URLhaus Database

You are currently viewing the URLhaus database entry for https://pharmaciestaffing.com/mfa/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634293
URL: https://pharmaciestaffing.com/mfa/?1
URL Status:Offline
Host: pharmaciestaffing.com
Date added:2023-05-16 13:42:33 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:45:56 UTC to abuse{at}hostgator[dot]com)
Takedown time:2 days, 8 hours, 53 minutes Poor (down since 2023-05-18 22:39:13 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Fbovhlnx.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Deycm.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Iksc.jsjs d8eb60e98a30b1479ed7aeeba8c1acc24146560ebc7a8955a607f352b44d26bfn/a 
2023-05-18Yhmx.jsjs 4763068a93fa58650c7a913bb253b59fb9f5f7da3d041d28302d9d1b4d301008Virustotal results 27.12% Quakbot
2023-05-18Evfh.jsjs d307232640d2944029109ca441be49052d7c8d24590a54096c256c48e4d7da1an/a Quakbot
2023-05-18Vpindu.jsjs fe38571546fce56178ef24eac652a6bdb02adb17817e8381824c1e1039b5f642n/a Quakbot
2023-05-18Weqel.jsjs 6c9b5539e5f1f1b4e1d609c95278f2b4bd4386f4efc315a332648f1467d2b94aVirustotal results 23.73% Quakbot
2023-05-18Iiuhqool.jsjs 4604c9a02925f680aa68df7691aab5b247d61f74fa2c2c261a58ed40e9680327n/a Quakbot
2023-05-18Gamkdpoz.jsjs 8deae0dc00f63d06da4b8491f06c909682b192af1c7ae4467703241c34a509ebn/a Quakbot
2023-05-18Rgruphmq.jsjs 32710b418e9ddc449d0548590b62ac23975ad6efba53cc55cb1551326e182cb9Virustotal results 30.36% Quakbot
2023-05-18Vpqfsxxo.jsjs bb118ed7175733d7b31163818a3948e5e35d0e3ab3627a549e93cf6afa196585Virustotal results 29.31% 
2023-05-17Sjdcur.jsjs c3b7288bc652fda94fb09ac95870f66d2e355b6637b09d5c9fd1b7d64d660a52Virustotal results 25.86% 
2023-05-17Ivho.jsjs c7350bae160037853cf976ce2975bb3bf2a766449f69080fe67c733cbe18e005n/a Quakbot
2023-05-17Qklea.jsjs 6325a36db9c4fb5af943871bce9ae9c80002f6d9379e71cd94bdefe0342b14f5Virustotal results 32.20% Quakbot
2023-05-17Lisigdca.jsjs 1382bbc235ac7b5a2dd52d131a5789c7736d4f2a5d674e59c647d3aa92091188n/a Quakbot
2023-05-17Ldne.jsjs 8c4f0c45a34f4cd509c3354346e0db29fbbe4bd099e2b67de6abc88dde35081an/a 
2023-05-17Udzg.jsjs 759b7245c8f5cd0c5db7853442c740696c4a66caf8aae6a281b32f063f6c660an/a Quakbot
2023-05-17Zskzfjwi.jsjs 9079446bd4c7bd26e207e6897766f15bb65c2e6bd4802d253ec23072dff72e4fn/a 
2023-05-17Piox.jsjs e52423219235b487fa1bdbecc61e902ba4a8231db55f43324a936a6561d8b56cn/a Quakbot
2023-05-17Vfqqlo.jsjs 6d93bec9a4423e8e656e3ca0d4e90ce6fe48c3735b334f083340b60d0e50ab2fn/a 
2023-05-17Ubqmd.jsjs d86e685312f58eed63c5f41f1277f033e5d833cd538bdcede1e3039a6234d09en/a Quakbot
2023-05-17Awqiuihb.jsjs ae6ce37791c4a549ac2672eeb3a9eea467bc39121d9b218e16cb68428244311fn/a Quakbot
2023-05-17Krxaqnig.jsjs eeabe8c89b2e62c0238d10a63a61778523d72186b931dd2f574266b45ad94818n/a Quakbot
2023-05-17Kcgiityo.jsjs ac6dcc62a8b9d627edd5de172c8176063a5287b4f3de090e7906c7d0aff9271en/a Quakbot
2023-05-16Vfqxvlma.jsjs 4cb3dde45f01070a1cc4c3fb8643b32f48b67e0f072d78b5ba8fbfacbb1fc273n/a Quakbot
2023-05-16Wvpdkcv.jsjs 87a97a311873d31fc6878f378d7b88eaf2ca8850590033196ed4fd3cfed05fccn/a Quakbot
2023-05-16Oocoj.jsjs bf2417da0629ddc36ea9543f7e203c99d029737ad9cc179ec0cf78e7a709ac9fn/a Quakbot
2023-05-16Omitwtz.jsjs e021fecdf7550d7ad36110a06e4641d1d4745a4888c91d37a9707366276ce96cn/a Quakbot
2023-05-16Qffrrmte.jsjs 016f71c7053b9f8164b5138a9008268585361c83ab1e85afbc02b4c8a9563464n/a Quakbot
2023-05-16Wkpsqww.jsjs e4970662bbf3f0374cd1e83959fdb9556ae5cd037a63126c4c1543a211783da7n/a 
2023-05-16Lqobt.jsjs 0bd89986f92dbe6b8ac5488685f3debb837320ce336c6a10a4ba25000b18ec3bn/a Quakbot