URLhaus Database

You are currently viewing the URLhaus database entry for https://besocta.com/tvu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634768
URL: https://besocta.com/tvu/?1
URL Status:Offline
Host: besocta.com
Date added:2023-05-16 21:52:22 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:53:36 UTC to abuse{at}hetzner[dot]com)
Takedown time:1 day, 23 hours, 42 minutes Poor (down since 2023-05-18 21:35:57 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Xrbtysz.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Mwpdmwj.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 24.56% 
2023-05-18Jhlnbu.jsjs 14c6083f8394a864aa79ce227d015b609ed01228e3fc30e37f7719b9383f7aa6n/a 
2023-05-18Duhmlv.jsjs 16cf6bcb57e5b6fbd88357c73a7c2e1fea2c60e1facf1122d4f6d9ef672f908cVirustotal results 31.03% Quakbot
2023-05-18Ksmx.jsjs 266bfb248bbfb5fafc879d0a26c731499ccb3de4c57b64ce4b3a3fc6f836b93bVirustotal results 25.42% Quakbot
2023-05-18Etadpe.jsjs f0ba5660e9ba7e62c93207a7b6fd775ee56ae1fa8dfc2ece0f169a6e96076681Virustotal results 25.00% Quakbot
2023-05-18Ciqgsroi.jsjs 6637cd86cb6d1780d474d49c347f8accc08a24f73ec7d212ecaa591e370d7e1dn/a 
2023-05-18Zkwosi.jsjs f44e30ffb57afcf688c00896ca7384786ee3ede05210094b66c6d9d6c83675e9Virustotal results 18.52% Quakbot
2023-05-18Baylxsuc.jsjs 555220330c615686c8a042f7d99f74d150a132b4d580ce95d1a7b6db412b77eaVirustotal results 27.12% Quakbot
2023-05-18Uuojgx.jsjs fc9e138d576712bb870d465c8c9568c010f3081a0cee5918a906d5f82a1dfa57Virustotal results 16.22% Quakbot
2023-05-18Mzor.jsjs 748288dd3065db0c33b5cd484c4347216a3780b90eedc58ea62491f9297a57d7n/a Quakbot
2023-05-18Espn.jsjs 9f16a38888bf7c130dfc15dff72eda59b2621e7c1048f157a4cf51e9bcb2e280Virustotal results 32.20% Quakbot
2023-05-17Pkiwul.jsjs bc85062a6ed96ba55f83637c5941ebb10dd8734a7486eb2e716a41e21578b347n/a Quakbot
2023-05-17Lbexgxp.jsjs cee11dd3e06833ff80c75ab19feaefb05e62b347d9ed97e9ecb8f4ac5a889f95n/a Quakbot
2023-05-17Zvqhsias.jsjs ced3c62c0b0eb34cebf34dbcc0ee8a52ffec9388cc383952b09c7aa421199a79n/a Quakbot
2023-05-17Grfpgqa.jsjs 1daf295e083f68a10f9527a63f47ad20185bc445825bbe8e6b92086996eeac2eVirustotal results 29.31% Quakbot
2023-05-17Hyvkg.jsjs 7f96290dff45385bfd8340f07e433e56831a66a593d5472a2ef8da6d665f355bn/a Quakbot
2023-05-17Cxobxpe.jsjs fb5908d59b642acad4cc8e4b40c8003da06b37e422221c358758d820f2c0a53fn/a 
2023-05-17Zeibr.jsjs 9c314b5f4a7743d21d097a67b5c79eb756c247e976ffb81a622b962243ec69f7n/a 
2023-05-17Attuaizu.jsjs 1c54be699629119cd290b1a68e941c7e5c9ee24d79059996cb4c328dfe81773en/a Quakbot
2023-05-17Kblcgtl.jsjs 8223f7f6187197586da0653721a31f4e24e0d260b16d233717774d6f289aa5f3n/a 
2023-05-17Crebw.jsjs fd4d0244ad247e414353f1e43cdf478f9e81944e96d55a2fac2f49d8909f87f4n/a Quakbot
2023-05-17Zqxmfcso.jsjs 50a81d963d087c4e02fc6268879eeb08f2aca91e307a9beca50b225e89adca1cn/a 
2023-05-17Vzssntph.jsjs 5815d6e45f991d1f1220f19a37c28d2a8ef2a1462421f1d007f1252fa3795d6fn/a Quakbot
2023-05-17Cmooq.jsjs 11c4df139b74608d028c5e8eeb4a524d080a5f7ac2fc0aee2f39f1258c4ca458n/a Quakbot
2023-05-17Kfovy.jsjs 97585425559c9121a14c4aaa8a435dc6af488404b6e31504a0cfbc3ac6da55a7n/a 
2023-05-16Sjthpg.jsjs 379fa0f162eae6d7de4cec22cad6abc48977a3422749db06e450db21c9e51f2bn/a Quakbot