URLhaus Database

You are currently viewing the URLhaus database entry for https://researchwritingexperts.com/eta/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633679
URL: https://researchwritingexperts.com/eta/?1
URL Status:Offline
Host: researchwritingexperts.com
Date added:2023-05-16 11:25:52 UTC
Last online:2023-05-18 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 11:28:22 UTC to abuse{at}hostgator[dot]com)
Takedown time:2 days, 6 hours, 1 minutes Poor (down since 2023-05-18 17:29:53 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Ocpbgfs.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Wbgr.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcn/a
2023-05-18Cmygrsd.jsjs 0473836cfc335949eae38f3049dd3932d818dc6cbbe8c178f72c74370912d088Virustotal results 28.81% Quakbot
2023-05-18Loevu.jsjs f865f1501145c736f9f72ffa6b3431effc20f094261818dfc60ace530d2aacebn/a Quakbot
2023-05-18Xsfdek.jsjs 9f9b7a0d9944437dbf0052fad1d08898979bd6c9a9d937a98cea3c757a5f15d0Virustotal results 27.59% 
2023-05-18Krqyyq.jsjs e4ec32150d6e87a71d76e7b2f71274e3ac9a2b263e4fec937fbcf4b766731192n/a Quakbot
2023-05-18Bfpmtqey.jsjs 3a2fe931e43de04dd026f5fa57590b2baf3539c2930e6d9239ec3a95a1ec6bd7Virustotal results 32.20% Quakbot
2023-05-18Hyhxjf.jsjs 3e31ea9bfd38c94deda13767d5f82b55906ac8a767e595d59f2fbc92588d23e3Virustotal results 32.76% Quakbot
2023-05-18Scdto.jsjs c977474e11ea0066144f719c48b4f2d5ae32da3a13eab7d64cb3433546b8d738n/a Quakbot
2023-05-18Aitklhrn.jsjs 0b26bdb33f82264e6ee139e028f16f756cf3c276a5c8fdc923aa5d5e2e385872Virustotal results 24.14% Quakbot
2023-05-17Aaondbke.jsjs 992ec3c1bccb3793a6ae36e909056122ef9e442c16c17bcf9d771c90b85ee980Virustotal results 22.00% Quakbot
2023-05-17Wmua.jsjs 6a36fcdbced70acfd047d3132e249ef81960cf97f62f9e391e672db0ecd19f13Virustotal results 27.59% Quakbot
2023-05-17Obryiov.jsjs 47f14a8b9c04f43e700eff818ff6490f28ae0bcba08118d1af9f0b06c96779a1Virustotal results 29.31% 
2023-05-17Sqgaydz.jsjs 245d8b4566da1f99cc5bba4998955421b38764ee0718c94a6fe8019674ccfcd1Virustotal results 27.12% Quakbot
2023-05-17Balwr.jsjs c98276273a209f91c3e1637785f0f3e59d5724b05ee395f9f32ae11ee5e8679cn/a Quakbot
2023-05-17Swnhl.jsjs 8ef706183443d30910cb1d411aa36e657e86119ff849b6a9edef4125b752bb92n/a Quakbot
2023-05-17Mcuvx.jsjs 3c65c87cf0e371c576074e364d5d415f782faa5f2381909a0cd1d6d3e16b21a3n/a Quakbot
2023-05-17Tioxb.jsjs 2878ea27fb0bf41510c5a442c350ea2d31a71ee4c1532dcabf74f79b9aa1b3f4n/a Quakbot
2023-05-17Ydlm.jsjs 59d16bd2cfc1d9f6e8a2151480e8cfc90c7aa9732a5ba9e3bfdaffb9527cb0d9n/a Quakbot
2023-05-17Zidjvk.jsjs 6da66818d45bd354d23bf7a314223952bc3e747ec7f9545fc4ba964de7ad10c8n/a Quakbot
2023-05-17Yrmafs.jsjs 1f1022ba67a4517209ce4b5df6466432d020f1cd1dc12b5006464e15e0fa5f54n/a Quakbot
2023-05-17Gbufml.jsjs 2ea97f1701d0eaf302094f103d9311483c26d63340d7872a977c37101a9b74dan/a Quakbot
2023-05-17Ljra.jsjs f5839c3f099556aa191ddc63cc9f88fce25513408442cd256dc5b5fe53e372fen/a 
2023-05-17Yfzhn.jsjs 89334bab4e0dcaa5bc6d98cfa784d550cc441c9328ee4d9ddcb7d322639ab2e0n/a Quakbot
2023-05-17Vobt.jsjs cb7aca22edc2f5c33f2875d6054c45c098d958f9857e79513f3fea21d159c4e7n/a Quakbot
2023-05-17Wmxjap.jsjs 2c1f1a35874c82e14d6d4034a859d6e29df027bf9af1ce5d4b6d70246001ea1an/a Quakbot
2023-05-16Whiw.jsjs 0d527b468d6008cc49ac568c2c5232c07ac91d45877aae13eaca5ffa650a3fedn/a Quakbot
2023-05-16Tizfnx.jsjs 563f4283d2d86c4bb80140359c8d0f817c974b4f193b43a964d9c84964eaaefen/a Quakbot
2023-05-16Wobbuhm.jsjs cb348e219e04a2c0a49fcab120b2031cd79ad448d134d5a85d33b61a45bc1bc6n/a Quakbot
2023-05-16Nrkmudxf.jsjs 108a463bd97568b33d625dc40bca3cb1823620df27454e1f864deb09b3fc9aa5n/a 
2023-05-16Hcjgwfpk.jsjs 31f132ca65777cfff43aba41bf3af4ed0df6c703f570e84a1011a6621c36e6d2n/a Quakbot
2023-05-16Rdapcnwh.jsjs f3d4fed0dfea50d6cdfb4558a3ee2454eb1f9b181357cc998825df6dd6c3a529n/a Quakbot
2023-05-16Zmub.jsjs 8678642e6738ef07747654af3a1a7a786814a90a4e5a4766d23dc5627b783ea1n/a Quakbot