URLhaus Database

You are currently viewing the URLhaus database entry for https://newsvks.com/psci/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634988
URL: https://newsvks.com/psci/?1
URL Status:Offline
Host: newsvks.com
Date added:2023-05-16 21:58:09 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:59:41 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 0 hours, 34 minutes Poor (down since 2023-05-18 22:33:55 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Pefkcek.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Hdsph.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Mijeegmu.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Rosmqt.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 23.73% 
2023-05-18Gmshwnkp.jsjs b8176598b3d73a24dd0b5171493b1159401fcb54a868a78ff1f1be72fe8d33f0n/a 
2023-05-18Iekdjp.jsjs fd32fe1312ed075ac00d30123df24382ead0744d83a1a8787e5f0303d68f70caVirustotal results 30.51% Quakbot
2023-05-18Tahwsmjs.jsjs a84a8c5338c73e889cff9d58c510657f8624b8deedf847eef71befacab5ed60eVirustotal results 20.00% Quakbot
2023-05-18Oqgubcv.jsjs 5284d5807da5986ffb17fdd9761066974cb34030eb5067e7f9a65e48b32f37e8n/a GuLoader
2023-05-18Yljnar.jsjs 874c90fd9f5dbc042d5e87dee75b68570376e628600a8d08dc1083545283052eVirustotal results 27.27% Quakbot
2023-05-18Rvsq.jsjs 70cbe6d0639705257a62be9eb8da5151af27830bf379d05aaffea8a6d1f49b39n/a Quakbot
2023-05-18Oxyqvof.jsjs 3a2fe931e43de04dd026f5fa57590b2baf3539c2930e6d9239ec3a95a1ec6bd7Virustotal results 32.20% Quakbot
2023-05-18Hlgxbni.jsjs cb6a65f1e6220e908455c9dfaf1b69114b9b0c5666dc2b80f597d2c1e4ab29c7n/a Quakbot
2023-05-18Rdui.jsjs 5fe1ce92222b0ef2d0fe599c26907689fbeb05acb3c14dcc9cd468d2db479a26n/a Quakbot
2023-05-17Lkdscved.jsjs 5b2d175b18348c26ef8ad20f51fdeb4aa6ab4076aa57cc05caa3cc8772385077Virustotal results 25.86% 
2023-05-17Mydmeqqf.jsjs d3174d21c0af8584eb01c73536a3c50de953ccf9c1486afb0e38c63e608d5342Virustotal results 29.31% Quakbot
2023-05-17Avlwa.jsjs f14437be247480b6af38f3ccdd4ba46e6e55eb7b3d706b8df711f63558b8703fn/a 
2023-05-17Sqozsoi.jsjs cb2b2c5c8e0ff33bbc082310f5ad09305fb6f7b7e6d660efa2c02393341d6fd3n/a 
2023-05-17Hijrzb.jsjs c1064ed6356f294c6981938454ee3a3712e5e63930c1554a3c1602eacbd6554dn/a 
2023-05-17Okutulx.jsjs a64cebdd853596ce95beeb112b9dfab6eab26ff09b77eaad1c909cb1b6cff48an/a Quakbot
2023-05-17Uzbf.jsjs 8606da04bfde5167153b443cd02810d744322d323d0033255f7cd8030193e0f4n/a Quakbot
2023-05-17Dyvsoib.jsjs 9e31e8e8feae5be7b013532a1413b5d8cb5b65415cc31671c49ca3b3ca77a09an/a 
2023-05-17Mtct.jsjs 7c6bc0441e7d3f1035b2c9f8112a62fc39de8601d1a70424f1072763e20c31dbn/a Quakbot
2023-05-17Qehmageo.jsjs 49f6010241f216a659936d2595dfe34d4748c681d3c8b897de172cf58850c689n/a Quakbot
2023-05-17Oixges.jsjs b0d89085933157e3cdbf04ce3f8817154d7506857204f97d51d249a514beab3dn/a Quakbot
2023-05-17Idgj.jsjs a140a16c6901f37ff16c16c5c14f80372dc03702a31ad5d2a021469be671de30n/a Quakbot
2023-05-17Woeb.jsjs 74abbd08d4ac44733626512e62ad2305263f56b54f4d656017254c5e8c3ee93dn/a Quakbot
2023-05-17Uvmgo.jsjs 80c1e476d5c8be401f9b11eae2dd06422f6075675202f21c6a8f9c5b9f816778n/a 
2023-05-16Juhsnf.jsjs 5cfe2492560376944e8aa0137a694e179010b7e3d6576d453e088fd61430e96an/a Quakbot