URLhaus Database

You are currently viewing the URLhaus database entry for https://mgservicessac.com/erdr/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634130
URL: https://mgservicessac.com/erdr/?1
URL Status:Offline
Host: mgservicessac.com
Date added:2023-05-16 13:42:07 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:43:28 UTC to abuse{at}hostgator[dot]com)
Takedown time:2 days, 9 hours, 1 minutes Poor (down since 2023-05-18 22:44:35 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Xzrgee.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Wklh.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-18Rshkg.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Tlbjo.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Jsta.jsjs 2bb9035fc15fcf6201804c8b8a792be8d46600ea65b25d39e32b52fccbc7a9dcn/a 
2023-05-18Kenls.jsjs 8323339fe9864a8ae4d4d40aaccb4bf92a9b3ba6b545c2210dec09fb28bf9374Virustotal results 27.12% Quakbot
2023-05-18Cuchiyqq.jsjs ba77ea0ae3afe4582d390d1930a3792bde2ba411df7e3c05ae156306c5cd46e4n/a Quakbot
2023-05-18Mhbfwko.jsjs 3c4d813af231229cc2b961a17a923de449a9f8d67439dd976effea73360ff766n/a 
2023-05-18Gilui.jsjs 716b277dffdcf3099c8c86e0198ddab7a5d55627de582e5b73e900db63fed67en/a 
2023-05-18Bouhg.jsjs 16c00ed1c4eea2fca24d5ac64106a0261dfc36eb8ff64471f024d0f95efd140an/a Quakbot
2023-05-18Ryfvgmlk.jsjs abab065bf35d31ff71f44feed5659074ee381a93862817826b7b884996333700Virustotal results 25.86% Quakbot
2023-05-18Bqtezvoi.jsjs cb46274d330ebea266c559fd5e391bd171816f40b8a0d960dbacf22c23a94ea3Virustotal results 30.51% Quakbot
2023-05-18Wjgh.jsjs d306257143ef32e3f924f2886ed8c92b3dadea9e12e458ad402e9456a2e61edfVirustotal results 24.14% Quakbot
2023-05-18Wpoowux.jsjs 3f2b1d4fe71004830b3afc87d735391d7ff0033d3264baf0b9b84903c52c16f4Virustotal results 30.51% 
2023-05-17Epmvgv.jsjs 973858251132d0779245a2e9dd301914a73702dadb9512759bce343a0fa1cb23n/a Quakbot
2023-05-17Vgkdrp.jsjs b4a90889250c70642150c7b822ece35979290cb3664a5f778ccb8195b4c440ecVirustotal results 25.42% Quakbot
2023-05-17Rxey.jsjs 5e2610a338e8ef5c3c882966366fdd36d988d79233ad84071b96fe04a7ea18cbVirustotal results 30.51% Quakbot
2023-05-17Zays.jsjs 68e8f2f3d6612aa52ea6f93813be80d9984f0626bfb504047a29018c7e7748a5Virustotal results 25.86% Quakbot
2023-05-17Mvzuyau.jsjs 831bcd763103748a036135443a32ea80a8d0c311ba22872149bffc13eec6efc9Virustotal results 30.51% Quakbot
2023-05-17Xtyza.jsjs 83743f2158c1cfe6f65635d6a1c2aeec71545802940ab5e083fa9d3a98d650aan/a Quakbot
2023-05-17Pofdhct.jsjs 3c39de1cdb595f8d1822395bd3cf9c81743a1b303cf7188cf41f49bf8c0005c7n/a Quakbot
2023-05-17Tipsgrbt.jsjs 673064b3bf9b17160313a5007c54979ed94e7c6a189c6eacbaef7462766529c8n/a Quakbot
2023-05-17Hoeiiiq.jsjs 3b5a41fb5738e24fe7e09b7ead8445403dc2d9d305c92a64dc2690479c1707f1n/a Quakbot
2023-05-17Wvlmn.jsjs 3f97097d4acc3ec5f92fed051ef48c266a88cd5dc7c6f61d9ada28876d52732cn/a Quakbot
2023-05-17Ahnemqf.jsjs 8b43d709dd1a4022298d3f83185f8d4a88bbfb99110e0634d34cc6d74cf62524n/a Quakbot
2023-05-17Arxmkx.jsjs 87f88051f55ead8398ab80483c4779a1d9fa6c4dbeaf1371c6a51953728f7916n/a Quakbot
2023-05-17Vccaxz.jsjs cfbd71be54f8d8c8f6d57ece68a51d43f2dca39d9c4dfb6b78c1fe8ca55c1b8dn/a Quakbot
2023-05-17Xnozgr.jsjs b77429656e528686a6894d4f7e506b093854570463f09759cabf96c7bd5a2f32n/a Quakbot
2023-05-16Kvsq.jsjs c91157ca81acf7507731aad9f775d573c99bd9688e716b7f848e1f6b61c9032fn/a Quakbot
2023-05-16Kbbk.jsjs 063aca1c69929c01e484e68656216f3b7639729117266f7347cb05f7b7cd4019n/a 
2023-05-16Oblewdl.jsjs 3d0f782152941041a7a51cf95ba0c262c1230694005b983a903d9ca87fbf762cn/a Quakbot
2023-05-16Tozk.jsjs 954cdf2b7f8a6fc97b09a23fe926945c2cba8aedd0578451e5405f909f188ce2n/a Quakbot
2023-05-16Tvpbdf.jsjs e1d0ca395f9559a0b9466c1eee9d76507a120b722e3770482429d213c103c449n/a 
2023-05-16Gscqxe.jsjs fe324d40d91a266a357270a57e3fbbf6f357424b4c5328f2f317fd9211261230n/a Quakbot
2023-05-16Kqhkznm.jsjs 40cd75210a9579ea01c7f334333b3bc8e567d724d43588d3b439956b9e948588n/a Quakbot