URLhaus Database

You are currently viewing the URLhaus database entry for https://co-legacy.com/oao/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633951
URL: https://co-legacy.com/oao/?1
URL Status:Offline
Host: co-legacy.com
Date added:2023-05-16 13:14:38 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100116527 created on 2023-05-16 13:15:19 UTC)
Takedown time:2 days, 8 hours, 16 minutes Poor (down since 2023-05-18 21:31:59 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Oquirtvx.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Pgfdpukg.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Cwzk.jsjs 296869c2b26b38f807c0445c68331a28b67be3de34638012c7ac373d583dc562n/a 
2023-05-18Brsggsse.jsjs b4a90889250c70642150c7b822ece35979290cb3664a5f778ccb8195b4c440ecVirustotal results 25.42% Quakbot
2023-05-18Qbnaihor.jsjs 8aa9df652c080c1ab6754cea7be1a61ae330512a5ddbc9af51177cbeb20da8e4n/a Quakbot
2023-05-18Ocrdp.jsjs a4d5af2c7491cf9e8c6fc213f49572749af1f591ad0e453bfc3770dd17d884dfVirustotal results 17.24% Quakbot
2023-05-18Aupiidmj.jsjs 64dff88a0434f88beb3fac1ad7fb2945b374f90e6ee2ee7322665681b945e790Virustotal results 30.51% Quakbot
2023-05-18Kycmkju.jsjs 6f1a5f81c661643e1367ba7f42de50ede7d8841c0eb4bd7e13f5922b8a539766Virustotal results 29.31% Quakbot
2023-05-18Ohkzpqr.jsjs 9be436ae8d8612af572358c0394b27e9c751e6f50b2597c2b7ae636e99088255Virustotal results 28.81% 
2023-05-18Atcj.jsjs 8fe6b80c39f345411e663560d164edb44cbf0ad7ba4914ba79f02bb403348f27n/a Quakbot
2023-05-18Luuj.jsjs 5195290a6bfe72d1709c08345d0210181ab60e363339796ef44c05a17d9c03dan/a 
2023-05-17Pxpx.jsjs 8ef706183443d30910cb1d411aa36e657e86119ff849b6a9edef4125b752bb92Virustotal results 28.07% Quakbot
2023-05-17Eggtjx.jsjs 749721b74088db119de7bccbe5cea0c9486f42bb570461ff262c5ed324b4ca16n/a 
2023-05-17Oplqgjyb.jsjs 4a2d1d02742e1dbb3fdee1d9ff6862a5a45e7920404df24a06740007d4b653d5Virustotal results 25.86% Quakbot
2023-05-17Jdzrm.jsjs 81d46bf6cc71d927906bc2a9ae29103ed6a1d3f01599e9736dd016267c874521Virustotal results 11.86% Quakbot
2023-05-17Uidqc.jsjs 26a9ccdd2cb5bd68aea8b06532a4945f8f6585f5ee8e03fd64c7dd7ba9bde535Virustotal results 27.12% Quakbot
2023-05-17Komwfouw.jsjs 3e80a8823bae07e1aca749a62a6da2c57f0f80ebb6d4a8cd1be2ea749d3af45cVirustotal results 13.79% Quakbot
2023-05-17Sbwrvrx.jsjs 2148fe2b647b8aa1006957e65de07d42e631ced18a21aa3d1aef1ad5d22ffae2Virustotal results 29.82% Quakbot
2023-05-17Gdpnpls.jsjs dd49f4bd134e3d669ea1daeb866bffdb27dd69e46b07dfc3b04758e718b40700n/a Quakbot
2023-05-17Gsykqzx.jsjs 1058953ca9ef03d67eefffa431b2998050b70e4e271a7ff578b9fc99ec97a42an/a Quakbot
2023-05-17Hwcxq.jsjs a5ad4dc55d28926ad256e94e8f66800b891da299d211acd5ce2f859aa4593726n/a Quakbot
2023-05-17Expty.jsjs 66280b24506c04bf528b4d17a99a97d9b76cc6c89e4ee6201ccd81e1a26d4c36n/a Quakbot
2023-05-17Apenaue.jsjs 5002cc0cb375025b869d05ed54899ff29268730d46a147a76bd5228e939a15fdn/a Quakbot
2023-05-17Vmiby.jsjs 06547c39200c2ca8e39196694ffb8736a6635d92e9e7c1c9d9c9d4f7e5538e67n/a Quakbot
2023-05-17Fnwrdxqd.jsjs ab1829adf96917a725c73905806e92fe83ebc202648947188d5ca48d0dee34a2n/a 
2023-05-16Qtawzm.jsjs 3116cd147019ea58f2c9fc79ef8466fa337d887bcb841cadb01f815a532024b2n/a Quakbot
2023-05-16Kbsy.jsjs a536903cebee6ba21a424c70acb896dcc37b18277ade0961cfacfab1578aa590n/a Quakbot
2023-05-16Zvedkwpc.jsjs 5dd0fac13c985735b06d124d9e3a5a55393b3c1a11003de17ece33ea6b4e7e5cn/a 
2023-05-16Ubmhrqnr.jsjs 66176a21203c5a4da1f9ee4950a2508085c3220f0c9ebe8aa96412bbff323915n/a Quakbot
2023-05-16Lbjkexhc.jsjs 49dc2047d1ee99a6eccbed14100137fa59537a9f371b359aefdc586fe31731a5n/a Quakbot
2023-05-16Jszukqrl.jsjs b455f08145a9473601d2d5750034786d98ea9acf9d1259e0276952c488e24396n/a 
2023-05-16Vzkxeqdg.jsjs e01f13e0ba2af18ea43fc0ca809ed3f46f390a9a4f0de93e9076f5de7dcc7e8en/a Quakbot
2023-05-16Unsunqo.jsjs 9ab21b1634088b602407046e4cb39c7c10ac6a873c23563aa084403d88f5f9a1n/a Quakbot