URLhaus Database

You are currently viewing the URLhaus database entry for https://mymsa-eg.com/ap/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634572
URL: https://mymsa-eg.com/ap/?1
URL Status:Offline
Host: mymsa-eg.com
Date added:2023-05-16 19:12:13 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 19:13:18 UTC to abuse{at}hostgator[dot]com)
Takedown time:2 days, 2 hours, 54 minutes Poor (down since 2023-05-18 22:07:25 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Vkbswwdi.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-18Oxvd.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Pvfcvhgm.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Hfiyvnqu.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Vkiu.jsjs d85495d41c8802bb8e4fb96392e9883403f1f697437fcddcb3342df2836658e9n/a 
2023-05-18Qqnotiul.jsjs 7e29b555dd10291e663446073640ea5519a3e38a3655264511bf14299c86dccbVirustotal results 24.14% Quakbot
2023-05-18Ibmajer.jsjs 5382511d86a2d24fb5f8fcb921bbfd21b64b9c071494bcfd096e738c2464ebdfVirustotal results 26.32% Quakbot
2023-05-18Erlz.jsjs 1f3d3d34fcd02bfbd9eba7becc4eb01342dffb209af4971f9df25374411cd1a7Virustotal results 28.81% Quakbot
2023-05-18Gkrt.jsjs 0b5625e5e6c8ca17119f220fef0e5b08313f77e79294375e8b2c57d9bdc47ca9Virustotal results 25.00% 
2023-05-18Pgqoqtra.jsjs 028981687a2254e22ca965537b4ed290d1dca3b0b682da744c55d1763c98565aVirustotal results 32.20% Quakbot
2023-05-18Nrtxhgb.jsjs 91f2349ddffafc85ec07721077d9d38a2ab0376beaf588950fe98bb16d3218efn/a Quakbot
2023-05-18Gsro.jsjs 2ae770725a34857b3a2ff3821341d0b0363c401b4588d1bd1ce75048f2b83a18Virustotal results 25.86% Quakbot
2023-05-18Cijxmzll.jsjs b896df419a5e1ac8fe67ede2b9594d6252e8dbf87ef64fd093ceacc52a84798fVirustotal results 24.14% Quakbot
2023-05-18Xnwxcd.jsjs b65cfc5c1f188f590ab7d7d6a20d1ea638a086a9be61e3442b6ea9388fda3c0cn/a Quakbot
2023-05-17Lsnuutbm.jsjs 6b64266f2b4feb2f9f045a12882dd0a54819e4eb7d840e0c0c092944b0a8ef11n/a Quakbot
2023-05-17Yrjl.jsjs 56e7ef28abd5d99579c0cda0cafc94f64335c3b99a2c4a88b27c75bc943583d6n/a 
2023-05-17Eazw.jsjs 55de06acc13c3b8fb3ea954532b87c6283eec6472441480e92d849103b3c6688n/a Quakbot
2023-05-17Tjfkue.jsjs 8ee5d86b74cd803753d211be4c64578d8d39e7dd487d114bdbe044505063bb7en/a Quakbot
2023-05-17Shxskxy.jsjs d188bb106c47296a6f358dc69226ce3c9b48abe1399e7cf924fc4afa813b1505Virustotal results 30.51% 
2023-05-17Vcreqyob.jsjs c6712a15900f7986ac9ad350dec34f50284b50e708bdeb42e320d99659f8d46fn/a Quakbot
2023-05-17Rrbn.jsjs 6fc84f16bba8f14130cc061d7ab41c424fdccd71398b2bd8c1f4300ffffe8912n/a Quakbot
2023-05-17Jxsyhq.jsjs f7c194f5481e43725e25633987bef40a6d5d70b8fbe1d86cceae4fd0a51e877fn/a Quakbot
2023-05-17Qbpl.jsjs af5cc07b554367c8b6b7c93329331fb6be212e56a281ef83dab962bf1a791399n/a Quakbot
2023-05-17Zmkppv.jsjs f04c1b36ede1f0d0dea2b3a42a17c01393dcb37bde4fec14b36da0c84b7931e8n/a Quakbot
2023-05-17Nkpbn.jsjs 32db9e605c9e059ef9569e59f713dbe0cd36587a139bcc2ccee5d2e83b0b07adn/a Quakbot
2023-05-17Sfifkzj.jsjs 30add9ab7943df9b3b9c76afe9978fcc08c16e2ae3463d2ded614227d28d9227n/a Quakbot
2023-05-17Zdtaocds.jsjs e6e44f342df4d969a101f776ab339b96437bc072f802ffc774244edb3cc390e9n/a Quakbot
2023-05-16Anua.jsjs 97d68fa27acff0767c7810dd11c1a613b11fd40f72d342b445c20961c95003d4n/a Quakbot
2023-05-16Hriys.jsjs 1ea59399bebe42dca51fc40672a1f9c4faf18b24d73c088763a3bf6039bb6913n/a Quakbot
2023-05-16Fhnoipvw.jsjs 863803eac56c38ef1ae04ca9292a957a21cfc55368a52022e1d2562b96a9c5e1n/a Quakbot
2023-05-16Qozqtz.jsjs 282113880def8559919855776e7de09ad70d6c37e6d65265fc73a7cadee6bd60n/a Quakbot