URLhaus Database

You are currently viewing the URLhaus database entry for https://gasak138.com/totr/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633720
URL: https://gasak138.com/totr/?1
URL Status:Offline
Host: gasak138.com
Date added:2023-05-16 11:26:04 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 23:12:06 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 9 hours, 34 minutes Poor (down since 2023-05-18 21:01:20 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Mvnyai.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Siqcypgz.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4n/a
2023-05-18Jrevzuv.jsjs 6cc345a8ad3df8d8da07821f31095f9c217201e0065038c5bb7e15aae14a9035n/a 
2023-05-18Cxlwhlh.jsjs b4bbe3eb6f77c745b1c296728e15c69c6b766df2aa51d6d745ce4e5fee415e06n/a 
2023-05-18Hglgwih.jsjs 3fe82998dbbd1b56d6f2bf670fec8d276ac794d97facd50002a2cae0c1f41b02n/a Quakbot
2023-05-18Jejlss.jsjs 0af9a445f31e51c20a58fad5f35d353da59c49e684bf1db02c436c4d7f7f18a6Virustotal results 27.59% Quakbot
2023-05-18Ftns.jsjs 479435405ce11b58fbf16a8d7d4f3f1b2d8952718a2dd79f8c0e4ecb91176be8Virustotal results 32.20% Quakbot
2023-05-18Zqypmq.jsjs b87903d0aa16eb59b3bd58047ae31f7e370cc478a7b6d952e262fe4e56abb4e3Virustotal results 26.67% Quakbot
2023-05-18Sllke.jsjs 0f8aac75339d21d38c89f545a30c35990759d0f0123017fad73ed0c8ce34b51cVirustotal results 25.86% 
2023-05-18Fwab.jsjs 8b5a063138d39c424fbf7ce7022dc972afa3c2df792b3a030272c1c77490dc96n/a Quakbot
2023-05-18Ogzaqrja.jsjs 9ac768cf3025869132bdb78aad3f4505cd8dd7e5ddc218e64d6645ba8db5e4f4n/a GuLoader
2023-05-17Ncnmrj.jsjs abab065bf35d31ff71f44feed5659074ee381a93862817826b7b884996333700Virustotal results 25.86% Quakbot
2023-05-17Bnkz.jsjs d307232640d2944029109ca441be49052d7c8d24590a54096c256c48e4d7da1an/a Quakbot
2023-05-17Wcosrf.jsjs a0220d487566d1243b11c30ea5d37349418d84e8f6eb6013e0792aa4b11236c6n/a Quakbot
2023-05-17Dpzht.jsjs 2a95cf3c1e69da726dd11f2d5621a546ce89b168fa1cab3506197a63de008d69Virustotal results 11.86% Quakbot
2023-05-17Hhbrgxl.jsjs 8475cb42b6b2c974e37378cf11491570a83f194a37e5ebbc50add4a5677d6d72Virustotal results 25.42% 
2023-05-17Xrghfxtx.jsjs 3c39de1cdb595f8d1822395bd3cf9c81743a1b303cf7188cf41f49bf8c0005c7Virustotal results 31.03% Quakbot
2023-05-17Jwtjvry.jsjs cac584e2ff62f01ca51db682d0b6d32ff11123c3bc3b6a5e9794606ad51844fcn/a Quakbot
2023-05-17Gvxy.jsjs f1f61e0e62e3f580fde3c038e404fa35af3162db8a4591f6aeee408765243174n/a Quakbot
2023-05-17Aboccrpm.jsjs e3357d238879f17c52b63430046495100f635359feeb8312d9b90b01d90d8ca1n/a Quakbot
2023-05-17Wnhpgnb.jsjs bc45b591bb1a35a3ea07c0675c681e038dcdf6661015a6b853c168e8ffdb048en/a 
2023-05-17Esrsku.jsjs 88da12fa14fd56f9ff17976930a9c6f45b43f9e3572a75a715cad2e280fb3146n/a 
2023-05-17Vjgzs.jsjs bd7900b7832cd4fb6879236d3893304dd6e4cdb8611b6a70f58eafe4239ca662n/a Quakbot
2023-05-17Xranzlp.jsjs 377f6ff39334eb002f24c94f443b0fd887adb79d82c233a8b27a6a7e292d377fn/a Quakbot
2023-05-17Ykmpkh.jsjs c5d505d9c1dc469423ffafe6660a56843c4a9f0886eb04b98f6a2d700a7faae8n/a Quakbot
2023-05-16Phhhob.jsjs 642f050a6858a60a526a30382740c0385aaca15c201cf84861ece07310f1544bn/a Quakbot
2023-05-16Demyeno.jsjs 07860800817ded2d360636271a49ae48cf3bc9229fd4d4855340799706476ab2n/a 
2023-05-16Dcjmtdio.jsjs ce117e6c4b67d698e7297e8b31b388ed3d4831db7208259e12305f8d389956e4n/a Quakbot
2023-05-16Ffwrvxnb.jsjs e2462a677626299c0fc190bcbfd4cf57ff0759de6f39d108e0f8abba7ed3d513n/a Quakbot
2023-05-16Vvkheg.jsjs b495bf1cd82205eb971251c426a1130b4958ecbcb366d2136b43f6ec6f7e56bfn/a Quakbot
2023-05-16Stbnq.jsjs dd81904526e623ba10c6b7eb06abff983226159396811e6f6bbb47cb1cffd8dan/a Quakbot
2023-05-16Ypnr.jsjs fb910b18fba060828088de30b76879d6f70a603222846046ed061bf4e7614d13n/a Quakbot
2023-05-16Relq.jsjs 847cb3eebc2da7e637b151f22cfd4da999621293c08efb3adb4aac8fb3b00cd8n/a Quakbot