URLhaus Database

You are currently viewing the URLhaus database entry for https://authenticsl.com/qs/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634753
URL: https://authenticsl.com/qs/?1
URL Status:Offline
Host: authenticsl.com
Date added:2023-05-16 21:52:15 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:53:41 UTC to abuse{at}cloudflare[dot]com)
Takedown time:1 day, 23 hours, 23 minutes Poor (down since 2023-05-18 21:16:41 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Jadh.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Emkdlekr.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Metwaea.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Gljtn.jsjs 1a3baf189a9c8c387dce093d08258804f48c1bbe41226cf6333b5195e2d196acn/a 
2023-05-18Zfukpmuo.jsjs 0692b014bee9b6b1a01cd4fcf3293e88388f98fb01460d6ffd2b3415d5de9779n/a Quakbot
2023-05-18Hjbyvcm.jsjs 40b44314a486ec7a8d570abd6d0edb8d6d9384e75de8dfd5d698783e701d3dbaVirustotal results 16.95% Quakbot
2023-05-18Wdpzcmim.jsjs 4779dbaf4f01d866b1dd6a2cdeb855c53a82951952ba41e9af73be849bc9116bn/a Quakbot
2023-05-18Jhdgry.jsjs b76a46e9b0db483e342c390f25663222fee2e67cb7670205636c7ee748850b86n/a Quakbot
2023-05-18Gvhrwc.jsjs 479435405ce11b58fbf16a8d7d4f3f1b2d8952718a2dd79f8c0e4ecb91176be8Virustotal results 32.20% Quakbot
2023-05-18Eianre.jsjs 17dcb0baeee21444da6b254c7dcd1d98989c6a0c089b8d79530a2c2a83dc34d3n/a 
2023-05-18Vpeixy.jsjs e0642fe2c08773c4f9cd1e58913df9c41ba972e034fb64016f0f078efca68bc7Virustotal results 27.12% Quakbot
2023-05-17Bzjavrh.jsjs 6cc345a8ad3df8d8da07821f31095f9c217201e0065038c5bb7e15aae14a9035n/a 
2023-05-17Hjhjui.jsjs 9aa3958dd376fcd792957165b53999bc05bdb411a0ea61e30b7787e1a7cdfbf0n/a Quakbot
2023-05-17Byakbap.jsjs b1c5cdb6f87ad0c3aacbf479218ede289571b85d30eb47defef749332b52c806n/a 
2023-05-17Oepg.jsjs bfbec36fede661575f19295dcf1df9ba2fa3f0ca817dd9cc5efbd152f86a999dVirustotal results 23.73% Quakbot
2023-05-17Usscrke.jsjs 753569ed5b6539685798c9810e39b6c67eab5c08103e0c79d4cc2f1c16cd8ac4n/a 
2023-05-17Xzszdq.jsjs 7de33bd597e2308019574ea948f706768bf2fbb89ea7392395d6cfd89909369dVirustotal results 25.86% Quakbot
2023-05-17Rpyiolfh.jsjs 16fe8055701bf9e829e70c4811b31fc75aec4d03582697ab493fd530e84ac6cdn/a Quakbot
2023-05-17Vzeiucng.jsjs fae292d944cbce727ece442aea7bb8ea4d1bd57bcbf49a3e3e2aa5f9edf19af3n/a Quakbot
2023-05-17Aieg.jsjs 5710fc26a14d76a471be63a24e1652d0526bd4d05c5300ca7e56fa6a3d5dcb20n/a 
2023-05-17Gehpg.jsjs 2586b23a8cfa03f859ff01bb146b85077f27d0e6efe7a4605a4c1e0a91bda15cn/a Quakbot
2023-05-17Lsznb.jsjs cbb801bac83172bd7769e88a0ac1f1ff8d72c628c3040eaabb55dcbee727f9c4n/a Quakbot
2023-05-17Yunjdm.jsjs abff64cda30df564be29f4eed51c9ba9a2ec027584726d34732c8fece6f61fa8n/a Quakbot
2023-05-17Vusunkj.jsjs 821434ce0dcb81b3c03f84e3ace042322794856177d45fd2625c7b4ce5a9006dn/a Quakbot
2023-05-17Ineernn.jsjs c707c7cc24faa22b90a83d2db6754a81f6fa95a281e960958139b54c6890e38cn/a Quakbot
2023-05-17Cevec.jsjs 4fe96401a04b451b99b007d5b46b086cb01ef09186bd6dcf7dd3b685ba9fc2b6n/a Quakbot
2023-05-16Nzzwb.jsjs 4de32fee4ad014f46717600fdf26ee8ef999cf300e0a66f0c9c9864053e1dfffn/a Quakbot