URLhaus Database

You are currently viewing the URLhaus database entry for https://topangacor.lol/pua/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2659447
URL: https://topangacor.lol/pua/
URL Status:Offline
Host: topangacor.lol
Date added:2023-06-13 17:52:46 UTC
Last online:2023-06-14 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-13 17:55:12 UTC to abuse{at}cloudflare[dot]com)
Takedown time:1 day, 21 hours, 3 minutes Poor (down since 2023-06-15 14:58:46 UTC)
Tags:BB32 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-15document_DE692_Jun_15.zipzip c5d3888a9dead90b7d714ba0aea8f8836c42871cdb593569d6e41e5db52990f6n/a Quakbot
2023-06-15v1oCDTwdYUV2.jsjs 7c70b175984f4599c7f195d34278d8402052a2c5b8e557b7e20711484037817an/a Quakbot
2023-06-1598SdHEsiIUOk.jsjs 343626a33125f38f4c8e4c09068907f358466b7505f323a453aa417824405323n/a Quakbot
2023-06-15yPjkzrlqF7i9Yh.jsjs ca44db05e3e01276c436eb4a30c6568d2a7c54467a0f93b7d68245a268c9b04fn/a Quakbot
2023-06-15bZEyqMRWdfuB.jsjs b62b8ad5a5fecb1b3b93966279130974e669c989dc6528d5b39d08a9e7cdfbecVirustotal results 0.00% 
2023-06-14cVBMZfyEGgyf.jsjs 061838f94b6d1828b8b340660624319c58bf930ff2e16e53c876c799245442adn/a 
2023-06-14docu_AD293_Jun_14.zipzip c85a567b5d69e7f6b396dcaa94b1451279b09424bb8b4a01de5d342fd534ea49n/a Quakbot
2023-06-14docu_AC802_Jun_14.zipzip 1d78bd62755bd25fb4c6892f99a702730ed4e113d78a88f48c219938ff2848e5n/a Quakbot
2023-06-14TKsZ61VHW1Qmlk.jsjs fbe947c2c15af059ff9859815330958f930174d5c0a7ade3ffa2ba0383910c3cVirustotal results 0.00% Quakbot
2023-06-14GWUBoiY6MFbss.jsjs 1228dcae8982bb3a8c2978af61a7368aa51cf155b7dd0a41281db56fe7042e71Virustotal results 0.00% Quakbot
2023-06-14OS3NR3Q073Bc0.jsjs 320b00d1b37b326c3ea175b31ab2f6c06d6da56545c455c1570eb902cc3946a6Virustotal results 15.25%Quakbot
2023-06-14V3DOeLqnp6OI.jsjs faf4254fb0b769d95733e7d0742a6087db84c8f33a59965427e9d14aa4290e59Virustotal results 17.24%
2023-06-14CRWtRxcpED8MZ.jsjs 91f26a2c82d7a9301552338b0e47cb2a68cbcbda679102aa0f30e58fbc532fc9Virustotal results 15.25% Quakbot
2023-06-14zE4ShhmCJjXx.jsjs dbb02169e20fe10876325788a39bc3f988e30728211464145e7613039da5e67fVirustotal results 0.00% Quakbot
2023-06-14cqAO3SAUlM2hrT.jsjs 57868e0242c976965cdcb9cf7496dac7f85889ceb0663ef6bcba7233169749c7Virustotal results 0.00% 
2023-06-14HiYLsDjAycE7eG.jsjs e9463170b553a9a93634d494cb40fa7cb1262eadac1d486ecee9acbee098cab6Virustotal results 0.00% Quakbot
2023-06-14NkjEK3pV0gdSS.jsjs a29e6a9e9c53aa408ad61177a73547ecd467f52cc238367f9ad7f2ad5f5a9313n/a Quakbot
2023-06-14Glav2CNFO2uHDh.jsjs 370f84b7e38ad48084a7c5bfbff69b4f3abbc16296e4cd66378d18b6ecd63a31Virustotal results 15.25% Quakbot
2023-06-14WQJ5Ev1oJMmtm.jsjs 5c666d42ddbf63e7b6e5256e360b9b627a8f6383db3b040c888ed662123ca8cfVirustotal results 0.00%Quakbot
2023-06-13s6fr5dJucGrM.jsjs b61f3d67e04969034efc6a92e626ee569936b15b07b8e994b860f2e72e0e58eeVirustotal results 0.00% Quakbot
2023-06-13bQXzB3HZtq5ZcF.jsjs 2822b52eac93cfb96273c9db5be40c8ec47f07e64de27ce116f4f024169ee82cVirustotal results 0.00% Quakbot
2023-06-13DcMhV62519tEm.jsjs 3f55ba89edc7119571a5e449432a86e46db42b02a85961e11a6e63b91514cc36Virustotal results 0.00% Quakbot
2023-06-13eriOF7tJmkQjB.jsjs 62425ee91a39bbf3e27e00b2de9c4f744bd0acf61268fec06c642e4a2ae7b97cn/a
2023-06-13Jr7BHbvqh10W.jsjs a373fd606aa390905c9942f09f50a6c7bc916aeb87426e82c291cabd34f6383dn/a Quakbot