URLhaus Database

You are currently viewing the URLhaus database entry for https://wettlanoneinc.com/uqt/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633653
URL: https://wettlanoneinc.com/uqt/?1
URL Status:Offline
Host: wettlanoneinc.com
Date added:2023-05-16 11:25:44 UTC
Last online:2023-05-18 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 11:28:01 UTC to abuse{at}deft[dot]com)
Takedown time:2 days, 7 hours, 59 minutes Poor (down since 2023-05-18 19:27:45 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Ghawhjod.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Nvowkiy.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Wynt.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Mnxzzhf.jsjs 154210a8b922e9628c6da33549ce95a899ac81c0127eb2a3deba3b7130f9d416n/a 
2023-05-18Axxhqz.jsjs 872a8726044bc6afb068028c44ba1376f7a3a6835147e080a9c5b7de41d634afVirustotal results 25.86% Quakbot
2023-05-18Ackipirf.jsjs 59eafea575993fa2b9b1a5a60ec2852f5cbda6491cc6c163e79d91e7fc9b1d7eVirustotal results 30.51% Quakbot
2023-05-18Lpncpu.jsjs 5b34cafeebdc336b994960dac5ba4fcb70877967e1b19443c512f0a0cabc1d75Virustotal results 13.79% 
2023-05-18Teeoisi.jsjs 724461f309ab96d511ced805b91951db475a6c036216777c4f4570a3ce7fbac5n/a Quakbot
2023-05-18Mcddrud.jsjs 7aabd12a63a4289e6a5f5fc62d866ed2ade8e917a6f2d203bdfd37c0f87ab265n/a Quakbot
2023-05-18Ewmscexh.jsjs 5e2610a338e8ef5c3c882966366fdd36d988d79233ad84071b96fe04a7ea18cbVirustotal results 30.51% Quakbot
2023-05-18Bqqgelqu.jsjs fceef22558799ba34afb830f44f63ff2d0386112e3506a24549d220e7ab2f4d1Virustotal results 15.52% Quakbot
2023-05-18Eewzlw.jsjs 50181b4f3b73fded444a5822e9aae57537b05f693c1a1887d0f8b54f0f597de3Virustotal results 24.14% Quakbot
2023-05-17Bnyqgkek.jsjs 53d2ace5dfd9b4384bcefcc9b7e2c0b6701053df124573ad3dc1044ca98e8398Virustotal results 31.03% Quakbot
2023-05-17Bleijfq.jsjs 50ebb94dd22b6d976b5ec46e2aaa6756dd807058f1a4fe1497d72c4a355b3c2dVirustotal results 25.42% 
2023-05-17Qize.jsjs 0f979704b112aec8ec69c28f0075d45f2ed1aa14ddaa3effca523aaba13f0a6fVirustotal results 25.86% Quakbot
2023-05-17Urplzofi.jsjs 753569ed5b6539685798c9810e39b6c67eab5c08103e0c79d4cc2f1c16cd8ac4n/a 
2023-05-17Yqlxyvd.jsjs 7a4ab56c0029ea06eceabbc4e8b9f005b37b97d1ea376ed3db95729269780e17n/a Quakbot
2023-05-17Hhdfgkyo.jsjs 3c39de1cdb595f8d1822395bd3cf9c81743a1b303cf7188cf41f49bf8c0005c7Virustotal results 31.03% Quakbot
2023-05-17Hdwjk.jsjs 0259d5d40b143ebaaf60af05f38a325f660c922eb6201a18e664d949c3be13a3n/a Quakbot
2023-05-17Prxnbu.jsjs d5e6e30f18f2d0670de3202c27c125583667cb6be60aee992f59e72d23eed864n/a Quakbot
2023-05-17Itfvewt.jsjs 422460443b28bbc69df44323932d66a0ed22d7d3c71e924c6225677a63f73c5fn/a Quakbot
2023-05-17Vivbsj.jsjs 8a254c8c2b2a62cfa4253ada24c6647281c5daf5ca16db346fb6a69e1bde22c5n/a Quakbot
2023-05-17Andpwu.jsjs 58d4498d010342868d4ead37fcd34d6652bcbe4fac9818444e1729ec9a573eebn/a Quakbot
2023-05-17Hddqx.jsjs 7fa94c7e2b519f4e5da505e4181ebe5011f66e90b382f4fd65f6633b0c1264e0n/a Quakbot
2023-05-17Modbf.jsjs b17dd2e0839c635c08819d4c28142a93096ada7d641c07d3ce49fce4e27a39fan/a Quakbot
2023-05-17Lmvr.jsjs 0da9f1e0dd561aee4f0bd7b261f50feabda411938ec14f3fae99e4a5aee0a7b0n/a Quakbot
2023-05-16Apynrh.jsjs 56e9e7fc3eaebbf79fa70c2697c82ec168881963d3d1e6021720fda4e299f2dbn/a 
2023-05-16Pgqfms.jsjs 8f1f6ff31d858616e983a77ed264dc6630b5bb23eb742581e8f56973074a5feen/a Quakbot
2023-05-16Zqers.jsjs 39c9d3d54921a9f2849ae7ca4d2900a982ce5bb2d9d90fddd12b3b6aee6dee2bn/a 
2023-05-16Nqabo.jsjs 51cb179079b2f5b14105c268c354a3dc7060bca15a6af0009a317cff7260df0cn/a Quakbot
2023-05-16Cnin.jsjs 1bb7bcdea1c633249e94703b1ebf747322fdf4cca1f0732aac029f1244b5e8bbn/a Quakbot
2023-05-16Mgno.jsjs d98b24bf9b945d8889a16816603ec8dc61f481558dddcc929674a7f90aae2608n/a Quakbot
2023-05-16Akbgyvv.jsjs d0d8cc3358e97efba3d0f43963b07eb28a3aaaf5327c3ba52d27bad253ac4215n/a Quakbot
2023-05-16Syxpcf.jsjs e280b4d6a6ee964eba67144f4a6dab167adc3910c8e4c631aa9a03db353d77abn/a Quakbot
2023-05-16Jerh.jsjs 6ccef57d347ac14ed7072ad656a8b21b5f964bdca1beb6b1dda728c65d291515n/a