status:Offline
Host: meuniversal.com
Date added:2023-06-13 17:52:40 UTC
Last online:2023-06-15 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100132780 created on 2023-06-13 17:53:06 UTC)
Takedown time:1 day, 22 hours, 0 minutes Poor (down since 2023-06-15 15:53:40 UTC)
Tags:BB32 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-15document_BD189_Jun_15.zipzip de83809ce25019f35da98058bd9e266988818ccc6c18f05c95058ef3316dd1b7Virustotal results 6.45% Quakbot
2023-06-15document_CB481_Jun_15.zipzip 68fed7df233945cc5b159ca1297236f31b89806ab0d18264d76451a07c37984en/a Quakbot
2023-06-154EL8wQuMKiVH.jsjs 31b5863d94364d4be5388873c655559a44e082424bda156e78f9eced0831dbf0Virustotal results 13.56% 
2023-06-15bYjdMXPt9rVan.jsjs 841a95696162f35b504d2e603897ba8de29f6ae68600f10294f200862d3b6aabn/a Quakbot
2023-06-15EDHq1dKmFdgC.jsjs 1d652f9cb89aa803da720d2f117b92e95bde07c63c6b65f51cf367c5db7c67edVirustotal results 16.95% 
2023-06-14g3ieVE7461D4.jsjs 967d0effaa55efb4d57d1186b42ed722553e8eeab51d0799b03e2684a9ce134dn/a Quakbot
2023-06-14W4rFrbax5Thpd.jsjs 1f9aec5a67f9712f6a741ae65d92ee5a5958f8594195c27d190b48108fde8c87Virustotal results 0.00% Quakbot
2023-06-14docu_CE143_Jun_14.zipzip 3c4c7916c8722f3cf0b27f01672b3d1e1706761d481076e5d97ed3b94ca03108n/a Quakbot
2023-06-14docu_AC819_Jun_14.zipzip b69c026c48586eb6ea96ba9c8650b22b77aa0814d766cf5e8b05fd4f79d6baf2n/a Quakbot
2023-06-14z8mHKXMyMJip.jsjs 6ab57f9ef0b8a8c9e4a49e6cb32c7dc5e38026a1f1c9462fd4f53a78560d230dVirustotal results 16.95% Quakbot
2023-06-14vSldW5xKOkIiI.jsjs cb9ceff854f530e605ee130c734483e6ca0f19e7fbb60f10ccf0ec9a62c8518eVirustotal results 1.69% 
2023-06-14L3TVHKpg6yfhD.jsjs 7fb0d0d006fb2d1a05576482a1acdfdd21d674d14f989933f67a5d2f594c7b30Virustotal results 0.00% 
2023-06-14N5HWbSLuuyIsLC.jsjs 52bb11ce6f9126bca631c0ba9116d446457e2dd77d29a343e5a300e0e5303b46Virustotal results 3.45% 
2023-06-14GtNP8bGenj6cq.jsjs 3f4e92891bd95d21afd010216b510a9854089bf33da969004131aacfb4157767Virustotal results 0.00% Quakbot
2023-06-14G03qchyWt68Yi.jsjs af8f3a0dc966d4a3c5f5723c89db6964157a3bed592c471083144a5424b42cb8Virustotal results 1.72% 
2023-06-14ZUlcPumzJa2C.jsjs f22900950309f35a43540587d7a68e2811a55c47791e0e2bc74f7cce84cd6b39Virustotal results 16.95% 
2023-06-14zvOk79GM7Ib67.jsjs e54de6391dc3d071895ce3b79273e61dccfbffb8d7584f04399258601d5ee4b6n/a Quakbot
2023-06-14VWUu24oLRH7sz.jsjs 7655dca0c6b6e1f781e4093ea11a0fcd61bded9b40d8fcfce85aa4ee3c360929Virustotal results 0.00%Quakbot
2023-06-14XibV3kFdRqNzBI.jsjs f71d30c1de2bd1e746b4d2d866804d7f4a8dc3df95760c8c40afebcd300106b1n/a Quakbot
2023-06-13A795Twp83dVuz1.jsjs d6e9212c85de9d72891dee0d7f8514417581aed4a91ad10f9e779c7cde7d52aen/a 
2023-06-13p6GW5N6nxRD5v.jsjs 9dc959ee18bb50add173d7d7579787e090cb0994ea7fce829fe2862f3d54ee2bVirustotal results 0.00% Quakbot
2023-06-13bZhWTYSzoTuiz.jsjs 34eaf742d49a5ef0b40e705fde1a2780ef70ce88d0d35d473112002dbb75322en/aQuakbot
2023-06-13Sjeq7vH8HEmx.jsjs 155edabd201cd66924836287c83f653e09c7ced1cbd3af8084eb9bfad9680d0cVirustotal results 15.25% Quakbot
2023-06-13IgABP14Sb2o9LS.jsjs bf6bd90587cc1646ab66519e30a7343bfce159ac0469a186f082fc5011e4d1b8n/a Quakbot