URLhaus Database

You are currently viewing the URLhaus database entry for https://terraskillsgesfoundation.org/eria/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633569
URL: https://terraskillsgesfoundation.org/eria/?1
URL Status:Offline
Host: terraskillsgesfoundation.org
Date added:2023-05-16 11:25:18 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 11:26:43 UTC to abuse{at}hostgator[dot]com)
Takedown time:2 days, 9 hours, 50 minutes Poor (down since 2023-05-18 21:17:19 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Vsvns.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Dijgb.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.33% 
2023-05-18Mysdj.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Vhsc.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Nzefrcg.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8n/a 
2023-05-18Feinft.jsjs 4ba994d344d624365faf73f17cc983fb12989b51c45f5cb8a7493129006f1768n/a 
2023-05-18Bibn.jsjs a0c936769d05f511e808dc9d178d44c1b60779ae7ad0e7424e520b2e75ce335cn/a Quakbot
2023-05-18Zngvppqz.jsjs 1a1943fad765d92f9e4afa5ae4df4ec80c61fe42d83f15ab13027ced2e33bbbaVirustotal results 25.42% Quakbot
2023-05-18Ubmlv.jsjs 16caea9932a7ec64a3898dc621d943071edcafd1ebf99fcda24e82ab6aa52733n/a 
2023-05-18Iybic.jsjs fb5908d59b642acad4cc8e4b40c8003da06b37e422221c358758d820f2c0a53fVirustotal results 23.73% 
2023-05-18Zxecfio.jsjs 67ff580532af15d6457fe1b6aa59886c46bd5c72906c86b58aae1e7aab70fa3dVirustotal results 25.42% Quakbot
2023-05-18Sapq.jsjs ba77ea0ae3afe4582d390d1930a3792bde2ba411df7e3c05ae156306c5cd46e4n/a Quakbot
2023-05-18Thrtbca.jsjs c56be3ec9c7d01ede485ea9edabc332ef3aa01f6ab679c4eb6231e1db79db675Virustotal results 23.73% Quakbot
2023-05-18Rodtmgfd.jsjs 47838303934003e958511bf93e4b40816c144d7ddb6c99ad7cdda7145ee5dcf8Virustotal results 24.14% Quakbot
2023-05-17Ccobudo.jsjs f0ba5660e9ba7e62c93207a7b6fd775ee56ae1fa8dfc2ece0f169a6e96076681Virustotal results 25.00% Quakbot
2023-05-17Vjragdgt.jsjs 66a44d6ecc0bff8550c4f8fd93b40851e019bac6297339dd180d268ed9bba451n/a 
2023-05-17Lbxgmwlx.jsjs fcdda21a712620d2dbecadb236b7ca8d2b6cef444f9848f2ac95622ed210a4e1n/a Quakbot
2023-05-17Flmsc.jsjs 148425d44762a381cbc5cf7c9e0e7fb44d71f7162439e78b219929274f34d19fVirustotal results 25.86% Quakbot
2023-05-17Zttcbaye.jsjs 6d9b8f4761b3d2b4e1c031cece4e6ae593e6a9e7de18a01dd28c1235bf7900d7n/a Quakbot
2023-05-17Sdgbfxtq.jsjs 6debfe0d45ae5dd2dc9622ccd7c9480a487bacf847087e1fc8c10ca87a65e7a2n/a Quakbot
2023-05-17Gtcar.jsjs f4aab5f2ec336df640feaca013ceca6aabc6711951f6b57d6807af65a01244e1n/a Quakbot
2023-05-17Ovvl.jsjs ad69ee278f74b30bcc2c229ac4c3df365ebe64fec813fcb823d4babb648db0f1n/a Quakbot
2023-05-17Wbgsb.jsjs 9c22301e19c3677ecfb8a8f27a4f7f62dbbd6c3fea61aa1c0da795ab462d4cdfn/a Quakbot
2023-05-17Cfpae.jsjs 1c7d6b4fdfa35845c3b853e3b3200e352c9c18e10c2b513fe14406a237e0f181n/a Quakbot
2023-05-17Ojjbma.jsjs 85a553aa1216ff843b500f84b81469bf9f26edc0b45bc0965ae694720fa8db33n/a Quakbot
2023-05-17Sufuuvaj.jsjs 6970d58e74adecca966d144fca5e1f39a7592a622c8a07f7e1134168cb966ff3n/a Quakbot
2023-05-17Qblaldvz.jsjs 1a704f84a741eb2b169c82d9ea61bf529ed8a3d04ab341d8fb7083e80bc72e88n/a Quakbot
2023-05-17Tqcb.jsjs 2d8145272ed7f17a3102887ee5e757ddd53723cd67d040a594c0cb97ed9b23c1n/a Quakbot
2023-05-16Yyax.jsjs 4d9536dcbcb6360fb9e5733d2ff80dd2dbf91e61850f13b618332b2e3fce9f4an/a Quakbot
2023-05-16Pgaglr.jsjs ae35cd74aaacc0851ac655548cd402f5fc378c445310d26083188b6b7b583c31n/a Quakbot
2023-05-16Rbgmmi.jsjs 3a8ee218c6164000c3f737823986765dc98a34c41ae6750a2add75948c168095n/a 
2023-05-16Nwly.jsjs 2aaca3c22c0ba96171fcd1d377ec6e9f8a0b740a215614c150bb702d9b8ff626n/a Quakbot
2023-05-16Wqohg.jsjs 4795b82edb156fa5a3098c07e3a02bf2532a86b3e740ba7f9debf2bcc1b02e6an/a 
2023-05-16Dteffj.jsjs ff2d4f223688e6e15edb0cbaf00dcd8a99f05c5ac2bacf08621f27354622dba2n/a Quakbot
2023-05-16Apswt.jsjs 4b42f0572eb215e144e0a7ceaf75aa59d9cd24a232143f2b6c00ed533f1f4f06n/a Quakbot
2023-05-16Dnfknsyq.jsjs f3292e7289e23919519ec857e8aa5e07cb06c136e091d44a8f5e1059e4bb0fc5n/a Quakbot