URLhaus Database

You are currently viewing the URLhaus database entry for https://avscourierservice.com/vu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634756
URL: https://avscourierservice.com/vu/?1
URL Status:Offline
Host: avscourierservice.com
Date added:2023-05-16 21:52:19 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:53:44 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 0 hours, 45 minutes Poor (down since 2023-05-18 22:39:41 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Cxpjpd.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-18Xemixn.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Iocwcc.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Xtkhgtkz.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8n/a 
2023-05-18Osypnm.jsjs fcddde4aefcc392bf143eaab986f85fa9fea69d7d232194ecf6c3080b8b60a1fn/a Quakbot
2023-05-18Kptlbj.jsjs 6e988a313f3e3723e109adec17cbf1513010e50c972114a245ebf3ed743e84bdVirustotal results 24.14% Quakbot
2023-05-18Ysphk.jsjs 16c00ed1c4eea2fca24d5ac64106a0261dfc36eb8ff64471f024d0f95efd140an/a Quakbot
2023-05-18Ekylomfd.jsjs 2ffe30857db286ab5839fb47499480fff446371b3c1f8df2d8dde6853266f088n/a Quakbot
2023-05-18Heudfmn.jsjs c3b7288bc652fda94fb09ac95870f66d2e355b6637b09d5c9fd1b7d64d660a52Virustotal results 25.86% 
2023-05-18Dhhfhjuk.jsjs b64790ef2bb214bf0fea83cb0aff305cd66dd38f065ab3cc62b9ddf5d3570eecVirustotal results 23.73% Quakbot
2023-05-18Mhlneky.jsjs c426bcba8c0bf1790fa05cb78d763ad67bedd1b1bc3eec6b4902700e097a1a0fVirustotal results 24.14% Quakbot
2023-05-18Phryhb.jsjs 576d80e7bad2be3b3f4ddb0ccbe067bceabbc990bb96e11007cc74c2d6ad7bean/a Quakbot
2023-05-18Aqcup.jsjs a3cc568085570fcadc8c808a54f2482fc606cfcc1e1ad374e88b6d8b8de6ae58Virustotal results 25.86% Quakbot
2023-05-17Eceqox.jsjs e1f86c377a5fb822c6704735ae1fc4f80bddbea822ee597fe99762e575e05ba2Virustotal results 25.86% Quakbot
2023-05-17Ojtg.jsjs 09d00cc1758af4e79c7a38e65ba9555ccb18dcc1f628a22c1d9bd5a337b03d88n/a Quakbot
2023-05-17Yvykclow.jsjs 17dcb0baeee21444da6b254c7dcd1d98989c6a0c089b8d79530a2c2a83dc34d3n/a 
2023-05-17Zlivd.jsjs e2cd2a44ac9c613f289c14a9d30244223f9949818db49dc69c73a5efc442a948n/a Quakbot
2023-05-17Pclwdqm.jsjs ca0444007c6c56cf207e9de8f069644d774953d9bc532784f55d5deebc62acbfVirustotal results 26.67% Quakbot
2023-05-17Ldvhx.jsjs b80551abdf45ba18befb113fb4c02517cb49680bde72f8ae92ef07e61857ec89n/a 
2023-05-17Nkek.jsjs b55a6ca9c8a74acc4ca8a783b66b6516abeb8f497e148ace06fcb4f53303a03bn/a Quakbot
2023-05-17Immvgvo.jsjs 82bfebbc6be96316b43c385dcde33d3a4b8b89df7ad0d1ee80b45e44aae20c26n/a Quakbot
2023-05-17Ynmofmvi.jsjs 7832e3302d4f73d6d896591843796b7522dd87efef54812f941378475e430108n/a Quakbot
2023-05-17Jdomi.jsjs 66d5085428bad33e53cc181f4a00edc25c7d2ce4390fb960b5aeae2715c36212n/a 
2023-05-17Wuctg.jsjs 376e32c4ee13afe955f2b1c83eec8a47d9ff84053ef6425ca4eebfce05564fb6n/a Quakbot
2023-05-17Kkdrry.jsjs a729ff11529b232815d43960c55a20bbb07fce3a85303289c48760dc806d35e0n/a Quakbot
2023-05-17Mszs.jsjs e2e6bdaed062e061797a2554f1cd38a7b62cbe414bec4e9f38447278423e0a43n/a Quakbot
2023-05-16Oyqsqx.jsjs c65b35ce7e5ac70af306f1f059c261290ec55508e9b4db7c0ff27fb88c152249n/a Quakbot
2023-05-16Kgirqyp.jsjs 127a0174aef217ef7e96f8f0d2038cd472329ae29a1671acad7e5fd8f2425c06n/a Quakbot