URLhaus Database

You are currently viewing the URLhaus database entry for https://twistedbroadway.mx/crrv/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2659977
URL: https://twistedbroadway.mx/crrv/
URL Status:Offline
Host: twistedbroadway.mx
Date added:2023-06-14 09:02:10 UTC
Last online:2023-06-15 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-14 09:03:22 UTC to ocloud{at}stablepoint[dot]com)
Takedown time:1 day, 6 hours, 57 minutes Poor (down since 2023-06-15 16:00:26 UTC)
Tags:BB32 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-15document_ED743_Jun_15.zipzip 16a4f516972c3a7a0de3d7e04d5289fdc17bb13762acc3ef9f38f0312d5b85d0Virustotal results 6.56% Quakbot
2023-06-15document_AC521_Jun_15.zipzip c9644657972919045e8f52080ec06b37bb730aadf1a11e54095459328e8b59a7n/a Quakbot
2023-06-15document_CA480_Jun_15.zipzip eedef75c9e4577fe16cc82ae8c668aa8152d83b893dbf941504f8754317e3455n/a Quakbot
2023-06-15IQsl2e4d428Xf.jsjs c5342a6453dd4fb7fc913c2a22e5b2944d8a68543429dd77caef6374d8aba7abn/a Quakbot
2023-06-15A455HCNBx5VXAA.jsjs a4b1aed2bcd2d9d966fad54b97a93aa4ebfa0bbdb834c7d3a4f8bcbcd093400fVirustotal results 5.08% Quakbot
2023-06-1500uptuRUsITH.jsjs 83b27be254fa17565d9ef46fe430273b85b142ab5a769f632d1d439e07e53eebVirustotal results 0.00% Quakbot
2023-06-14ExDGXpPMivyM.jsjs ba4aec5cefb37d72444616dd6cbc085e3ced12d5180706158f67e2025d4010fan/a Quakbot
2023-06-145KpWR7zMfIbL9l.jsjs 8bf9b1ba01c9ac542b665cab5fcf1a2118007d348c93728794bcb20c0ba533cbVirustotal results 0.00% Quakbot
2023-06-144DFL1pLe4ejLTE.jsjs b44c462a33a0e4aec866bc49b03ceca09d6f612bee74945bbaa139923e580bf1n/a 
2023-06-14L7goqq09rpaS5S.jsjs fe9b6bfe06ede6c4e531a5ea3b93934c4565c1fb4777862461e3a13bb3fcd263Virustotal results 0.00% Quakbot
2023-06-14z16q1lhMharXwY.jsjs a04d8254c4cc0defe1bc3f7b5ab19b1463c852fe259a73db104b293817f788ffVirustotal results 16.95% Quakbot
2023-06-14SE8cOlIGG1BkA.jsjs 90fb5559322b1ff47e350bb5f35a3a9f8d003160c47c9d4a86a121d8c2f708e4Virustotal results 0.00%Quakbot