URLhaus Database

You are currently viewing the URLhaus database entry for https://redwebcreations.com/sac/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634260
URL: https://redwebcreations.com/sac/?1
URL Status:Offline
Host: redwebcreations.com
Date added:2023-05-16 13:42:28 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100116558 created on 2023-05-16 13:43:14 UTC)
Takedown time:2 days, 7 hours, 43 minutes Poor (down since 2023-05-18 21:26:19 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Jtfrcfo.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Dnjls.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Kpgci.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Qbbygl.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 23.73% 
2023-05-18Abfr.jsjs b7a9d786648f1049f8c0964593b9fa3983e6066f5674ff98d438cf5ec9d592f4n/a Quakbot
2023-05-18Kntby.jsjs 45a695a6696ee2284f34ef03f76d7192a3829a64f1ae5f5216bfd36983231680Virustotal results 26.67% Quakbot
2023-05-18Oplmrvra.jsjs d306257143ef32e3f924f2886ed8c92b3dadea9e12e458ad402e9456a2e61edfVirustotal results 24.14% Quakbot
2023-05-18Xadsznd.jsjs 8c2547beb9fb406c4a16f82f423ebe7c1ad3223e438fa0b061c7cc13133a635an/a Quakbot
2023-05-18Ppqodkn.jsjs 023250d4f9af49d2f7968647280c712aff55b6146a5a06b7b302bab288a405baVirustotal results 29.31% Quakbot
2023-05-18Oekouwmh.jsjs a9f2a0cb2e1331cb0fde62a0318a6e4666f4e283157690f3f7a1059aa73b2f71Virustotal results 30.51% Quakbot
2023-05-18Ryztxb.jsjs d2338cd0376171b31bef79e7bc05e3954d3c61c6f23184804a1a1110dafa3d36n/a 
2023-05-18Jxeuejrv.jsjs 24c2f222f6f2809f7c5dda15d789a41d9424dfce3714fe71bed9fbb0e077503en/a Quakbot
2023-05-17Mdbcq.jsjs 6bb7a104fe821f46f0853eb826d375aefd2c29fca71738cc3494e5cd9ad1c40dVirustotal results 30.00% Quakbot
2023-05-17Nomesmtn.jsjs 9487aeedb7473998494f4a53f02cd176e21f14043b6e2e75cff9016c277d0c0en/a Quakbot
2023-05-17Ruln.jsjs 0ae16f66866567a01f4af47c0c7b2e49d1e54eba4e457b2de97f88c48016cedcVirustotal results 30.51% Quakbot
2023-05-17Lsohugej.jsjs b4a90889250c70642150c7b822ece35979290cb3664a5f778ccb8195b4c440ecVirustotal results 25.42% Quakbot
2023-05-17Zgva.jsjs d25526dc27feb5e67f938d4b403a9dad1250e9bad80e8f4d66a22d696dacc328Virustotal results 32.20% 
2023-05-17Yhapqd.jsjs fcdd7c512aa91e5f6574a7c7ab77a118b9e1af5f2e3b502a5adb136508c4ba47n/a Quakbot
2023-05-17Avznl.jsjs e6823880248255f28dad73af6553cfbae133b6df9f78eff124a379d793265ac2n/a Quakbot
2023-05-17Icaiv.jsjs c9405181760bf1482ac0fcca4034002716ef5a48bacdfd80e3cb5353db6fff56n/a Quakbot
2023-05-17Gpek.jsjs d2e0f5b5786c010314837418d2aaa5bf81c1d14d9ebfe2234f2b953215e21684n/a Quakbot
2023-05-17Ktfkq.jsjs 9a877cab40acc98ecde6e0c8766c907742994890c33d3085b33f387a4e9fe4fbn/a Quakbot
2023-05-17Stubcc.jsjs a802d319e5aa56043dd7376aa6b42da2551f6507d1e8ee47cd933b89a721c8edn/a Quakbot
2023-05-17Vpnf.jsjs c296375c22e18a1e76e5868ba9c3b74c8cd3c6b522e94a4e3eea421cdddb073bn/a Quakbot
2023-05-17Qrmfwm.jsjs 88c5479669680325fe7afb1053ed45ae086b152d5df4f7cc4cbd53c62cd00fb2n/a Quakbot
2023-05-16Uptfibsp.jsjs d0657be34a63f694fb55c2c32dfc12ac378160b1d45215347e7cae8589f9ea7dn/a Quakbot
2023-05-16Iwgmzoar.jsjs db660112d22efbf669b04c44a318b34b7bcf4ccb05fe1e8be2a1acdae5e9edc1n/a Quakbot
2023-05-16Fgmxv.jsjs bdecef31f3392b97fc7ba99b60c0252aa122efce29042b02bc9cb5de1b493326n/a Quakbot
2023-05-16Ywzthbhw.jsjs 0793386fe51c4f33bae77ef1117d3ae9d249db4bc9780df051a3f4c66b79b550n/a Quakbot
2023-05-16Twiv.jsjs 9685577008fb016b47cd21f10651f3d2bd505b2216fb3bf0154319d549f2f366n/a Quakbot
2023-05-16Zkxbnc.jsjs 12b44c6182a5461a56e000a84db77e0db44204d600f4a43cfbda6a497f8cbddfn/a Quakbot
2023-05-16Xgyemsq.jsjs 1b867561c23638ba71099266353b2fcb9c6f363fcab8371fbee5d9d251984f27n/a Quakbot