URLhaus Database

You are currently viewing the URLhaus database entry for https://lujorsa.com/eur/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634155
URL: https://lujorsa.com/eur/?1
URL Status:Offline
Host: lujorsa.com
Date added:2023-05-16 13:42:10 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:43:56 UTC to abuse{at}hostgator[dot]com,eig-net-team{at}endurance[dot]com,jayanathan[dot]muhunthan{at}endurance[dot]com)
Takedown time:2 days, 7 hours, 34 minutes Poor (down since 2023-05-18 21:18:08 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Foedghu.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Bxjxrx.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Zsubv.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Ompgqmnd.jsjs 64af7fb80648034f3a95ca09c688b9c4158ebf41507daf85a06cd05f8ecf972fn/a 
2023-05-18Pjmvjm.jsjs 47831ca3235332c96696b1add7425b7dcb044b9de06934992957a5e00cb4dadcVirustotal results 25.42% Quakbot
2023-05-18Upsnkg.jsjs b7a9d786648f1049f8c0964593b9fa3983e6066f5674ff98d438cf5ec9d592f4n/a Quakbot
2023-05-18Rozcndd.jsjs 934626b333d14ccf5c2f3a3effc073bba69fea3effa6d474f19bc48281dc9013Virustotal results 27.12% Quakbot
2023-05-18Mybvwf.jsjs 33e5253fc3841fb30d4467ba7144f20b94bfb5714befb85aa32837899b33859bVirustotal results 27.12% Quakbot
2023-05-18Ejptfff.jsjs 90fa0f56e8df4147606c0590d9bf8794253f48339dcf3295c0bd6d7b2dd0664an/a Quakbot
2023-05-18Booi.jsjs c183dc69a6e054260b5800df8cb1bdcf33338ca9f2d92f1b6d2161ca1fa1b850n/a Quakbot
2023-05-18Ohgbq.jsjs 5284d5807da5986ffb17fdd9761066974cb34030eb5067e7f9a65e48b32f37e8n/a GuLoader
2023-05-17Mjbw.jsjs 0b38200ce89d27eea5fb23346b4015cb585d0af5fd4f176a7c9bdb20ae369a4eVirustotal results 25.42% Quakbot
2023-05-17Dhpg.jsjs 15284b1502dbf4c84ff0c772b1ae8788a56987a2e9cda8ba27208e57da59e8a0n/a Quakbot
2023-05-17Tdgu.jsjs 80ab380263a5873a2a0e5bf0f6970a2c5a2f1bb6ced244bb881a685269c5d92cVirustotal results 15.25% Quakbot
2023-05-17Oapssjk.jsjs 356f8c2ebf3f6ab97ed37e1195e6ccc8d5441e37c038c0c09c7f481b5aa205den/a Quakbot
2023-05-17Znveu.jsjs b11ddd3e32db780631dee2546f8eb8498cf1976976b4f9b6229279881aff3e12n/a Quakbot
2023-05-17Tgnp.jsjs 5535886c2abea9122c385b0ba07688494a42109c0aa0c0425a0a4889abeba9b8n/a Quakbot
2023-05-17Eusio.jsjs c45b3d3bf95e3ad7c874dc0564bda71269b18a953725ca198b840f9def57a997n/a Quakbot
2023-05-17Cahzz.jsjs 11133fbe7f1c28bbaf68a1338baaba02013007eecf0794511bc167cacaef95den/a Quakbot
2023-05-17Hitf.jsjs 0e4c3a6f086c47f303650ecf3c20ec43225c3e80f8b8927be3a6d448507e265fn/a 
2023-05-16Xwnp.jsjs fd576f0ae7d4dc1eb30a93a75103e264fbc5a02dcb4737d729a4d7f8339b9b26n/a 
2023-05-16Ygdtky.jsjs b6babc602815bcb6e3f09ae1e731f3bb66fa7d3081d49df4d2597634fed96bfbn/a Quakbot
2023-05-16Xugxv.jsjs 67cd7ceb5526c7708f1e88c47d0ff1b436279ddb58393a243be413ae82759111n/a Quakbot
2023-05-16Fnqmkt.jsjs d5a62a4342e075995abac1ae566f168cf295efdb201f281e95830e4bc3f5f0b0n/a Quakbot
2023-05-16Umdxsphb.jsjs 901f92b5d910e215f7df6b0cb152ed42b417649eef34c7cdbec9a5c7adccd2e2n/a Quakbot