URLhaus Database

You are currently viewing the URLhaus database entry for https://trijuddhamavi.edu.np/see/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2659450
URL: https://trijuddhamavi.edu.np/see/
URL Status:Offline
Host: trijuddhamavi.edu.np
Date added:2023-06-13 17:52:47 UTC
Last online:2023-06-13 23:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-13 17:55:16 UTC to abuse{at}cogentco[dot]com)
Takedown time:5 hours, 57 minutes Good (down since 2023-06-13 23:53:12 UTC)
Tags:BB32 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-13DfJ8bri42HpQ.jsjs 494c19d4a7af65d7269e2da910e0cf4e3c99a2884bd0c3df0744053a4614b257n/a Quakbot
2023-06-13SVBnaxZLzhrhkY.jsjs a1b497bd1aced6b5fee5f8047389f7ee2356a9a964c8e5ecb4456cfdb4e66b46n/aQuakbot
2023-06-13W8ybE7RcWZ0pBm.jsjs f45a4d83d31432e7d8b007b102b861265d1c226d9afdb67b758c9374c25b0800n/a Quakbot
2023-06-13INqV1l3nrTCH.jsjs 7d32715f3f8dc44578cb8ead94479208f0c0128cdcf337880d47a1dc5d1fc023Virustotal results 15.25% Quakbot
2023-06-13KyiTMlQGp1ovqb.jsjs 7755f78d3f440e957a66b636cdcd5de8b9cbf3592c1071db582f402665ecffb6n/a Quakbot