URLhaus Database

You are currently viewing the URLhaus database entry for https://oilgasin.com/lo/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633992
URL: https://oilgasin.com/lo/?1
URL Status:Offline
Host: oilgasin.com
Date added:2023-05-16 13:14:49 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:17:42 UTC to abuse{at}quadranet[dot]com)
Takedown time:2 days, 7 hours, 46 minutes Poor (down since 2023-05-18 21:03:43 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Chmupi.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Grbequm.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Gtyaahlx.jsjs 2abc4aed61c701598171d059ae3b6aff4894fe1f4890fb5cd5d3ff03ad8bfb10n/a 
2023-05-18Decrk.jsjs 614b789451a47511f7b28865dc84ac5a5214ce91e53b5f9ebf50cc64c5cff4d0Virustotal results 25.42% Quakbot
2023-05-18Xjlw.jsjs 6a2c26dc0efdfc1c4fdf83525f29de723f3f77f866558ce277756af920925c89Virustotal results 27.12% Quakbot
2023-05-18Jocn.jsjs d2087d9119d773d88b9ed612b2300de62865eab8a6dfbab02955c20d0bd11582n/a Quakbot
2023-05-18Kmcfdun.jsjs bc100a785f531874618920cd99c357dfc32c33cd59fc6b19856a94b41ca3f07fVirustotal results 30.19% 
2023-05-18Yndvdb.jsjs 7e29b555dd10291e663446073640ea5519a3e38a3655264511bf14299c86dccbVirustotal results 24.14% Quakbot
2023-05-18Ekef.jsjs 47b6986c5352ef5a3ecf9cbe02d34caf8e096cb6635c958ce8dedb89540da3d8Virustotal results 26.79% Quakbot
2023-05-18Liuvyqr.jsjs 4ade6f7d7cfcd03dbffdfe401ed93fa601500252c858fa6010e54b0587fa0249Virustotal results 27.12% Quakbot
2023-05-18Ogjrozet.jsjs fed0fa880fd9812bea44ff765356fb74bdc116ba4a93d3e22ad855b9e789e299Virustotal results 31.03% Quakbot
2023-05-17Yxhstpm.jsjs 24579cbeb7c33196bff853d67ce422776e45c942b057519eb6a6c453ed30ac62Virustotal results 27.59% 
2023-05-17Nbbwzv.jsjs 68e8f2f3d6612aa52ea6f93813be80d9984f0626bfb504047a29018c7e7748a5Virustotal results 27.12% Quakbot
2023-05-17Ofvztkln.jsjs 9ac768cf3025869132bdb78aad3f4505cd8dd7e5ddc218e64d6645ba8db5e4f4n/a GuLoader
2023-05-17Deuzvvr.jsjs 029b6f2d9cfb0a2a335c9b9377c1dac9e71206e55f6f82c7d3c0e2edceb9b734n/a 
2023-05-17Hwictvlx.jsjs c28a0689fa744ad9aa6b9113d992a9fc9d303cf30f2b622975fb5e9a82ac02e6Virustotal results 27.12% Quakbot
2023-05-17Droqlcbk.jsjs 1cd77905385f0c42fc817556a8df0df76650c7bcc4f1d670bfdf4cefe71c5d76n/a Quakbot
2023-05-17Anxdj.jsjs d7efcadce017eaba7ee055cac3f1fb9842bd54107fb46729f546ede523c09e5an/a Quakbot
2023-05-17Aycv.jsjs 875bccb572b756073e35cf697abde47c18a8fc4156b093bd6d229ef766faed99n/a Quakbot
2023-05-17Jzynzrw.jsjs 9f3e6940a7fb5a5dd68f17ebe8ca15ce39b97aedc1079ae237b844154ab1e52fn/a Quakbot
2023-05-17Qrypn.jsjs cde011d229ae35846b38199e34ca1b4fd0b2286cd297ce428b8841b6f76511cen/a Quakbot
2023-05-17Vjkk.jsjs d7f8389a40914735896c9b276a498e731e1a897824f91ae9e9ea294d54af2e40n/a Quakbot
2023-05-17Cgotqtjv.jsjs b341b2b626bf2a44affd67c126ec60be031cdccc94e2cacd50cb6a2ee6ab557en/a Quakbot
2023-05-17Pouqnd.jsjs 2797d6555a80d8357f86e3bd7a169f22d83bd1bb8207a2c0ba85070e6716c628n/a 
2023-05-17Ipqqm.jsjs e5c917020b33ac894db481bbb6f2b6d874790ec5f1e7eb1cc738caca7b5da522n/a Quakbot
2023-05-17Nvbh.jsjs eefed93ab996f125a5dfbc590860f18fc4d4b40b99ed13871d6b741e50674c97n/a Quakbot
2023-05-16Tnpmwss.jsjs e2ee213eebc0a8a21fd23c36248a95358ae3c3d79b8d0e6ac828c522c7adb716n/a Quakbot
2023-05-16Wtczb.jsjs cc46f27f42abb58c30dff7be5a6335de8d17e1c9fc58af9521bae2eff8ef04een/a Quakbot
2023-05-16Zwfbrem.jsjs 59f64c42a52ab844d0e03dec0ccdbc21e96d522000bd5ad3e8d743996df95da2n/a Quakbot
2023-05-16Yprieao.jsjs 7b8227d3acebdc52aa3ed77800c583eb2060f0e84057085d4f065908d4a4f1b1n/a 
2023-05-16Einwoos.jsjs 69679fc9a303a023ace0b112f4d68e9df2eb83d07d2835614576d34e2aaac328n/a Quakbot
2023-05-16Aupkf.jsjs f65c9929bafc1d3247db922c1415869297f604c9cafd26d5f26b77252ab7263dn/a Quakbot
2023-05-16Zalziu.jsjs 75561439d7c398db98a0cba07f417108dc485832b1fa503a1e7749684ebbf3c6n/a