URLhaus Database

You are currently viewing the URLhaus database entry for https://gngiglass.com/tqiu/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634928
URL: https://gngiglass.com/tqiu/?1
URL Status:Offline
Host: gngiglass.com
Date added:2023-05-16 21:56:10 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:57:40 UTC to abuse{at}bluehost[dot]com)
Takedown time:1 day, 23 hours, 12 minutes Poor (down since 2023-05-18 21:09:49 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Qjsgviz.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Meeocnpb.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Rvuxqp.jsjs 42493182f269318d70873422d8159bfca90531a259ec1aeec6bba55f2b748ce4n/a 
2023-05-18Zlex.jsjs 1518f10a4a3e1bb0772544083dd21336675b9248d73c59f8dd75068406de1474Virustotal results 23.33% Quakbot
2023-05-18Lmnrs.jsjs 78a09834bde88bcf04dd934a793540b810b090e90efb96a977c2477be294fc75n/a Quakbot
2023-05-18Klpsw.jsjs 1cd77905385f0c42fc817556a8df0df76650c7bcc4f1d670bfdf4cefe71c5d76n/a Quakbot
2023-05-18Obahgrdg.jsjs 5b03a98354c24b442061c45caca4e261ba88fe1d68187bd4c44f84773d562a6dVirustotal results 22.64% Quakbot
2023-05-18Aoilnyr.jsjs 14ce409dfb31225a9aa73965aca14ef09852a03cf69033bf2deac2a816796a31n/a 
2023-05-18Ongqjdux.jsjs 11ef57c233cd2baa14c4cfb9579839d381fbdec85d01923f9679f5ed21935f52n/a Quakbot
2023-05-18Wkobqbz.jsjs 60ac01b6dc615a190d4fd5f4ae9e67d29d9faf9784d997dc375bf3bc5affcbe6Virustotal results 30.19% Quakbot
2023-05-18Dymrww.jsjs 55de6657c16f6c71d27bc0cb38580d689241943b653c659ae89fd4b63fdc279dn/a Quakbot
2023-05-18Idycwxxw.jsjs 6003ec795de91a5d5a9a9abb15e037b5f4dcd8cbf43bac5330005fdda61c603aVirustotal results 25.86% Quakbot
2023-05-17Qdfg.jsjs a5f0035e2f6ab21d643775a304ea994d963bc0ad712a5ae1a9ebb1a5298f7adbn/a 
2023-05-17Tvaocl.jsjs 534fb18b08176440d03086ec406d8a79bdfaf1488c044a8355d161fd7e521950Virustotal results 25.42% Quakbot
2023-05-17Lxlxdfz.jsjs e82f04f537f593c6f5469d18db6332febdcd169b2dc920ed7619f9edab951f03Virustotal results 29.31% Quakbot
2023-05-17Cmeyo.jsjs 9487aeedb7473998494f4a53f02cd176e21f14043b6e2e75cff9016c277d0c0en/a Quakbot
2023-05-17Weyipaf.jsjs a7a7249194b741b44bab1befd74e783ba57af2f211b597961892dcbe975544c2n/a Quakbot
2023-05-17Eepiaq.jsjs 41a9ac47a4429134ce75e112f1d067da61f8dc65ee77cd9e494c9434cf179f12Virustotal results 30.51% Quakbot
2023-05-17Sclyqh.jsjs a99deed91507b2e0aa98b17753892aa733b12eed707f493c38359420a3a4f109n/a Quakbot
2023-05-17Wzfyzo.jsjs 39ad32929e0143d1c55f5f758baf5c7d9a880cb2f133cd8ea7757b94daddf014n/a Quakbot
2023-05-17Cbdj.jsjs faf294d74fe6437e255748b0197696c46195cf44fa00ae82d764cb3518af3a41n/a Quakbot
2023-05-17Wvulgg.jsjs d5c77e0cd42e2c8a88ff23047260f9ad1cd627017abe88961621eac149ac9896n/a Quakbot
2023-05-17Uovylmwt.jsjs 548b4f99cef809cf82a84a1e5ab45bed0c3076035f14bf0b20e9be39188e4d4dn/a 
2023-05-17Hfuvbqb.jsjs 8459ab307a5761a1ddc387b8bba3534bcbb08547ddfe32b95d2ffe58f10efb97n/a Quakbot
2023-05-17Xfrq.jsjs 6cf2073ff9c7c02b5ddcd135035f01be9735a1a6243f0aec301e0eb603ea974fn/a Quakbot
2023-05-16Arywwcnj.jsjs 66fcb1c2938d58bd7306e50696df73617f815b9f47df9572aefbd0c6ce3092b0n/a Quakbot
2023-05-16Eosbgv.jsjs 46cfd583a682713b11cb1b178ecbcc12794ded7c536679a57ac0d95c1ed331bdn/a Quakbot