URLhaus Database

You are currently viewing the URLhaus database entry for https://gasak77.com/uir/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633722
URL: https://gasak77.com/uir/?1
URL Status:Offline
Host: gasak77.com
Date added:2023-05-16 11:26:05 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-17 12:59:06 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 11 hours, 17 minutes Poor (down since 2023-05-18 22:43:41 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Buyyif.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Vefvfsjc.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Tnsgznac.jsjs 561b0ee67efb2dd2a2b4a032ea9cd2e4c929f038696e9931146317432889f389n/a 
2023-05-18Dlia.jsjs a70e07343087b1341505ab67207e4f4d1170a7ae25f9b7c90ca2eab5663e3db9n/a Quakbot
2023-05-18Neevslq.jsjs 9f58336c0b0f6cde0a91dbee871cad45a315c5413863ef2b29affc9c949ee72dVirustotal results 32.20% Quakbot
2023-05-18Ktwnnh.jsjs 1f4c2a4e8c95bab7ff916109a3978612cf0969f85e9f00ded884776dda11eefbn/a 
2023-05-18Xoorv.jsjs 112fb3f4fda57d58405f842081f111d4f583c40ece7f17fd6805832360da7072Virustotal results 28.07% Quakbot
2023-05-18Gywoyi.jsjs b3c3f0880fe1ebd5b9f5146a8164da0834ee29a37e5a1cd8e534efe15c786daen/a Quakbot
2023-05-18Ashcnzc.jsjs f21a9095152b5a7124af37bde4000f76717ad002ec5e40bb2b86dc71839dabeaVirustotal results 30.51% Quakbot
2023-05-18Lysonfuq.jsjs a4633a3bade267edfd4e6171fb238320ca7b8fc6ce56403954409c8af38c4ca5Virustotal results 27.12% 
2023-05-18Bbtut.jsjs ca0444007c6c56cf207e9de8f069644d774953d9bc532784f55d5deebc62acbfVirustotal results 26.67% Quakbot
2023-05-18Sugdh.jsjs 0473836cfc335949eae38f3049dd3932d818dc6cbbe8c178f72c74370912d088Virustotal results 28.81% Quakbot
2023-05-17Irok.jsjs 24579cbeb7c33196bff853d67ce422776e45c942b057519eb6a6c453ed30ac62Virustotal results 27.59% 
2023-05-17Ytsr.jsjs ccfd3d544f060b0b45133acf8df8a753724ec29a916820e53f6e7692dd785c8dVirustotal results 21.67% Quakbot
2023-05-17Wjztmder.jsjs 7444a90ab199f093f90decb6774077ad55440f5d3ef1a757b95d2a4a639e60b3n/a 
2023-05-17Qqvubwx.jsjs 41d25fd2c9445a58f5ae64b05b6042873508bfb85efe4b1b00c3c1b03c4f930bVirustotal results 27.59% 
2023-05-17Mzdjmida.jsjs 0107042269a76269dd71d3dc19e72a1759d421cbf33b9758b94f08c93f0989e6Virustotal results 31.03% 
2023-05-17Stubzrtg.jsjs b87903d0aa16eb59b3bd58047ae31f7e370cc478a7b6d952e262fe4e56abb4e3n/a Quakbot
2023-05-17Lfeehja.jsjs 3e80a8823bae07e1aca749a62a6da2c57f0f80ebb6d4a8cd1be2ea749d3af45cVirustotal results 13.79% Quakbot
2023-05-17Zput.jsjs 022a4d92a6ea785f7a29f055eda4898510439ce9a2213649cf1292c0ab0d9abbn/a Quakbot
2023-05-17Nixwpvzd.jsjs ecef9cb4c9355edd512a3e753deaea7bf99740851c60d7632761d10f8063ec53n/a Quakbot
2023-05-17Tyztljb.jsjs 14d993fc70ec600845fa40313cb440ea3bb73ab34d7a8ead820f30cb338cd95cn/a Quakbot
2023-05-17Sobske.jsjs 47f78d1ecf255332e5f6c253327d78d174fa3869c559eb4b33dafd7ae8900453n/a Quakbot
2023-05-17Txkz.jsjs 1c8a06df9e38dc2ac0f968f2c942be7a71571986872f92b728d2ef03eee7c247n/a 
2023-05-17Ppgw.jsjs eb952897310f0e1b84269816d93b840b421dd7dbb5066f3d840479a817ec6b50n/a Quakbot
2023-05-17Zalt.jsjs ac9938e0100acc64f791f61c63b12dddc5be6c0f654e3d225d80bfa84c6a714cn/a Quakbot
2023-05-17Uofxg.jsjs 7e0c24080369186b37d57a3072b3399ab9691ebfbd96ae7befcaf867c0c2ac07n/a Quakbot
2023-05-16Opnowaxh.jsjs e26a9d7c3ae49b0af4504aea58a35bba7b39110958c6c48520929519b2c337bfn/a Quakbot
2023-05-16Cryk.jsjs d06cc0b743ac707b2fdf79654d30b9bec05589be6c5be86af754cecfaff5d8adn/a Quakbot
2023-05-16Azvjito.jsjs c09d3440a038d6fbcaa68150de56289f41d0a11d46d89264362dca310792f653n/a Quakbot
2023-05-16Xylv.jsjs fbb7dafa38d48cb38ddb883b7f1c060aa1155514d158cbe87698d6da6b9efee1n/a Quakbot
2023-05-16Xsfvpvls.jsjs 32625042fc7489db58fd7627d2d313a5ff58427ec6a760712a07c31d20348fa8n/a Quakbot
2023-05-16Mupkr.jsjs 3b47cbd701e0331cd58231df3e2a6eb56d4168b5b5927b006ea211e539e3c67cn/a Quakbot
2023-05-16Wjbfpqd.jsjs 85f4671379092832ab5d64fc6a8b86b959065743d7d0fcd066869773032fdb15n/a Quakbot