URLhaus Database

You are currently viewing the URLhaus database entry for https://slleathers.com/mng/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2659463
URL: https://slleathers.com/mng/
URL Status:Offline
Host: slleathers.com
Date added:2023-06-13 17:52:50 UTC
Last online:2023-06-15 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-13 17:55:29 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:1 day, 23 hours, 48 minutes Poor (down since 2023-06-15 17:44:08 UTC)
Tags:BB32 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-15document_FD574_Jun_15.zipzip 5af899114d66919b0ec6cff2ae691dac0f3525976cc46fa53be43633bd0842c8Virustotal results 6.56% Quakbot
2023-06-15document_DF390_Jun_15.zipzip bbd65b92eb2b19dec3e2aa863e9d0e38e5c7488716d54019998016f7fc283148n/a Quakbot
2023-06-15document_DE386_Jun_15.zipzip 463e6fe4eb539842dbcb208fa8d54d60b83bada98887586dca16baf40c789c21n/a 
2023-06-15uQfT50qhu5E3yI.jsjs be229c95bfdddf89931bb90e5ebf5ba55025902544967ed8b16bffc0200ff9ban/a Quakbot
2023-06-15KeBaxfk8O6Ce.jsjs 9fba75907fe008815c8f2fcd6426d4e59dd628bfca43cd15d78a21c9f4c8b85eVirustotal results 13.56% Quakbot
2023-06-15FqwydPEAOQgV.jsjs e6bbd6c75e92fa4abb0f6bac404c93757652d834e36cce1113a39a8d6ed68083n/a Quakbot
2023-06-15iraYmLT2H0R6Z.jsjs 2a96464f3c0db5819f8df2a46b3893a3b7696fc189c39c782960a37ef8a1b078Virustotal results 15.25% Quakbot
2023-06-153IJo42ekXtkOqc.jsjs 994e5849e553e29401079ff0025997180b273b95d7a6f7ab0c68538ecbb22347n/a 
2023-06-14wPSHpDToI77U.jsjs 5df9007e7f84e15fad8092c19844788dd1e6d81a4a9d1a9b0096b2b76d5dc280n/a Quakbot
2023-06-14IWEhsPg39zu2DE.jsjs fbae37e554381f4eb322ff51b262041da8c1531168db8f35390add5d17cb4911n/a Quakbot
2023-06-14fXXV9AKnWVHPu.jsjs 2fe1d60736d8bf442e9db94b957f8f3b2c8b3e92ed9b9b95c920c9d4f94435fdn/a Quakbot
2023-06-14docu_DF409_Jun_14.zipzip 84f88781a9c3c60accced74763aac49bac2a3654f8bdf9fa12676262201a6927n/a Quakbot
2023-06-14TqKHBCgB5vMUe8.jsjs caa8ee5c68758233ce84cfe62a44ba27b70d18431e88605a935896ccee26c987Virustotal results 1.69% Quakbot
2023-06-14GhitF81q7YeWF.jsjs 2a1bbcde81a54fe5156996dc4b1413716e50c42e6ff7c2f02d5f3ca3c67ba4d2Virustotal results 0.00% Quakbot
2023-06-14MKMu4zKos6M5.jsjs 0cfaa4cb0879b9e5cc26481a9699c15f2bb6ceddb36099f93fb8178621448873Virustotal results 3.39% Quakbot
2023-06-14Em3U7860lOujQw.jsjs 3fc9358247ddf03b3ba91cd44c47b72dde88ab35e753d41d605b1e661b858f10Virustotal results 15.25% Quakbot
2023-06-14Cayo5pTo4b98.jsjs bf1521a3ec608512bfd3342d16e8c7392aa729827eaae6d681d4285a0dd764dbVirustotal results 0.00% Quakbot
2023-06-14s967uSCKGTfXn.jsjs 087305b668923b9ee0ffa50e031d1f44a8091997edac80ca0e0b3ae1426b6effVirustotal results 0.00% 
2023-06-145DI481JSQoMcs9.jsjs 4afdccb81dc19c7e07d908fa69535271c1aac8f2055330b490c3e1803d1da3f8Virustotal results 0.00% Quakbot
2023-06-14V30iJezZFCjXX.jsjs ccca70bc38f9c4f8832482f515ab6bb37f2d6fc7e459cb5114768bf05f378f96Virustotal results 0.00%Quakbot
2023-06-14Y7U0NQroXSikb.jsjs b9ffb402836bd3d588877a6c08f403f6668733547cd631d175d9ff91e19e5516Virustotal results 0.00%Quakbot
2023-06-14YtwAqoWz18aYX4.jsjs 8ee6d32025b0548e4ed6e55479f139e1fc07b9934ca1f80c870d8f714c7883a8Virustotal results 15.25%
2023-06-13mUyouXZZj4KsX.jsjs aa9a56b58360820ece0775ba743aa981a0e0ad24ac7c21a7377d051390802641n/a Quakbot
2023-06-13GTMQIbhrj47y4n.jsjs c97e4e9584e98a76b1bd6783f6facf831291ee87040b441a385227af8921af57n/a 
2023-06-13Zf9XEL6Je2Vd.jsjs b0a4887bd2cc2532abbfc931767cd93fc025b0d06f89e99ff2dd90e48830dce6n/aQuakbot
2023-06-13xKXJRgd6sRv6.jsjs f3610868f2d9cc100f7e1eaff98b6fd93c33283dbee08170b747fd9c48cf7facn/a Quakbot
2023-06-13NaxSTqUp7VGOCo.jsjs cf511c31b333d8e91a5fbde65fe820f6343954ee168d177476664a9aa8000721n/a