URLhaus Database

You are currently viewing the URLhaus database entry for https://er-estate.com/en/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634852
URL: https://er-estate.com/en/?1
URL Status:Offline
Host: er-estate.com
Date added:2023-05-16 21:54:19 UTC
Last online:2023-05-18 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:55:38 UTC to abuse{at}godaddy[dot]com)
Takedown time:1 day, 13 hours, 2 minutes Poor (down since 2023-05-18 10:57:40 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Llht.jsjs f276da1a81b23b7f647bba9fedb53f4e8df35e0456b09c909184c6c45bcd9d99n/a Quakbot
2023-05-18Jmdqe.jsjs 36c1b7c7a1b5c11ac465725f40b235b232adb02f122a1d9d3210656cacf4ee3fVirustotal results 25.42% Quakbot
2023-05-18Bnhuamu.jsjs 78a09834bde88bcf04dd934a793540b810b090e90efb96a977c2477be294fc75n/a Quakbot
2023-05-18Rshafg.jsjs 9fb9192d902b2bec0253263ac7de12696284a3203d04c735faf491c94c94ed32n/a Quakbot
2023-05-18Jijuzfk.jsjs 0eb36df6ac7e73e53c148166b06b5c1bc80d6a92c1718e19711dfd219c02ffd2Virustotal results 25.42% Quakbot
2023-05-18Njvyp.jsjs 93492712919e0adee85ebe16363f99eb8fdbfe7f055f8645bf21322ce803cc13n/a Quakbot
2023-05-17Efsie.jsjs 6325a36db9c4fb5af943871bce9ae9c80002f6d9379e71cd94bdefe0342b14f5Virustotal results 32.20% Quakbot
2023-05-17Pbegg.jsjs 245d8b4566da1f99cc5bba4998955421b38764ee0718c94a6fe8019674ccfcd1Virustotal results 27.12% Quakbot
2023-05-17Lapg.jsjs 8ef706183443d30910cb1d411aa36e657e86119ff849b6a9edef4125b752bb92Virustotal results 28.07% Quakbot
2023-05-17Ktub.jsjs 506d6f7370fc1f1367a79bb76a39e5ed1e2c5113ca286350f3239788538fa80bVirustotal results 25.42% Quakbot
2023-05-17Axftm.jsjs 33f33ebc5ae78bdbf3a9afc064c64f1121c0214e1305d5567232cbc8779ab8c3n/a Quakbot
2023-05-17Srdr.jsjs a64cebdd853596ce95beeb112b9dfab6eab26ff09b77eaad1c909cb1b6cff48an/a Quakbot
2023-05-17Kwvme.jsjs 9b57a0a1ea9fbea6fc63b1a41a52f5dc8e9fa5facdff20d031096a0075e9c715n/a Quakbot
2023-05-17Lwxg.jsjs 3f883b067422272c3b10eea88505351741b599d103f66676cb75912106735cfdn/a 
2023-05-17Zkkpnu.jsjs ed175d3585ab2d387e6c4a9420d8aa055d62ef6670fbe83a0f66d5bfaf943a92n/a Quakbot
2023-05-17Einhi.jsjs 22f3d8c4b703b73b514db9e07885b382eefa1d2844a678020cbff1f6247a9cb7n/a Quakbot
2023-05-17Xoptspvk.jsjs 24057e1bfdcfbac41f10ac296a90f8209765631e62baf0bfe7e3acc69436ca17n/a Quakbot
2023-05-17Qicehjeo.jsjs 7cfa1acd4b095bef494e2e622c0c0c8e3007a03656bc6b10f2c0f71005f21f63n/a 
2023-05-17Tbdloojk.jsjs d3f6d265776784272ae8dcdaa9d74c660caad3bd556ccfbb07e0955aac41989bn/a Quakbot
2023-05-17Qamje.jsjs bec6ffc70c9f9a616d409ead3b9454f152b5f74759fe3c6ac178fb52a8312b0bn/a Quakbot
2023-05-17Lwyr.jsjs cae8f9a89c703cba6bfaa9e2b61ea29d57eb892f3cd7f796e318d227beddcd3cn/a Quakbot
2023-05-16Vjvwdo.jsjs 688ef61f980bba0af7e584a6d1a24be4403ec9dce06d4bcab822c3dfb04413acn/a Quakbot