URLhaus Database

You are currently viewing the URLhaus database entry for https://univisionhrservices.com/oord/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633637
URL: https://univisionhrservices.com/oord/?1
URL Status:Offline
Host: univisionhrservices.com
Date added:2023-05-16 11:25:40 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 11:27:49 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 9 hours, 41 minutes Poor (down since 2023-05-18 21:09:45 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Duxv.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Drolxs.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Dhjxfks.jsjs 5f9ea407f32d0d5c495be31838a9e41d576720428bbcc30c992e15565740f73bn/a 
2023-05-18Qxju.jsjs b76a46e9b0db483e342c390f25663222fee2e67cb7670205636c7ee748850b86n/a Quakbot
2023-05-18Htrzqprt.jsjs 3d234411a958948cb4805e18eb29cd95fbd93086ffda9ed636c6d322523b5e80n/a Quakbot
2023-05-18Dyvl.jsjs 2c91bde6a534aee746616dd47460479f4813dd91fa6b608246e4cbd908aedf83n/a Quakbot
2023-05-18Xxkb.jsjs 34bf72fbc4370971ff89c72391aca2a8a5b37aac3f1cbb8f2ab5480a3df6ae0fVirustotal results 32.20% Quakbot
2023-05-18Mfske.jsjs 3f14bbee3c8ce3a67b5dfc257b5cff8e6f131ed1b17c77a50e705cb44af1c616Virustotal results 22.03% Quakbot
2023-05-18Gqqfc.jsjs ca3503a47ca92c4d7ffd385bf6501e373e48cae6b42c99b3a1d08f7478278c12n/a Quakbot
2023-05-18Zhwjkeu.jsjs 456c54257858cdc9347b6b71444659a256ae3a000dc1c82298d0fc65ba890687n/a Quakbot
2023-05-18Zjcqaufo.jsjs dff43d93176f7f0b50d2b960680eb78be307c219d3a2f9b42d969390818a467fn/a GuLoader
2023-05-17Psjxxwa.jsjs 569b94ae6e9101918add0cbef52c7d0516b8faf8e79f3273d7d102982c544c18Virustotal results 22.41% Quakbot
2023-05-17Yysimk.jsjs ad3a510115f62b2cdabc978db56cb5d93c372bcf45b52fa39d4d125e1cae3caen/a Quakbot
2023-05-17Iwvv.jsjs 91f2349ddffafc85ec07721077d9d38a2ab0376beaf588950fe98bb16d3218efn/a Quakbot
2023-05-17Vumv.jsjs 1daf295e083f68a10f9527a63f47ad20185bc445825bbe8e6b92086996eeac2eVirustotal results 29.31% Quakbot
2023-05-17Xcdghxm.jsjs 4a6c21e15b576501924674558e19d80b23e2d306cbeaca7d496abf5b826fb769n/a 
2023-05-17Lfyuk.jsjs bc85062a6ed96ba55f83637c5941ebb10dd8734a7486eb2e716a41e21578b347n/a Quakbot
2023-05-17Jauhnh.jsjs ca42f27ebd7d4d5472c9652e26b5cd7d9f089e838ea85a8ac5f1c51b37e83e30n/a Quakbot
2023-05-17Hgrtktr.jsjs f616b3ee05207e77acb4d86159b3339e65b3a0ac7a5c30a68aa13b24b65f10fdn/a Quakbot
2023-05-17Deeu.jsjs 3c706e57f0af93afd93d2e6b81fbb1fb688a20c57c27d7b8b26e104aac3996f1n/a Quakbot
2023-05-17Sfvvf.jsjs 8038db28b225822520ca0856ac2079459a7b2a72efc002eafc9cfcf54cba3dean/a Quakbot
2023-05-17Qeisf.jsjs 695bd519834b80e28d7f75410a2df5c13d2316ebd21b2c40cf855c92afe55ce1n/a Quakbot
2023-05-17Fwduooj.jsjs c344d348c8fea0684cd5a1e7f12f5bf4aafe889fb08b2f86f7c09d7f39fd8ae8n/a Quakbot
2023-05-17Ysobsdek.jsjs fb9a5911627d4efb8708f9c60639153dd3e06a961c0d2f0e05ae8698c63d814cn/a Quakbot
2023-05-17Mngv.jsjs cec66fa49303ff9603123cd6131c6a06817469cdab54a0ba5755240afa6dde66n/a 
2023-05-16Ftlxxyu.jsjs 2fefa575b5a1285f910a9a3e35e97541a5d1d29d4fc3b1db3af5144779304864n/a 
2023-05-16Pdwx.jsjs 4bee3141ac0286cca0fffb03381e72028d328a4c4a6808b31ba6506fa1e4eb14n/a Quakbot
2023-05-16Xhac.jsjs f8540261bf3082428963c47b81c7cdda831cf990dfd62713def73aec0f3d25cbn/a Quakbot
2023-05-16Rirc.jsjs ba1321dc1e8e01c3fae8ae45dd46133e412e3edffc8b2bac6c977d4ff4c2c281n/a Quakbot
2023-05-16Yhlwxynz.jsjs bdab3ef3ab737a3ad2e0e23731c1610094412976a8986b940171c4957b94831fn/a 
2023-05-16Dcfuqjsr.jsjs 85d1919f8affde5e18a39524f0f204fd42e470ef3fe0165b24a0f1a19688c6bbn/a Quakbot
2023-05-16Jghlk.jsjs ff600231b8c4849ffa7d7e26a683dcf6b52a26ca3c246d2cf88e257c1b833311n/a Quakbot