URLhaus Database

You are currently viewing the URLhaus database entry for https://gngiglass.com/pcim/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2634921
URL:	https://gngiglass.com/pcim/?1
URL Status:	Offline
Host:	gngiglass.com
Date added:	2023-05-16 21:56:10 UTC
Last online:	2023-05-18 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-05-16 21:57:40 UTC to abuse{at}bluehost[dot]com)
Takedown time:	1 day, 23 hours, 38 minutes (down since 2023-05-18 21:35:59 UTC)
Tags:	BB28 geofenced js Qakbot qbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-18	Zlbidbd.js	js	c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021a	28.07%
2023-05-18	Zvdwi.js	js	1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0ee	22.03%
2023-05-18	Szemviv.js	js	6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59d	28.81%
2023-05-18	Pfzaax.js	js	91bc993546fabfdd6a6b108ba9399d1c3788ebfac7486df77f27ae80bec1cb9f	n/a
2023-05-18	Itilyee.js	js	1daf295e083f68a10f9527a63f47ad20185bc445825bbe8e6b92086996eeac2e	29.31%	Quakbot
2023-05-18	Aawqzou.js	js	2683122550edbc50a5df311f2d51a511e7f980332b26d307f6ed2babdab38325	22.03%
2023-05-18	Nnbvrndd.js	js	a357a8a9b62674cff6660b76659f4cd36ccd979d44937371bde57235d81c392e	n/a	Quakbot
2023-05-18	Coanlf.js	js	d2ecbbc4d10634ac3f47ce638df6c4302d7335ab985c09f6accdfe4df322ddde	36.21%
2023-05-18	Ueftmxbc.js	js	f463f7a1eabfcde6cac3157449992b10b752021a61c46392c383c0949c81a709	n/a	Quakbot
2023-05-18	Qmcajsqj.js	js	928455b0e6b3a04da2d4fc9cc17de42c52ae2a640937dcbc9a048f76050c138e	28.30%	Quakbot
2023-05-18	Cdap.js	js	c3e99de4200fa77aa025ca9c3691f352cd668d0a77b4f467305f66cb4f933618	16.95%	Quakbot
2023-05-18	Utxsyse.js	js	81f0fe1ef9b350d79e5c368c2f73deec42c5a379bfbbe52f88c1c79ee481b5e9	11.86%
2023-05-17	Vhqjh.js	js	6730ba9eb12acff08b5c019bd8587f2cecef533f14a7ca9fc80e7ed001bb903c	30.51%	Quakbot
2023-05-17	Pxdlfca.js	js	882f433be14420954cf276d10abb6b832e89ab1dc301d2d047538fab217afdab	n/a	Quakbot
2023-05-17	Payeey.js	js	93bba231e08381a78fea4f6623a38ef11130273ca9bad59f5132b68797d90d23	n/a	Quakbot
2023-05-17	Uyrf.js	js	b1c5cdb6f87ad0c3aacbf479218ede289571b85d30eb47defef749332b52c806	n/a
2023-05-17	Lqwxuv.js	js	6bf7410f1b32c7fad44030961607fb13ec400a2a008f5817485ba84c5c297175	27.12%	Quakbot
2023-05-17	Qikbpiop.js	js	f4454d45458f3aaadcdfc328fc4107a6c670b1c0e04df1d476ca56e831b83818	27.12%	Quakbot
2023-05-17	Hkjm.js	js	399c7eece18438ba4f325cfc3863d0603d1237732a310fa2124a136ff2a335af	n/a	Quakbot
2023-05-17	Easwkhq.js	js	a3b99e8c39ad9b207f02de2422a94864986aae304adc635dc0cda1b27ac9e322	n/a
2023-05-17	Youikr.js	js	f434c0b53e47d8a6ad9e25091e0240ce8e530bc232501a1ff5be4e0fbe986043	n/a	Quakbot
2023-05-17	Odwt.js	js	769c33a81f8628a35eeec860af833ccd2ac95f02c954ce38f292484670980eb0	n/a	Quakbot
2023-05-17	Mtfk.js	js	06e277f72f5a0e01394637f65bcb5204b014878303358251f0275d3750a30bcc	n/a	Quakbot
2023-05-17	Zkyjmcbs.js	js	a97995bdb1207f3c65edcec39c28b656c9353d35fd454220ee37c0569f86828e	n/a	Quakbot
2023-05-17	Qgjjjcv.js	js	8ff4005e7da209ddcd5299f21d58596bf6b4395f56e6bc5691777e06e781ca72	n/a	Quakbot
2023-05-17	Aqhidos.js	js	22fe94b3835c9633e707e67445b85a1753b3eca0ed782904e762a4dbe78633da	n/a
2023-05-17	Mdduoclq.js	js	7a57926e7d98996ba55469d3c7ffdb422eee2674818cd571cacc9afd3e5582d9	n/a	Quakbot
2023-05-16	Xwuqy.js	js	d0bd160130a552bacf91b66d685219df77b9dc6854284a5c777ab951fd98d7bd	n/a	Quakbot