URLhaus Database

You are currently viewing the URLhaus database entry for https://onlinebazzzar.com/ls/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633571
URL: https://onlinebazzzar.com/ls/?1
URL Status:Offline
Host: onlinebazzzar.com
Date added:2023-05-16 11:25:19 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 11:26:45 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 9 hours, 46 minutes Poor (down since 2023-05-18 21:12:59 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Vwjqrk.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Tfar.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Rvdntrc.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Akctxf.jsjs fb02e897ba95818d307d0933ef70e4e987deda0ca1af259cc1239c4795c29a79n/a 
2023-05-18Rgutpg.jsjs af020f4121ed33dba057c101c7d8fb714a2c96c883601c63acf7dc505818a5a6Virustotal results 27.12% Quakbot
2023-05-18Qboc.jsjs f744aaa7347e22e22b0047605341e57c431a9dbcdd028ca5713a221c51107aa1n/a Quakbot
2023-05-18Flrdlf.jsjs d4d054686a5e084363a71c69d138897e7b35fe3a4008cdd377ef2a2121799d11n/a Quakbot
2023-05-18Emdxoh.jsjs 08a4ded15b1b100031a7d4d5816c32a45f5bf29a74bb677f99634db21d3cd646Virustotal results 11.86% 
2023-05-18Gzhjap.jsjs d6cb8ae70d4f102ac987c9de47abc6d962e10fa9755d74ea54a68edb6173dad1n/a Quakbot
2023-05-18Ummwapyj.jsjs 13efaa86942839a33c87960d6b95861ace793c07390276ffb3d9329cfeb07034n/a 
2023-05-18Aksrge.jsjs 1d6e41a96832fff256d4c07d7cdb318a251230e1445351f5ad36b87ce958bf1dVirustotal results 25.42% Quakbot
2023-05-18Kyay.jsjs 32191ec86c3fda99957a4e78362b4bad01545ffe830b5b5c5c32ed9c92fc58ebn/a Quakbot
2023-05-18Hbte.jsjs abae955795961dc369ba3d41196f2f4238001efcff8a2dc429ababf4821ca7f5Virustotal results 22.41%
2023-05-17Ioai.jsjs 66a44d6ecc0bff8550c4f8fd93b40851e019bac6297339dd180d268ed9bba451n/a 
2023-05-17Zvnvvha.jsjs 294b64c51f30b3884a2067b27a59ddcf4f5c3284a38a7260148eca0e86061a53Virustotal results 25.42% 
2023-05-17Nlnrti.jsjs e34af5d0c51c9f5403ca9b2aad48f7f772322fade0dff21b839a90ac6420cd87Virustotal results 27.59% Quakbot
2023-05-17Zjonnqv.jsjs 1daf295e083f68a10f9527a63f47ad20185bc445825bbe8e6b92086996eeac2eVirustotal results 29.31% Quakbot
2023-05-17Xvrw.jsjs a569ce1eb1902d2edf7cffba78e832e764170e48ecfe81ac3adda07c5f42455eVirustotal results 30.51% Quakbot
2023-05-17Qpkoqv.jsjs a357a8a9b62674cff6660b76659f4cd36ccd979d44937371bde57235d81c392en/a Quakbot
2023-05-17Kozrcala.jsjs 8b2b3c3498bea970b5883a908b36e4437b9809a010cf2df44004264d33d66dbdn/a Quakbot
2023-05-17Ntcm.jsjs 4ba7a261773dd6aa6c26be500ee7e4a5f051346849455aa78811504c995c010an/a 
2023-05-17Crviqc.jsjs 6b33ae5febe17823fda059eb63c1afa4a024c70bad99dae9c30f389448314667n/a Quakbot
2023-05-17Llxsechy.jsjs 6d83d7059dc6b9f4a487c77957e2d29fde1207134ffc4a0633161f308b95e93dn/a Quakbot
2023-05-17Fezwrdt.jsjs e6c6b41d14c84df954b750ff89156ff4e2a6a02a8f2658d1671c890ab2413fedn/a Quakbot
2023-05-17Aryi.jsjs 6a3a2bf2cb53687bd2538fe2cd37e8677c453b412fba77b87803e2da9d9ba33dn/a Quakbot
2023-05-17Voyek.jsjs 04636b8bb4c78b5f93a4d193390a0a1889839586b9b04d36d937c51f87986300n/a Quakbot
2023-05-16Zaqptw.jsjs 155d6caec7caed6be9398516252bb5472a3f82b903907e9a6a10633acc0b0fbbn/a Quakbot
2023-05-16Zxnz.jsjs 782918dab620da54b81e9de4e55dae235e517c86920e755e2bb3849102304cffn/a 
2023-05-16Mllbb.jsjs 9c20630b5a16dab1418b43505b745637c364b044755e0f18693f502c3addb885n/a Quakbot
2023-05-16Eysvm.jsjs 9ea4117626307ce408e3dbb393228b691601a1d49c4d1f38ebb97e712f179d52n/a Quakbot
2023-05-16Nnndvvqc.jsjs f12c73206fa16127161188fe2af9fda2aee352336381f6659c6dd4b6877e7afen/a Quakbot
2023-05-16Omieoir.jsjs e388f718b23b57941281d31d4e929fde042cbcd47a786444fa59a3edabb30a55n/a Quakbot
2023-05-16Flzu.jsjs 456575b3342315c68b06dfb6157618812c62d7764d5986d672cf6b7e8d46fc8an/a Quakbot
2023-05-16Ckqgh.jsjs 088293b1772e89e3da75acfc5eb1a108dc3dc31ed9ed5b4dffdd989629dc0ae4n/a Quakbot
2023-05-16Ajfmng.jsjs 01e633aa0b48c062a7b2e80c8121af59f4a7d653e3846609cc80c3254246c119n/a Quakbot