URLhaus Database

You are currently viewing the URLhaus database entry for https://bestgacontracts.com/nosi/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634255
URL: https://bestgacontracts.com/nosi/?1
URL Status:Offline
Host: bestgacontracts.com
Date added:2023-05-16 13:42:28 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:45:22 UTC to abuse{at}charter[dot]net)
Takedown time:2 days, 7 hours, 26 minutes Poor (down since 2023-05-18 21:12:13 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Cqurfww.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Qoekzs.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Bnbccdn.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Zpali.jsjs fa113c1fff577ff3c7af27029f93fe74918ca4ceaa0b3f51f8d943a02cb290den/a 
2023-05-18Ompa.jsjs f4915f167c3fb3624d4d085f3c8bed83ad6edb3d7f55c9b9bb17a4f06111e131n/a Quakbot
2023-05-18Yofgicvo.jsjs 61ef6ef0f9ddc3b6d4b8201a85d35c7ce79058c5ccbb5ccb51e68f15898a3bf9n/a Quakbot
2023-05-18Xlrlglz.jsjs bb62ccf9fa803df4844b790350de975a1f8ea136f9334e3563a5e8ecf4d9b601Virustotal results 25.42% 
2023-05-18Igvvimxi.jsjs 70a531a610e47641bb1c9aa721282178341c6ccae5578f0ba31a38cfc5cad76eVirustotal results 27.12% Quakbot
2023-05-18Zalsdura.jsjs 971bd37b998eb4ec97738fb7c5f921bcf1fe5ca6625167693aff2cb06a748e7bVirustotal results 27.59% Quakbot
2023-05-18Bznizkrk.jsjs 60ac01b6dc615a190d4fd5f4ae9e67d29d9faf9784d997dc375bf3bc5affcbe6Virustotal results 30.19% Quakbot
2023-05-18Amqvnz.jsjs 8e13d078cc5a623e77df862498a637bd089487d45c2af8d1413f79f59d94dea3n/a Quakbot
2023-05-18Qvrp.jsjs 7524d906b4d42ae7fd1e5e15cb503e8b54fdc1afa702a0b4e4c5f1d6f99edd1bVirustotal results 30.51% Quakbot
2023-05-18Xflcx.jsjs fb2bca8ce3aa4207fc636e9ebc34bb47cc0d9b6a233352bff3b6875b6bedce3dn/a Quakbot
2023-05-17Weslvkqm.jsjs 07cd66f1c775da49daf409f335ec5d0189ba991d2e66c33b01708efe1934e0dfVirustotal results 27.12% Quakbot
2023-05-17Bjehmots.jsjs 7c13bc2d2d42fdea47cb32e74e359fa9939073a81098e801e04a6daaee5e9ff3n/a Quakbot
2023-05-17Sdvuyal.jsjs fb5908d59b642acad4cc8e4b40c8003da06b37e422221c358758d820f2c0a53fVirustotal results 23.73% 
2023-05-17Axggd.jsjs 6f741f3bd19d3433e0618cd31b85f73aa09fb1dfe670c9e5a8e0ec01cf274495n/a Quakbot
2023-05-17Jzosqqn.jsjs d6e5d8bb312aa607d892cd90a910040c5ff30ee3a76f41fd9c177f3c09b59f21n/a Quakbot
2023-05-17Kunkvo.jsjs 928455b0e6b3a04da2d4fc9cc17de42c52ae2a640937dcbc9a048f76050c138en/a Quakbot
2023-05-17Ymbsihlq.jsjs 1c9e3b7a095019cb31fbd75a15f66635aff3a9d9aedba8f2cacfb3e39d170df8n/a Quakbot
2023-05-17Tixszt.jsjs 147a72548c1bf9a68828f98c8b2275c7f1d009e83ce49679f11e4381548cf707n/a Quakbot
2023-05-17Qsrjfhw.jsjs 19b840480d18fc3a8dd3228d695d7b2700c8a48ca09c3514b2c908b2488136e6n/a Quakbot
2023-05-17Wuleg.jsjs 6aa16a36b0f6e61f989b83f101a5b5add325ffc3c51f486db1f0ba1d0bd83a0cn/a Quakbot
2023-05-17Qmrxsqbl.jsjs eb1ad484e6ef45abc2bded52fcd925f30d6ec3d66e492eaf582132057c0dd3cfn/a Quakbot
2023-05-17Ucsa.jsjs 335d0b0eb5585e7298b127a510ba3ec119fc9196e94b0593407ec9dcc08ca8c5n/a Quakbot
2023-05-17Npdqmdyo.jsjs 620e074c4cdcc9543fe267ce517d3db1f8c4ae7c850c35f8aee96c3c27565c51n/a Quakbot
2023-05-16Doqmtc.jsjs 6d8868c66613204f1e7503c00c123c123619c5a4a1c9330ce5ea85afb741a816n/a Quakbot
2023-05-16Mgcz.jsjs 97910e0a93c79968bacc7f1640537b799d451e91f15a78702cd6a0c8ba7526c1n/a Quakbot
2023-05-16Heylgzz.jsjs 81817da3895555c699de40cec24c52b315e1a29aabce5ef946d50aa09b755108n/a Quakbot
2023-05-16Wadrii.jsjs d7539c3cfdf6114f02a73a7e11b6c1807e9a1bc655175fbf4997e155306796bfn/a Quakbot
2023-05-16Weral.jsjs 11402b2dc5c9141524288c0dc894c1082578b1d20bed179c2630e4638350346cn/a Quakbot
2023-05-16Ngyh.jsjs e53aecd6c00a0e2561d33608f82ed9c6a040a1f858eec940b88e6a924e19d860n/a Quakbot
2023-05-16Jkpypvaa.jsjs ba982b63469b0d05b94e65b4ce4932f3014b162f76a2df72a4cd5e54db46c9bbn/a 
2023-05-16Qhfkqjqk.jsjs 7e8c8ba4f4da168910d5892f978e9125d44863a100f183a9c7a2dbc8c9e9333dn/a