URLhaus Database

You are currently viewing the URLhaus database entry for https://segusa.net/oi/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634278
URL: https://segusa.net/oi/?1
URL Status:Offline
Host: segusa.net
Date added:2023-05-16 13:42:31 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:45:44 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 8 hours, 59 minutes Poor (down since 2023-05-18 22:45:32 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Pdefr.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Gqfqzwe.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Jxoaelr.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182en/a 
2023-05-18Hgkdzn.jsjs aa49eea2c5b828df4f85742d3d76bc365ee6c18721795dfe567bd8be0b360d61Virustotal results 28.81% Quakbot
2023-05-18Dshxhqmm.jsjs 3d234411a958948cb4805e18eb29cd95fbd93086ffda9ed636c6d322523b5e80n/a Quakbot
2023-05-18Vdts.jsjs 8d8b15db563271d51b6caabd1d280fdd09e2262383534714503ad6903b1dd6fcVirustotal results 31.03% Quakbot
2023-05-18Hqks.jsjs e78861a712a577b61558f7ea9878b91e974692081e5daa5f02dcb5ff1cdc359aVirustotal results 32.20% Quakbot
2023-05-18Twqlqxg.jsjs 2878ea27fb0bf41510c5a442c350ea2d31a71ee4c1532dcabf74f79b9aa1b3f4Virustotal results 28.81% Quakbot
2023-05-18Sbksu.jsjs 0f8aac75339d21d38c89f545a30c35990759d0f0123017fad73ed0c8ce34b51cVirustotal results 25.86% 
2023-05-18Dovu.jsjs ca99a531b2e34c4f23683a2cf2f4a2e81bcb2cc4975ba287d0bc6ef71563472cn/a Quakbot
2023-05-18Pnqphb.jsjs 7a1083b3edcdb5d47bf9938417f339c556c4737e9886bb9cd51ce8eceb3dc5dcVirustotal results 30.51% Quakbot
2023-05-17Lnvilea.jsjs a581d1bc0926e4888a7d919a2ec529d51e03862bf784ac4cd4333e3df168d239n/a Quakbot
2023-05-17Ckqr.jsjs 1187259a79f3d0fa43b025751bffb4506d955db2a1072f8e61e3707c5250edadn/a 
2023-05-17Wcxgv.jsjs 0e6261c9c8d05c96074d71e8c45d5c3dbb78736803c84ec4565a0db8dd83510bVirustotal results 29.63% Quakbot
2023-05-17Beos.jsjs 719ff669cd7b0754e787346601124ede6c1238c49809ebd0d6b58a3bf4b5a9bcn/a Quakbot
2023-05-17Rcvi.jsjs 1e96a7079b653386193018082948ee18ee1ca517dd96395eb46b4d5e30507b87n/a Quakbot
2023-05-17Uttgpk.jsjs 4779dbaf4f01d866b1dd6a2cdeb855c53a82951952ba41e9af73be849bc9116bn/a Quakbot
2023-05-17Vrjfgirn.jsjs 5155a314d6e44ed6eb4d65e80d368d8bcd4e8674e293bce8d712b03395d22f6fn/a Quakbot
2023-05-17Zntuvzk.jsjs aa44f1934130fd6ce1244c9e71e7c101a6a9d20875aea75f39f4d1364bfb761an/a Quakbot
2023-05-17Pylempno.jsjs 39704b9a5e7e643e6d0f73d2575e3a2d75d54b954c5db9644a5d357372474953n/a 
2023-05-17Yhrziw.jsjs d2f901ad8902ecfe0cb0582adb163a89a2ebf4a642ff1965a1f2846c0b5fdd09n/a Quakbot
2023-05-17Eogxbp.jsjs 3d6071b54eac80df23283608fc77bee161c3af05d5dc150374b820d57580cf0bn/a Quakbot
2023-05-17Nydlwims.jsjs 44199b314a6ab4dcc6f0a1a3b3accd9b7f63f06f5e99b0de7ab411b21dfd13den/a Quakbot
2023-05-17Wfgezxaf.jsjs 6bdd10c65fa2b080aa7bdee0de90528499d64fc855cef8246ea41f3d494742bdn/a 
2023-05-17Uwux.jsjs fb17efe79d4f3f624d77bbfd86d1312e8f5d680a4a1b82b8f5cfef5571b23c29n/a Quakbot
2023-05-16Zfem.jsjs 3438160c82e8b88b0222b00db62e1f17c1a67658a9c8530c2d3de75f04079200n/a Quakbot
2023-05-16Stqvk.jsjs 86b22625ec55eef8a8f0235a65a747533fa20f14a438358595f60dfa1b55acban/a Quakbot
2023-05-16Dejfmfff.jsjs ad3c7d6efa3eca10ff9e1fdece8867481d30f55c3fd34107b0bde987a645b5f7n/a Quakbot
2023-05-16Hkeu.jsjs a843cbc16c0605389e116918c1c45ebfdc4e27b10ca3b7230ee8aac3e5ef1557n/a Quakbot
2023-05-16Kynbh.jsjs 7d8a0b73cee5549367084a04513eb8af998b23e3a2db40420012c4255e421455n/a Quakbot
2023-05-16Gdrbxdod.jsjs 1d8a115954b3246dc055fd8da341f726d15ca2763295bb8a638322c25e15c0f8n/a Quakbot
2023-05-16Lmyesn.jsjs c5e96f29ad010124a2ded2054097a51b2c9c6c5e26f1d1d767857d99b2487c6cn/a