URLhaus Database

You are currently viewing the URLhaus database entry for https://vulaoil.com/so/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633700
URL: https://vulaoil.com/so/?1
URL Status:Offline
Host: vulaoil.com
Date added:2023-05-16 11:25:58 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 11:28:42 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:2 days, 11 hours, 28 minutes Poor (down since 2023-05-18 22:57:22 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Cxezid.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Hoag.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Szvnlwwp.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Rtniyhhr.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4n/a
2023-05-18Rtbwzpe.jsjs 4df2da0e1a60159c49866a7e3899e305f80766c9bae6b676bf18955d4e2ee8ecVirustotal results 15.52% Quakbot
2023-05-18Mnqbm.jsjs 81c46b64d5ec7559ae3287d14b77e2574baf7808d818c8b6f2375da96a544c50Virustotal results 27.12% 
2023-05-18Vekcp.jsjs 81f0fe1ef9b350d79e5c368c2f73deec42c5a379bfbbe52f88c1c79ee481b5e9Virustotal results 11.86% 
2023-05-18Hrxh.jsjs 1c527faebea66510912a82a4ece923294f74fa2947ce89b48b9b341ade828e1en/a Quakbot
2023-05-18Uhrm.jsjs ca99a531b2e34c4f23683a2cf2f4a2e81bcb2cc4975ba287d0bc6ef71563472cn/a Quakbot
2023-05-18Rhosoxqy.jsjs d4d054686a5e084363a71c69d138897e7b35fe3a4008cdd377ef2a2121799d11n/a Quakbot
2023-05-18Lmghntzq.jsjs b11ddd3e32db780631dee2546f8eb8498cf1976976b4f9b6229279881aff3e12n/a Quakbot
2023-05-18Tynly.jsjs ef1c6b9ad4a7758ef25a4557fa7bf0a20ab6dd57c36474a91ef75620edd0974dVirustotal results 25.42% Quakbot
2023-05-18Glrx.jsjs 3f883b067422272c3b10eea88505351741b599d103f66676cb75912106735cfdn/a 
2023-05-17Flifsgbo.jsjs b76a46e9b0db483e342c390f25663222fee2e67cb7670205636c7ee748850b86n/a Quakbot
2023-05-17Hesjntv.jsjs 555220330c615686c8a042f7d99f74d150a132b4d580ce95d1a7b6db412b77eaVirustotal results 25.86% Quakbot
2023-05-17Qnmkauqh.jsjs 6cc345a8ad3df8d8da07821f31095f9c217201e0065038c5bb7e15aae14a9035n/a 
2023-05-17Ttci.jsjs 2805dc9f718f68c7daf0cae2b00b6ed8bd0a6e3a957fcf340055a17cc4ef7ef9n/a GuLoader
2023-05-17Swgm.jsjs b243ce7f5b24e6eab35ff99fcc718064f5897388b337460b05226b50e50b7dfen/a Quakbot
2023-05-17Mropx.jsjs 69d10bf1c18cc7df540de106a1056c5af79f8b60f1ffae762d06532cc84375d8n/a Quakbot
2023-05-17Fpno.jsjs ad9d5d545cd208607067a384f752e68873813a4863a25840901805e6778a5f43n/a 
2023-05-17Rdxqvy.jsjs 416c298fafc145778fe6ef2faf246724387491a2af70b670eaf200bfed47402an/a Quakbot
2023-05-17Ejjvm.jsjs d8070c892cf9e5301fba10a0cf2baa7077f87919dbd420c891948b104f5f97ddn/a Quakbot
2023-05-17Naycf.jsjs dfef2b7a259c6e0ccc9a97b34240a05fb89bbfa94c317a9901101f644924ffc9n/a Quakbot
2023-05-17Rwpor.jsjs edbcf69f86efd73f149d8379238bf876d46bfc895dfcc4f7d4849209bcf41e3bn/a Quakbot
2023-05-17Bznez.jsjs a2eb8da07dbd08a0749ddf1230516e0ed5bd460213f90b0894b5a32e02ab7fadn/a Quakbot
2023-05-17Uphtjgk.jsjs a3d19ef4f277cbb11a2870cdf69e214f48a1997df4d8f098b572902eb800512dn/a Quakbot
2023-05-16Sctm.jsjs 94172c9807a10c277c38301274101b8fe35a38f3f9d81eaf38d754ded15f693an/a Quakbot
2023-05-16Kldqn.jsjs 5823947eb37de69a0fa5b68a32ee3344a05fc2cd25520693c27191588d347798n/a Quakbot
2023-05-16Izxnpqk.jsjs 01c5f3a044eef16f11c270179a3f8e69915903e4701f3f3c3c26bf4c32ee8a8fn/a Quakbot
2023-05-16Uzxqlnvp.jsjs 76c3c08f1109207a2d1c0cbb3b3e59e3df31e0a21705df73749e08b08801d306n/a Quakbot
2023-05-16Fzzn.jsjs 55ac5135f35442e6f02ad4b193a18e92ddaaa3c86afa6edcac8fc27c2fc6b003n/a 
2023-05-16Cpwdvjse.jsjs dcfaced5e5be1b64746adae4e4263ab7267c831c5daebd68ffb9e7280cf669c8n/a 
2023-05-16Srngplqj.jsjs 5b32582bfe73e95e31e9aeb3614ffbb462de69195a074015b8d4d98c571914f6n/a Quakbot
2023-05-16Caka.jsjs a988511960021d338305e0aabbfcd8f6138d7abfa7bd74763db78a37edf7dd4bn/a Quakbot