URLhaus Database

You are currently viewing the URLhaus database entry for https://visualmed.org/ud/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2667420
URL: https://visualmed.org/ud/?1
URL Status:Offline
Host: visualmed.org
Date added:2023-06-20 11:54:00 UTC
Last online:2023-06-22 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-06-20 13:29:07 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 7 hours, 36 minutes Poor (down since 2023-06-22 21:05:21 UTC)
Tags:BB33 geofenced js Qakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-22Yd.jsjs 31e3c097d4c319aac7d09c81bd966ccda6862a7ebb671a2cfa0358304c175435Virustotal results 5.08% 
2023-06-22Rsbot.jsjs 7e042c9f494639e34798f53d043073ea7f98f30914683d4d74bb27cffbb73696Virustotal results 1.69% 
2023-06-22Fbh.jsjs c03d7a9650bb591c9d4a8d984bde6641be4af41d18b87162d09df7406f15a71fVirustotal results 1.69% 
2023-06-22Mwy.jsjs 85b288e39884cbe756bc50f3bb506ad9a4c7046d85d6d86f74932e591138c35bVirustotal results 1.72% 
2023-06-22Kjdls.jsjs 1e41c956c097afdb4c54d330c5af447fe889447cb941124b394b717cf356e7f8Virustotal results 1.69% 
2023-06-22Iyupc.jsjs 6171517b4daab634b7a46cb4812d3fcc5c3aa255b8fc887532df963b0c0ff80fVirustotal results 1.69% 
2023-06-22Brw.jsjs 6ac572deb6f401da7249b3ce9e8e42d8b2689833582cb76e19d62999f52e6dc4Virustotal results 1.69% 
2023-06-22Wlivt.jsjs c84f3637820bc27bb1c35604a87082505f3d7c5abd283a23493ed5b1707dc6dcVirustotal results 1.69% 
2023-06-22Jfxrh.jsjs 00d2b9b0a6e1740e1c8a5a3424dfa35780a47cb3b3247199cdfa853ed23f0c36Virustotal results 5.17% 
2023-06-22Hn.jsjs b5eeaadb95a58ebaad2aaae244c0ebd3f9ac5da15f48c688c263164be176c901Virustotal results 1.69% 
2023-06-22Iyntp.jsjs 75716f1e6cd2c675a4350165989062f3cb98b8899dd27a01cba6c21244d44effVirustotal results 6.78% 
2023-06-22Rbp.jsjs 8b7e4a0a6106207fb1f146973ed12d0aee9c250dbb2452c5bacb4ef9c18741aeVirustotal results 1.69% 
2023-06-22Nojsg.jsjs 661cbb203766699b1ecac0bcf525a7e01085d311e7afda69f6bde2806282c60dVirustotal results 1.69% 
2023-06-22Lzsd.jsjs ef309ff9487c9e28306dc258d564ddab040c3bf0d063f96455c9fddf5fec4729Virustotal results 5.08% 
2023-06-22Xvibf.jsjs 1eb14af62b3310dd72313a682381c1ebd02fc546c7e2f0ab971e064585ab893dVirustotal results 5.56% 
2023-06-22Vvzcp.jsjs 899adbf98af78e223e21a3b9c5e8a297ee5cf17d113492bd35eb49c43469f35cVirustotal results 5.08% 
2023-06-22Timl.jsjs e65ba4eeb525d4ed6749fd8edf598d98e0ae3791cd1a00b97c97fd2588bb8dcaVirustotal results 1.69% 
2023-06-22Uy.jsjs 388a5c379fcf72e83240702d72f1161c5d65a4b9f93cfe053ebcaeb9af0c50d9Virustotal results 5.08% 
2023-06-22Odqv.jsjs f0a431269d13641fa5c846647b572f0ad198a08bce35b78696e23b5fea5182f1Virustotal results 8.47% 
2023-06-22Pbx.jsjs d2ebb8febc22109069b4b481523295776a853cf88c082926b1ccd22939cf1ff1Virustotal results 1.72% 
2023-06-22Okojk.jsjs f9255e8cc8dd2b7d6282a5882d372b8e813de569add3bc56c53d85502a9a4aa9Virustotal results 3.39% 
2023-06-21Qdd.jsjs 54de3e8b55e3293e8f8617dd2d7e2fd7d064f8cd54c9245dee80b9e872c0bd03Virustotal results 1.69% 
2023-06-21Uhwl.jsjs eeb263c7e1ffeb1dbcb471f9fbd09998ff3ae20e64c13ebf99c29378935c8ee5n/a 
2023-06-21Zh.jsjs 954d42481f56ae5488c2072b230bffb196255aa9d927f9b518c6f77c3feb54c3Virustotal results 11.86% 
2023-06-20Kzn.jsjs 129879c351d9b81d59dcff81a7057264388b39b2a3fd234af06420e633d07e3bn/a 
2023-06-20Hap.jsjs e322916ac41e4182054a8acb7a2cb1139ea0f7be40069118a2dbdfefd4e821c9n/a