URLhaus Database

You are currently viewing the URLhaus database entry for https://gpshelpline.com/rmco/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2625281
URL:	https://gpshelpline.com/rmco/
URL Status:	Offline
Host:	gpshelpline.com
Date added:	2023-05-05 14:13:12 UTC
Last online:	2023-05-07 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-05 14:14:31 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	2 days, 7 hours, 9 minutes (down since 2023-05-07 21:24:23 UTC)
Tags:	BB26 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-07	Luwappje.zip	zip	d57e120e01cd45a813d0d8ff2f7511221800c27c49b0fa15f8e3a3bf6bd23e71	4.92%	Quakbot
2023-05-07	Tvsnms.zip	zip	19c5701a28448549c38bb788030652759f99aa232e3848f68882fcf1f330bb45	4.92%	Quakbot
2023-05-07	Vsynmyqg.zip	zip	6518f93ab580fe9ca638c026591c15e2ed6cd9c8a9987558ac74f4ba0c2401a7	4.92%	Quakbot
2023-05-07	Jxuw.zip	zip	c18329636c4e6e548863ca77441ff407a43cf0c9cf14cb5bcf6964fc7ef02a59	4.92%	Quakbot
2023-05-07	Kkuz.zip	zip	d68f13bc5ae4a2874879c8a37654b937893b85986a336eb87d55e14fd11d7ba7	8.20%	Quakbot
2023-05-07	Ggprgkst.zip	zip	8ac22a6c4e40b97c4a0d7e8081cceb1ddb6ee6cf5acb0f00b19607c4ef7654fa	n/a	Quakbot
2023-05-07	Hxrto.zip	zip	822d3e2270b19658d07109e047cec13b732c2caf5ef22b49bcca1eba8da3f132	4.92%	Quakbot
2023-05-07	Fhkukhzy.zip	zip	841e19efd16aa4e41a72f57a167031ab005dc8a8629dc2917f23f3c304041c22	4.92%	Quakbot
2023-05-07	Ixunea.zip	zip	867101ad83bddf6911db0cfa89cec06b9feea601ad74b822343f61175de7e87a	4.92%	Quakbot
2023-05-07	Pfss.zip	zip	e358ae8cfef3715edf028d3ea5756267f9cd960ef0b30dab9ebfaa191a11f940	5.08%	Quakbot
2023-05-06	Ykpch.zip	zip	dd1b415aee5d177621f4eec8349801a263cfcc1e0219a52a02ebea3c18f31b31	4.92%	Quakbot
2023-05-06	Esziu.zip	zip	4f45b51779cff7ab0b2118917371205db9bc17e491d70a145cf36542b60b851d	8.77%	Quakbot
2023-05-06	Dohe.zip	zip	759d25831da15c9cf28c33f494bd1dc760e54f38d61278c91ec3375a3c491a22	4.92%	Quakbot
2023-05-06	Ttghzxyf.zip	zip	713cf6354197536fc9aa79c1ad294199da25b311e7a4f238a66b17a71a33432d	4.92%	Quakbot
2023-05-06	Ytca.zip	zip	1681ad740eb37f7e51f342babbb6d08877d6eec0221e93f8212902df3f3ce074	4.92%	Quakbot
2023-05-06	Czyk.zip	zip	e75fd09d41f41605fd606cb89b32fcb1816812999215fcf09294ee3a23ef7962	5.00%	Quakbot
2023-05-06	Onlccuy.zip	zip	abc73899a384506906d3a8da81b17de9faf92f7c5f27f451670990e71c8a6070	4.92%	Quakbot
2023-05-06	Biacwy.zip	zip	58d408ea8998a444d1c228cf973e276d5c78f67a9e1d0af783f54bebce378bf4	4.92%	Quakbot
2023-05-06	Jbnovyo.zip	zip	797b7f7ebdc5c027ff7ac35a0ebbc3fb1d5f232243f61968c63fc339b59ea65a	3.28%	Quakbot
2023-05-06	Snnsl.zip	zip	c1c16e589689330197b241318df071b5db57b0dc0a575c3ec820df480950c02e	4.92%	Quakbot
2023-05-06	Asjz.zip	zip	21c091c5c1b5cb8a97ba7c98116fb075058fe2f1b78d66be6ad242d5cf07ea4c	4.92%	Quakbot
2023-05-06	Hfgbqmyz.zip	zip	5bc0e7574b67c100ed5f5a259a63a7785adff2bd96852bf3821b5aae7ad194c3	4.92%	Quakbot
2023-05-06	Ssph.zip	zip	f53995daaace64991b85863ce0d5db9ecae2de7a0069da866ef7b3fa3cb90302	10.17%	Quakbot
2023-05-06	Tvbst.zip	zip	83101dc1d473215fb885bc68d4fbe8e15548208890a3c5698db9fa023140b575	3.28%	Quakbot
2023-05-06	Hdvtra.zip	zip	37343b385c1a84bc82dd38e6eebcec742cbd983fbc1bd9d48393dfed2dc560a3	8.20%	Quakbot
2023-05-05	Qoib.zip	zip	7b7b7b5c0e6ec07fa11d6b0eefcc5f269fb2b5521fae252c2856c53db464d010	4.92%	Quakbot
2023-05-05	Bnwd.zip	zip	ddd6ebeea38aad8848560b718ca8eec7d979e5d7439e797f600aaf000a93634a	4.92%	Quakbot
2023-05-05	Txpkdux.zip	zip	00ffe8912b0fef69452bea1c7faa285a320bf51eee0fffa43851fabac94b1bd8	8.20%	Quakbot
2023-05-05	Ybqkgp.zip	zip	cb74b6407d59e6aaad69973cb88e5edfd86def420554112e05c85f00f1b69634	8.20%	Quakbot
2023-05-05	Lnmtgdr.zip	zip	e67557f8981089c15823dfc69c1e7509a88ae25fb05c8b5ad08fd60744775270	5.00%	Quakbot