URLhaus Database

You are currently viewing the URLhaus database entry for https://hesaplibiletal.com/luoi/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633712
URL: https://hesaplibiletal.com/luoi/?1
URL Status:Offline
Host: hesaplibiletal.com
Date added:2023-05-16 11:26:02 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 11:28:51 UTC to abuse{at}veganet[dot]com[dot]tr)
Takedown time:2 days, 11 hours, 17 minutes Poor (down since 2023-05-18 22:46:32 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Dqnaj.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.33% 
2023-05-18Rmromb.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Xtzfav.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Luqhegkv.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780n/a 
2023-05-18Xrfm.jsjs e378d6c2c0b5f5ad7404ae59dc73fb118bbc687f0b78b8526939d18e1a151bban/a 
2023-05-18Fyjywkn.jsjs a5f3d5a1dd9f57238b6a528792a0d6043f93289be9f4e2760c3549006c132bf8n/a Quakbot
2023-05-18Etxopgs.jsjs 0c7c96dd589f0bc1676f7af1371bc70cbf50d310293d070ff8e1fef3df4533f9Virustotal results 24.14% 
2023-05-18Ytrv.jsjs 2eaa6ab373b017bafebcf7e8d12609c6c9958b230ee8d4a3e4f96294f5ea826dVirustotal results 32.20% 
2023-05-18Uccvhowd.jsjs 8496ebcccb2676a1fb21ed0fdf36c320fabcf9036d275af7acc025b0182e7963n/a Quakbot
2023-05-18Uapbf.jsjs b3d737c721d3c5e7e58a28f076c7fc26e6ebaab2f08f52e645c645c0b8536210n/a Quakbot
2023-05-18Jnbxb.jsjs 0e713770fa4e2a4f457544637a3e0172325fd23e5f1120cded0547dd2236f70dVirustotal results 15.22% Quakbot
2023-05-17Dlpseno.jsjs cb852f121e9dc83aa982abacf01603aed7cf0dfd1ac5c52956539b688ad41539n/a 
2023-05-17Kkej.jsjs 1eaeb0800e5cf78a2590fb2ea6859c5f0bb66ad09354a079964ab9c7e6381781Virustotal results 32.20% Quakbot
2023-05-17Kccapeo.jsjs 4fc44d998f2dd5c9dd8a2b1113af13a124201f3cd8b1f55511976b52294ef5e7Virustotal results 23.73% Quakbot
2023-05-17Jkztyk.jsjs 7100bd0704b52e63e4581b308b07b43d48da5998a03a3ef43b8e78bf0d855d17Virustotal results 25.42% Quakbot
2023-05-17Ryae.jsjs 6d9b8f4761b3d2b4e1c031cece4e6ae593e6a9e7de18a01dd28c1235bf7900d7n/a Quakbot
2023-05-17Gokmjf.jsjs 71399d25c8497d7f81c87b8f5ec8d5071d8a62ac85ee254638bf8d24feccc5adn/a Quakbot
2023-05-17Vhcejvv.jsjs e82f04f537f593c6f5469d18db6332febdcd169b2dc920ed7619f9edab951f03n/a Quakbot
2023-05-17Zgrktfxa.jsjs 2e390e1299de680801e5969e46cfca98d05394034567c06f0b89f7c40250126bn/a Quakbot
2023-05-17Xsjt.jsjs cf4f651166bff1ac31c87b40a119a1bd40f6ffb437fbebce832c7b91f9a71a20n/a Quakbot
2023-05-17Ufgy.jsjs c64600be56e0cdb2a265d004d1b3b3cfcef4928a02541e67761983b707985cf6n/a Quakbot
2023-05-17Fezz.jsjs f37ac1ea5f3e38b2014e23c641609b27626941b3219a739f32c600cfa8b48473n/a Quakbot
2023-05-17Upltnnl.jsjs 1853b6e382a7cb402a5a9caad95a975bc6f38cac870ca2c3c54e8b8a10801a5bn/a Quakbot
2023-05-17Dollsa.jsjs 225fb55beabf413cfb700c5e925a802e3c3c3e5da17104d5956ac1a2a6cb7ca8n/a Quakbot
2023-05-17Hnlu.jsjs 6fa1c09469c08b8fac0437aec2f917ef3791e7a6fdb06224351af66d6ce37e44n/a Quakbot
2023-05-17Jenltkg.jsjs 4c19e16261e93d4a394bd4eff4c8324c4e5571a1d19a5f3a5332b08928957c9bn/a Quakbot
2023-05-16Skavie.jsjs 925866eecd995b75144876ffe63d363a61a8c90f96feb9806b2eb98b6c59775en/a Quakbot
2023-05-16Kqwew.jsjs dd5bf784db2ec211e2f815173996cb62892b389ff7badeccedddab3d6908b18an/a Quakbot
2023-05-16Jgbwycw.jsjs df6444025683caac73fabdfef82960969af84c87bad805e663b9ae3fbaf75e79n/a 
2023-05-16Vodugaxy.jsjs 6636cd26986ccda493612379968e77a9953d254a2364eb87c79e6a7b1f3f83f4n/a 
2023-05-16Jkth.jsjs e6ba5c63f5c2b164add266d2f4ed9410ea49ad4aafd093974b8eb760e0fb06d6n/a 
2023-05-16Jqpsl.jsjs 103a21833538e2eaa7fc99a0ac72414f813a1e3a48d8255c27449099f44cb623n/a Quakbot
2023-05-16Asxmzoo.jsjs b6147981d9ac3f03bc780242fddfae2e9b4fceb9978dbd84b3e5175d82619419n/a Quakbot
2023-05-16Kwtkv.jsjs 0ddac4cf58e211c3bbf556fd251a1a7eef98f7704fd82fabec0bbb9e66587d4bn/a Quakbot