URLhaus Database

You are currently viewing the URLhaus database entry for https://gal-lom.com/aii/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634188
URL: https://gal-lom.com/aii/?1
URL Status:Offline
Host: gal-lom.com
Date added:2023-05-16 13:42:15 UTC
Last online:2023-05-18 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:44:25 UTC to abuse{at}tierpoint[dot]com)
Takedown time:2 days, 5 hours, 33 minutes Poor (down since 2023-05-18 19:18:09 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Dlrhdn.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Nhduo.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Pxatwt.jsjs f7e5c9c0e63aae7d4eebf4969c063272d23345a9377d5b9392c29e1ca8e2121bn/a 
2023-05-18Glrvt.jsjs 6bf7410f1b32c7fad44030961607fb13ec400a2a008f5817485ba84c5c297175Virustotal results 27.12% Quakbot
2023-05-18Ckrl.jsjs 43f0a123b00abe19f1412b6fff2944e5bf4436a2ba20e3493ba9708ee5088c8bVirustotal results 24.14% Quakbot
2023-05-18Xlbty.jsjs 2148fe2b647b8aa1006957e65de07d42e631ced18a21aa3d1aef1ad5d22ffae2Virustotal results 29.82% Quakbot
2023-05-18Zobhfv.jsjs c936abc12d461d92641e807274f5df2fb3c02f2e568920845092ed9547299bafVirustotal results 8.47% 
2023-05-18Dfdssmq.jsjs d8ee25b9b238ffa9197d9bb3defe47e9a2720909109c315f32b38191a4c534afVirustotal results 25.42% 
2023-05-18Horxgl.jsjs c408bd9762412a5776d177862b5ac082170428db1332d9ba6c28929b506a4858Virustotal results 33.90% 
2023-05-18Shcsb.jsjs 6fc84f16bba8f14130cc061d7ab41c424fdccd71398b2bd8c1f4300ffffe8912n/a Quakbot
2023-05-18Esminb.jsjs a84a8c5338c73e889cff9d58c510657f8624b8deedf847eef71befacab5ed60eVirustotal results 20.00% Quakbot
2023-05-17Mfxkgn.jsjs 4a224a82cefc07c64c7c22363f17593d43b9ab03d82d39624000798d29cd331en/a 
2023-05-17Klwkjdg.jsjs f15cee857739e493f0b99f7ec002e9fd76dd37b87080807a922a414a5294c989n/a 
2023-05-17Sxewelvq.jsjs 8ee5d86b74cd803753d211be4c64578d8d39e7dd487d114bdbe044505063bb7en/a Quakbot
2023-05-17Xgstos.jsjs a45416e3d9aa47760feeee7375be42c3748b04b0d9c6c573bf4db2cfa07929b5n/a 
2023-05-17Qxrgzc.jsjs a64cebdd853596ce95beeb112b9dfab6eab26ff09b77eaad1c909cb1b6cff48an/a Quakbot
2023-05-17Rqoe.jsjs 482b7c299dee3be25a3be3b76fb1498df5fc3e081d157b3734fa41fd8fbb5cccn/a Quakbot
2023-05-17Munkpvw.jsjs 49636b8d67746ef7da6e75b7b961332aa2ec681c92060c1648c4a9730e0abf7en/a Quakbot
2023-05-17Owvrz.jsjs 07211d8c0ac374366a3316a4cf4230d52f70995b43bbf396c9b24123e8302ca1n/a Quakbot
2023-05-17Xlvzn.jsjs 13714eff9328bf85ea06671f614676756e4565a48b24b845b75b71c5fce4b6f5n/a Quakbot
2023-05-17Osvbcgkp.jsjs fb75e704b9ca23c94f75925c31a9130c5c4c740a6d2b0956f94f20ee153e2fc4n/a Quakbot
2023-05-17Krlgzh.jsjs f6ee5313746f31b9ea46dd1981db920d1fc8455bbbbdae4cc816e3f0e5525752n/a 
2023-05-17Cwkpqdmn.jsjs da5b0ec0bfc1abc3ddfb97ce5e555749838aafed4e683b07c56b979d44ae6349n/a 
2023-05-17Djzkgds.jsjs 961acda4a51c4e9b4934594cfb3ec887618fb0be006ab0a480d5dd5b2df4a3f4n/a Quakbot
2023-05-17Mkdw.jsjs b984f4bf643afcd2530980a1cdc7dfe0ab4128a1c57aa1e155f96a1c5d65f296n/a Quakbot
2023-05-16Vatj.jsjs 2fa28c707964f51f8196c34dee50f7937daa933f2986b237434c7316e2a25e8an/a Quakbot
2023-05-16Aqcbrx.jsjs be6bedff66513637c2f3f3dc6d8aced123f905399fc59c9faf4c6cb9253e29d4n/a Quakbot
2023-05-16Vvhvt.jsjs 2f12cddd2ab778679bc3d133f119184252ec7b8349f13ec75db6f14946b948b8n/a 
2023-05-16Exgrsc.jsjs 057330f1cd66360e7c4c5df67b7f708e39a60c5235480ab9b1f4e4ce9bfcc05an/a 
2023-05-16Hbvst.jsjs d56162c55d364b827672693cfd2fe61510279ecd0eb580b8daec727700a07ba2n/a Quakbot
2023-05-16Kdrihrbo.jsjs a73d306b5410219e7c11f9d0635d1ca9319c99cb907dbf624a6ecfaa39ed0cdbn/a Quakbot