URLhaus Database

You are currently viewing the URLhaus database entry for https://lesbonscontacts.fr/eo/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634005
URL: https://lesbonscontacts.fr/eo/?1
URL Status:Offline
Host: lesbonscontacts.fr
Date added:2023-05-16 13:14:53 UTC
Last online:2023-05-17 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:17:59 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 7 hours, 47 minutes Poor (down since 2023-05-18 21:05:15 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Obqaeovf.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Ijxkf.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Vyshmrm.jsjs 06357d6dca8ba662f1e3b162bb7c7934dc192d476792d3ef008ab8f6bfd48d0en/a 
2023-05-18Pxtrqfr.jsjs 8f330d0bd33cae1207a38406d6db47ef79a72bd8d18681a4a0f3a3a33ec3e4f3n/a 
2023-05-18Uger.jsjs 03de8856a9267b9e96c1454bd5a13ff8d068076ae6a1b7ca1984367997fa981en/a Quakbot
2023-05-18Xnuwwzzi.jsjs 17dcb0baeee21444da6b254c7dcd1d98989c6a0c089b8d79530a2c2a83dc34d3n/a 
2023-05-18Ekrgtum.jsjs 2a95cf3c1e69da726dd11f2d5621a546ce89b168fa1cab3506197a63de008d69Virustotal results 11.86% Quakbot
2023-05-18Vponp.jsjs e7958ccd8a002219ae5c0a15fe85c42f33e3433270f0ba102d597f19a494e2e8Virustotal results 27.12% 
2023-05-18Mabhfeil.jsjs 7de33bd597e2308019574ea948f706768bf2fbb89ea7392395d6cfd89909369dVirustotal results 25.86% Quakbot
2023-05-18Clxk.jsjs 7fdeda1296a36cffb37a03dca1e25125b27333e53ead2391247d2790dffd0e7aVirustotal results 32.20% Quakbot
2023-05-18Bvmh.jsjs 13c75bb7b88d3903fbb5263103d8e12f736ce24e98fc6397eb0286451317c087Virustotal results 27.12% Quakbot
2023-05-17Mopf.jsjs 6d9b8f4761b3d2b4e1c031cece4e6ae593e6a9e7de18a01dd28c1235bf7900d7n/a Quakbot
2023-05-17Nwmvh.jsjs 9fe91aecf500ad9c63e2325310e5a0f358434ce9e04f697e1173ad6af1956453Virustotal results 25.42% Quakbot
2023-05-17Wcud.jsjs aa29c7434c1bdbe52fd461a295dac0931392a0852902d70bd91693bedfc48375Virustotal results 31.03% 
2023-05-17Icmrbtrn.jsjs 71399d25c8497d7f81c87b8f5ec8d5071d8a62ac85ee254638bf8d24feccc5adn/a Quakbot
2023-05-17Oztujm.jsjs f7b76f7e79498990be74945924e01e7f53e3b42e5be51e93dd0c4c7a5ecb47d3Virustotal results 27.12% Quakbot
2023-05-17Rpau.jsjs bbea073ee85951ed23e95e826bbf93fe5f1cd1885d0b88476ba2cd5a1e6bcedcn/a Quakbot
2023-05-17Atauxsvb.jsjs b9db0988cfc1418354e6e55c54e7346c335a55a40661a6907d35143a9f8f8f8cn/a Quakbot
2023-05-17Plhxf.jsjs 0c002b88627f5df1e7415950b066ddc51bf3e0f4f3ef5a2b01a266b2c4282ee1n/a 
2023-05-17Ywyte.jsjs bd57885bb0d24b46671edba316dd2b66d26015c4964dbddd19c1e8a5d7b68d31n/a Quakbot
2023-05-17Eauigmu.jsjs 64f3498a47f879cda91edb49af57cc1033501c1de1fdd3b17485cc6d7f0f6585n/a Quakbot
2023-05-17Hwqq.jsjs 1b6f8a0013011b34242560d8cd8ae9cdac95fe291d4088aa9b16517316c45546n/a Quakbot
2023-05-17Bujjhnu.jsjs 105535d919c90bc3aad1179ed8ca6317d63eda1fcf773d1ea2adf0e3c64c44a5n/a Quakbot
2023-05-17Qokc.jsjs ddabac8dda3adb4b1a5796dc01dd3fea9fa1f34e002e0718a425679606f830edn/a Quakbot
2023-05-17Nhkqvw.jsjs 89c544c3f3d081e59c107d239c508d2901f5df4dabaee02ab1e296feda2878a7n/a Quakbot
2023-05-16Whmyhgzl.jsjs d3181166f93a82f3af9178d1a6dcf55e39d7ee3334f5a3a2f22491c6679833een/a Quakbot
2023-05-16Xxyvztr.jsjs 2c44330f66e406afecff9520ee2089cc4da70ef9b588e922dbeaeb6abcbf9552n/a 
2023-05-16Mfwo.jsjs 285346db7e69c2fea4172dcbe11a6f031c87ba350eacf1041bf4618bb5a3d7dbn/a Quakbot
2023-05-16Abbmtpn.jsjs b52b6c74cdfd9d845721ccef16c7465b22edd96c618ad7f628acee9951b3f4f6n/a Quakbot
2023-05-16Bgxpfby.jsjs 0d5ba3589867a33c4510e4a58904cf955617e82eec90fe47ab8ce58da725a6b6n/a 
2023-05-16Jhdsrzr.jsjs 413cb716f91d7142245cff3894f4009b5623284f040fa094dfb095aa9ee4ad67n/a Quakbot
2023-05-16Hdilv.jsjs 38a61f54456f62568ae9150bc3735182b576896795bc4229ab4ffccab864d7b8n/a Quakbot