URLhaus Database

You are currently viewing the URLhaus database entry for https://avscourierservice.com/etrs/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634758
URL: https://avscourierservice.com/etrs/?1
URL Status:Offline
Host: avscourierservice.com
Date added:2023-05-16 21:52:19 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:53:44 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 0 hours, 51 minutes Poor (down since 2023-05-18 22:45:40 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Kzcpzre.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Sgvmg.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Auxrfuu.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-18Leulyc.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Pasap.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 24.56% 
2023-05-18Fxucl.jsjs e27ba6957f51b2c6e087a42db884f9d2da83509c905989c7014e88fbd201c0e6n/a 
2023-05-18Jekirdbo.jsjs 3f14bbee3c8ce3a67b5dfc257b5cff8e6f131ed1b17c77a50e705cb44af1c616Virustotal results 22.03% Quakbot
2023-05-18Bgah.jsjs f0ba5660e9ba7e62c93207a7b6fd775ee56ae1fa8dfc2ece0f169a6e96076681Virustotal results 25.42% Quakbot
2023-05-18Rnfrjdrk.jsjs 03cdab834b6a7165627af8e82df4d52dde740aa3481625a88ef76e122b7b2894n/a Quakbot
2023-05-18Bdkzfvdk.jsjs d8ee25b9b238ffa9197d9bb3defe47e9a2720909109c315f32b38191a4c534afVirustotal results 25.42% 
2023-05-18Tchk.jsjs aa49eea2c5b828df4f85742d3d76bc365ee6c18721795dfe567bd8be0b360d61Virustotal results 28.81% Quakbot
2023-05-18Accb.jsjs bb118ed7175733d7b31163818a3948e5e35d0e3ab3627a549e93cf6afa196585Virustotal results 29.31% 
2023-05-18Nadgzh.jsjs 53d2ace5dfd9b4384bcefcc9b7e2c0b6701053df124573ad3dc1044ca98e8398Virustotal results 31.03% Quakbot
2023-05-18Lhzs.jsjs b896df419a5e1ac8fe67ede2b9594d6252e8dbf87ef64fd093ceacc52a84798fVirustotal results 24.14% Quakbot
2023-05-17Yeiwkr.jsjs f6367e6003455bd5ec09ff23726731029805bd0357bc8cd5184dfe270962601cVirustotal results 32.08% Quakbot
2023-05-17Ziunxr.jsjs f4454d45458f3aaadcdfc328fc4107a6c670b1c0e04df1d476ca56e831b83818Virustotal results 27.12% Quakbot
2023-05-17Qjur.jsjs dc776fb044bb27e20a16f383ecdaa44a67be283f4902ddd48f1f6cffd24d036cn/a Quakbot
2023-05-17Qyuz.jsjs f1cd10870a25ff5450774a8498966cb5bddf350a269b79fee66a198f6cf3b7a6n/a Quakbot
2023-05-17Lothcgg.jsjs ccdc371fa95a2dc8192ecf73826f489942857addced0e8ce4b9aa969aa98381en/a Quakbot
2023-05-17Evpa.jsjs 31bfb0e9f32a6891aa3b4bb9c1caeefec664295de95b74eccecf9eb67a2b84cbn/a Quakbot
2023-05-17Wqqfrjl.jsjs 56e958c5170fa27748c823f1145b93644170f72706fd132b2dfeb286ccf1192fn/a 
2023-05-17Lmqmlr.jsjs f588a6cbc14b2ec270392f9ae260a28b3d8e97805faad13659e4fc37f51d8edcn/a Quakbot
2023-05-17Vspt.jsjs eb69d82e804e1e4d2247a901fdd9b84dcd0eae4fd3f55c1be02c93414f0a2ba3n/a Quakbot
2023-05-17Ndkkyzs.jsjs 12f05f6022e5f3b8d9dc9717e3c7b98e8aedd39b78483900f2d0aa44726e2e7fn/a 
2023-05-17Jniq.jsjs c217dfd702bb34cbfcd30e0f8f2f815aa3c49e26f2ddcac3069a5e651856df22n/a Quakbot
2023-05-17Wfwjef.jsjs d6fc1fa5059c5bd63bd5fba4579b256f2cbc37fcc13bdb3da1cd175c928db98bn/a Quakbot
2023-05-17Sambk.jsjs 4557ad2b2373456970f9d0c8a295098b13f9f3b3c7ac2948267b95ac9f7e439bn/a Quakbot
2023-05-17Osqrmgo.jsjs f787597fbc6b1efd547d572655fc2c7a118808c7125a2f294c41ef8e617e686fn/a Quakbot
2023-05-16Obvpqfwf.jsjs e17a02957e0bfc7781e665c60c4d8aa4abf69d9809e109a3bcfc82a605919179n/a Quakbot