URLhaus Database

You are currently viewing the URLhaus database entry for https://ia-bc.com/ri/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634927
URL: https://ia-bc.com/ri/?1
URL Status:Offline
Host: ia-bc.com
Date added:2023-05-16 21:56:10 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:57:43 UTC to abuse{at}bluehost[dot]com)
Takedown time:2 days, 0 hours, 46 minutes Poor (down since 2023-05-18 22:44:05 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Jmfxabus.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Mhalazyo.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Qmubimq.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Octtnqs.jsjs dd18c327fee19cec1d7029bfcb3f7ef2ff927ffbc41e3850193aeb148a07630fn/a 
2023-05-18Nqcv.jsjs a84a8c5338c73e889cff9d58c510657f8624b8deedf847eef71befacab5ed60eVirustotal results 20.00% Quakbot
2023-05-18Mxglub.jsjs 356497f781814842756d631b841bd2962b7aba15e1e749956f57352ecf4e24bbVirustotal results 25.86% 
2023-05-18Zgubgj.jsjs 9459a0cb6bc3dff0f7972ac6852fb2f11dace3df33eded8be946a0ca5f1160d7n/a Quakbot
2023-05-18Mqpfal.jsjs 55de06acc13c3b8fb3ea954532b87c6283eec6472441480e92d849103b3c6688n/a Quakbot
2023-05-18Bvjk.jsjs d7c515caf105f46c900f5862443f7dccfef29b7544788a80e4bf47e410fb0106Virustotal results 27.12% 
2023-05-18Sjhb.jsjs 3e294b83a7ced7203c04c79e0e2893c636344ba211f59ff49a66d91a93fe3bc4Virustotal results 13.56% Quakbot
2023-05-18Vzirdal.jsjs 6003ec795de91a5d5a9a9abb15e037b5f4dcd8cbf43bac5330005fdda61c603aVirustotal results 25.86% Quakbot
2023-05-18Urpgo.jsjs 0d19b7d7e092df5355727bab9cbf454b5b17f90d5380ef6240d0cada7cb5a1c0Virustotal results 15.25% Quakbot
2023-05-17Kgtns.jsjs 20336fdfef9d5684dd6055ff838104e334316b82122b0a12b809b529b1a66cefn/a Quakbot
2023-05-17Nbarchxl.jsjs 36c1b7c7a1b5c11ac465725f40b235b232adb02f122a1d9d3210656cacf4ee3fVirustotal results 25.42% Quakbot
2023-05-17Vsaku.jsjs 287c569bf794a7ec47dcd5f308d39f138b6b4b964ad50c335991038cafd9d476Virustotal results 32.20% Quakbot
2023-05-17Pfne.jsjs 5e580c21deb2f7d63ad49462e90d33c85c35e0b2c3f49ffeb5363cd11e8e9ea6n/a 
2023-05-17Aacinim.jsjs 3f81d638187365133a7541ec95cc8cdedd33693b4fd6331e5fddb2281147b873Virustotal results 29.31% Quakbot
2023-05-17Rjcvqdx.jsjs f15cee857739e493f0b99f7ec002e9fd76dd37b87080807a922a414a5294c989n/a 
2023-05-17Kafzvebc.jsjs 0836ece78eb77f4b5ebf101fc5e4317ad5554305bff6466db565f247b93b5928n/a Quakbot
2023-05-17Izcrhdm.jsjs 03cdab834b6a7165627af8e82df4d52dde740aa3481625a88ef76e122b7b2894n/a Quakbot
2023-05-17Lcchoqn.jsjs 3dc7e7dec7d53277df66dca2ac92d4166311de511146c196f3ec800ee74bd71bn/a 
2023-05-17Zkctq.jsjs df0b36299480605cc221e0e3e593789bd30c8df598dba99cf8a23999a73f8e23n/a Quakbot
2023-05-17Fxewx.jsjs d25cfa39d3421e1d1bcf260d20bc43b0ce7400c4fd691e3fbdd8c6dba65a0c2an/a Quakbot
2023-05-17Ncjonj.jsjs 9e9f34491840204a599194e4973131c98f814a104be5f080d71a4db5035fc1ebn/a Quakbot
2023-05-17Sdhl.jsjs 08d9093671a39f0796d1e5c124329c1e5c6fbc2fab7eea92568c16048e46503an/a Quakbot
2023-05-17Zwaabgcd.jsjs bd3146ded37711c26ab7e4ff66cb0e70d38bbb2bf096bdfc11415ff799f08ac5n/a Quakbot
2023-05-17Tuegm.jsjs b36a5634a4a7f0d73ec220ca583ed77d579caff557c6bcd006cc61ddce32df4fn/a Quakbot
2023-05-16Brjdwvbd.jsjs 2e2a93ec0bfd2dd4ff18ce4c07eaa6d7f4cea5dc283d50669c3046c6721a9fa7n/a