URLhaus Database

You are currently viewing the URLhaus database entry for https://gdpakistan.org/devi/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634873
URL: https://gdpakistan.org/devi/?1
URL Status:Offline
Host: gdpakistan.org
Date added:2023-05-16 21:55:10 UTC
Last online:2023-05-17 01:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:56:12 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 0 hours, 43 minutes Poor (down since 2023-05-18 22:39:39 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Ycrkxfui.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-18Wwipp.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 24.56% 
2023-05-18Orkh.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Vrfgc.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Zbzv.jsjs fd53802b9957251302e938fce13cecc53f22c1b96d66b2ee6dd17122d1b54b3bn/a 
2023-05-18Vybp.jsjs 2936b6742f1d05f0f4625a1582b4bb5e44cf16340984eb0eaf2118709e5f7933Virustotal results 30.00% 
2023-05-18Sqpnuje.jsjs 093f4994d50fb15a657ced4731d4109a45ae410dbe91554d201d3ad2c44501acn/a 
2023-05-18Cpysnuwo.jsjs 2e6fa76c0870d4318d71a8defd95759f831cb88397931327f00478d853bc9525n/a Quakbot
2023-05-18Kirfg.jsjs 817e3087dd09d826cc20a0381d67784b264c51a854134ac760b9219f49d58f0dn/a 
2023-05-18Tjfcl.jsjs 7f5bfd748f09cddad1977aabe48a77b4aa3281b4bc9ac685ca0e53226b92c107n/a Quakbot
2023-05-18Riwh.jsjs b4a90889250c70642150c7b822ece35979290cb3664a5f778ccb8195b4c440ecVirustotal results 25.42% Quakbot
2023-05-18Qurrcmr.jsjs 753569ed5b6539685798c9810e39b6c67eab5c08103e0c79d4cc2f1c16cd8ac4n/a 
2023-05-18Ahgzv.jsjs 0836ece78eb77f4b5ebf101fc5e4317ad5554305bff6466db565f247b93b5928n/a Quakbot
2023-05-18Bxnrzfk.jsjs 11ef57c233cd2baa14c4cfb9579839d381fbdec85d01923f9679f5ed21935f52n/a Quakbot
2023-05-17Xxcfyf.jsjs 0a976cddfcc0bc1b5776cc8cce0d9d1c9fbddfee4017434169358a45936d3ab5Virustotal results 27.12% Quakbot
2023-05-17Gscyeey.jsjs 6b64266f2b4feb2f9f045a12882dd0a54819e4eb7d840e0c0c092944b0a8ef11n/a Quakbot
2023-05-17Coif.jsjs 7b501e67649c8608b6333e95e174a2d3db77d745651cf4142c43e79b0e1ed927n/a 
2023-05-17Rieer.jsjs 97961abc6b3628852a890d9f074e8095b28bd2f9f186169b33981286e6f0529cn/a Quakbot
2023-05-17Peui.jsjs 5b2d175b18348c26ef8ad20f51fdeb4aa6ab4076aa57cc05caa3cc8772385077Virustotal results 23.73% 
2023-05-17Cqvs.jsjs 229271acfd7face73c4919f8ae74ec7e9e3d276810827e045c7ee12baf2e75bfVirustotal results 30.51% 
2023-05-17Uqgifz.jsjs 5155a314d6e44ed6eb4d65e80d368d8bcd4e8674e293bce8d712b03395d22f6fn/a Quakbot
2023-05-17Zwdq.jsjs 41050c33364aa812d42288c9ea615d82db3eba25dd59c2b3c035b59bebe23fd0n/a Quakbot
2023-05-17Cgmzbdtw.jsjs 9725c5cd2926ea13dcf6b82019e093ee87954fd125ac2da4edab20e8863991c3n/a Quakbot
2023-05-17Fqzhm.jsjs 7e51f830bddddc20c84e86cd6337c24ad66f98be9452d3ca2a5ae298e8390c7cn/a Quakbot
2023-05-17Pxragd.jsjs cfa412ccf7ce2f170399430a3af324ee2ce111602bc72dd726f4a5036edad5f4n/a 
2023-05-16Lzergv.jsjs bb8a31e84876164bf21feea6b39ff8d654bf914942ff0b5d0ce9b05111b9252an/a