URLhaus Database

You are currently viewing the URLhaus database entry for https://xpress71bd.com/igd/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633698
URL: https://xpress71bd.com/igd/?1
URL Status:Offline
Host: xpress71bd.com
Date added:2023-05-16 11:25:57 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 11:28:41 UTC to abuse{at}axgn[dot]com[dot]sg)
Takedown time:2 days, 11 hours, 4 minutes Poor (down since 2023-05-18 22:33:17 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Jcxs.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Cdykaz.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Killnzsv.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Csswvgl.jsjs 29407b217784b67b3f40c007f2c0c318a6cf7dd53d399f346fc606eb5607da75n/a 
2023-05-18Jxdob.jsjs 3b25f90c89baf6f99625ca1d4f78a40229fc722acd8550ff5ca31ff70b6042f3n/a 
2023-05-18Pwhsnlb.jsjs 502aa2d56dbba3e18971b863336aff4b696a67a0935ca0cc3d9186a3c2c8550bVirustotal results 32.20% Quakbot
2023-05-18Yzkcjmws.jsjs 94482ada3a27f9e8cf8f7b554597969eef03e0593d496ba95205fdf735ed010an/a Quakbot
2023-05-18Xqjsgvki.jsjs e4ec32150d6e87a71d76e7b2f71274e3ac9a2b263e4fec937fbcf4b766731192n/a Quakbot
2023-05-18Wczxsqrh.jsjs 020f938e3e5a80465883b947cf72e1604c794e693956eee1cc4707135129fd43n/a Quakbot
2023-05-18Iskxvi.jsjs 32b63b6f4ee01c7737a32e2bfd61aca2c688fdbd79e9455010a3a5506954ff0aVirustotal results 24.14% 
2023-05-18Hxfkvun.jsjs 170ceff8d051e5addeb6beb1128383fe814b7b40738b54c0f99409de5ccba2c6Virustotal results 25.42% 
2023-05-18Xhybh.jsjs c0a6fc4067da1b60a94f906dee1dd115392e21c209a0c86a40573a53c4a5024bn/a Quakbot
2023-05-17Wssl.jsjs 860e36fc5c8d21dbe486debbb3dc78ef1409446eb46d7c84b937f01cd3075364Virustotal results 29.31% 
2023-05-17Tqnvvdyl.jsjs a84a8c5338c73e889cff9d58c510657f8624b8deedf847eef71befacab5ed60eVirustotal results 20.00% Quakbot
2023-05-17Mueney.jsjs 08a4ded15b1b100031a7d4d5816c32a45f5bf29a74bb677f99634db21d3cd646Virustotal results 11.86% 
2023-05-17Ozauwplf.jsjs f33a199b902aff95c3dede5cbfe632298042593120c23bc925987f2dcdcfce53n/a Quakbot
2023-05-17Dafciws.jsjs 8e028afe5e530bff241456519d98c4afe35e4e8432ca6929cb4a327144ecb765Virustotal results 29.31% Quakbot
2023-05-17Fschymv.jsjs 4ec189841fea600476bff49f643d0877dcdc3e3050e54e56abc5a7c492ed00dbn/a Quakbot
2023-05-17Kbxkbbzt.jsjs f37d3c915b896922eed07327ecc8b944fcab1445d20c02c26c5aab8d91473b45n/aQuakbot
2023-05-17Ikerv.jsjs 4e0393ab312ec72faac41830269f00f1bf735c4d2cf6f370baf1b246b10a1a28n/a Quakbot
2023-05-17Fnvoj.jsjs f550f63688f53a959c2be6d0831722182fbef5604ceb8cd7fa81e89aaf9038cfn/a Quakbot
2023-05-17Vxgkyqp.jsjs 2ecfa7e4fe9b1816979e175474c29efe3873fb580a6cf934bc160991b957e32en/a Quakbot
2023-05-17Wouqmhef.jsjs c601e2caa6070548f34298367717c0c90f8664a28821f9b85a7b468b2ca8ce8en/a 
2023-05-17Dbectjzk.jsjs 2679d1b097eef0f5432923a64a78042326e5b7725716c6871ae89af805632895n/a Quakbot
2023-05-17Klnfm.jsjs e37f40e649c9963eda674ac51b3e6161bb6acddae9397c15544dd323296b1c93n/a Quakbot
2023-05-16Dffb.jsjs 2b6b5a8e76a111b2632d2a59d69d4157d3451e57a31fd211f7b84707c291e04fn/a 
2023-05-16Dhjpqil.jsjs fcc550b3876f83ccce3b3752913a9e642069f2b3b401d4dc679e20fe0b91749en/a Quakbot
2023-05-16Xspvc.jsjs 531ba110faf0ac443a92195c0c39f92f94aa659071c3e57ddc86f1bbd3e5a44dn/a Quakbot
2023-05-16Rnib.jsjs b4caefd63d16f7ad8c1327399808793d9654aba5f8589a0bb132ae9cd905e3a9n/a Quakbot
2023-05-16Guruzt.jsjs e1d564f670ea00ba217c88f519d474777831e10301a2b9997984abc3a61b1b90n/a Quakbot
2023-05-16Mynj.jsjs ac1d187a8203ce552aa7e208733ed4bae8551943ce16a48f0310435085427c1an/a Quakbot
2023-05-16Bpsykh.jsjs 3223db74916db466f508db90a37373caf697909a508553e967f11ccd866113cbn/a Quakbot
2023-05-16Hznbp.jsjs d11fa82668133e29b6776e031097af13a46c081b79d4c39a6737ad7bc9dc99cfn/a