URLhaus Database

You are currently viewing the URLhaus database entry for https://neelikon.com/seot/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2634997
URL: https://neelikon.com/seot/?1
URL Status:Offline
Host: neelikon.com
Date added:2023-05-16 21:58:10 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100116903 created on 2023-05-16 21:59:07 UTC)
Takedown time:2 days, 0 hours, 7 minutes Poor (down since 2023-05-18 22:06:53 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Waxcj.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Yjguuk.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Zpysnphd.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Vujrrexx.jsjs f8835f9cb7a64745c00418de12c434287423b2a9d34621c4f5115d50dd4916b3n/a 
2023-05-18Buoep.jsjs 34af4640c3591095a1562606faa096b2cab669c17859f8b99df4321999b17373Virustotal results 22.41% Quakbot
2023-05-18Rxwux.jsjs 568dbf92f0bf53b20857f863e58e7f82287fe96c9dc066c782f5f82c64287a75Virustotal results 25.00% GuLoader
2023-05-18Izkl.jsjs 3c4d813af231229cc2b961a17a923de449a9f8d67439dd976effea73360ff766n/a 
2023-05-18Xtzeamh.jsjs 959eaab7d50ed2022fc6403b969a196f340861c5aafaa73ebd170ad225699275Virustotal results 15.52% Quakbot
2023-05-18Lkclmq.jsjs c2b44422f7f4e7dc1cd2abeab300413b55a00cd9d34fda7542a467dd852bafb4Virustotal results 27.59% Quakbot
2023-05-18Ypys.jsjs 41a9ac47a4429134ce75e112f1d067da61f8dc65ee77cd9e494c9434cf179f12Virustotal results 30.51% Quakbot
2023-05-18Ekfu.jsjs 64dbefc6ce8b2caf9b441a36490ebed30319eed28e49ddf95d43659494906f10n/a Quakbot
2023-05-18Eivvai.jsjs 09d00cc1758af4e79c7a38e65ba9555ccb18dcc1f628a22c1d9bd5a337b03d88n/a Quakbot
2023-05-18Yjgqa.jsjs 55958c9aef4b48e1d2648546d04249950dc900677dbaa6883bf95cc5db2df09aVirustotal results 23.73% Quakbot
2023-05-17Gymt.jsjs 1c70b83f5b4051ac542278897c3b02f334291507f01f685e95893c574241e6b2n/a Quakbot
2023-05-17Aywi.jsjs b19665dd5f7dbec102ef5c751b9f86dbe37003d54eb666e3be898351373a0486n/a Quakbot
2023-05-17Ybqd.jsjs e98ab08e4897807987344800297aa41a72fc207a57b0e89510243b3b8ad0e144n/a Quakbot
2023-05-17Nlzfsm.jsjs a6974773e37cbd56791b75effa167213997aeaaa65d704bd1de8aac6d9dd42ceVirustotal results 30.51% Quakbot
2023-05-17Rcsxzycj.jsjs 34d43862c3788ec764c7fb735ddcfc1f1712a66632a3bf7e8b83cadc98a6faacn/a Quakbot
2023-05-17Prewweb.jsjs 045992c79159eb77f091574e8b538cc818850380bcd5fa8e5963b1e95d72f6a5n/a Quakbot
2023-05-17Rsvkmh.jsjs 491f0691a306c9fd41893c3f9e76fbd5bdbf01625f4a80a8611c98f99f76e247n/a 
2023-05-17Sltuggl.jsjs fb043d34aeb4daa328a8caa40dbc8ef41a481914a743dcbb77552c593432569an/a 
2023-05-17Giyc.jsjs 5d04f1ca45c72bf2a8ea7d173c3061c6cdf7086c337a44db8623aa1048b03f23n/a Quakbot
2023-05-17Exosv.jsjs a9c8cc94fbf90580384d59cbf607152e319ffec3e69b2dd4e4682e38097f2569n/a Quakbot
2023-05-17Gwphnaf.jsjs a77751ec168a5ad89989bb9e4c1b2b8543647b6962cb2dad05469ddf2b0f1d3an/a Quakbot
2023-05-17Asgrlmi.jsjs 12fcd62e1027c9c9ce2b880c1c9965a2d0a5121d4750e8adf908226c66941139n/a Quakbot
2023-05-17Chgwkfdn.jsjs a1a2a3b760dd2dcd2c87da150dd9f73eaf5536c9e3e0559d614c162154cb07d1n/a Quakbot
2023-05-16Djunrtu.jsjs 285bce9d0914dd5e0f44dfd154b6ab1216991dee6d8a115479ba8f3fdddee328n/a