URLhaus Database

You are currently viewing the URLhaus database entry for https://overnightvoodoo.com/uas/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635012
URL: https://overnightvoodoo.com/uas/?1
URL Status:Offline
Host: overnightvoodoo.com
Date added:2023-05-16 21:58:12 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 21:59:53 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 0 hours, 51 minutes Poor (down since 2023-05-18 22:50:55 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Sbfwcp.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-18Ahoqanv.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Ivrfyvr.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Jldkzcoq.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Ymuyoqf.jsjs e744a197df67f836dca00046f8316d831ef6a8465e8f85b47c240125f58aae2bn/a 
2023-05-18Vekiusf.jsjs dcb4d36d51f163518e7ef97ffd77d55e49a72dc3b351a6e4051187b5361ecf7fn/a Quakbot
2023-05-18Ualmp.jsjs 21fe5b84a05703a96f7e89bc1831bd5ef93ce9c6e1afe08259006454a502ba59Virustotal results 30.51% Quakbot
2023-05-18Bosb.jsjs 36c1b7c7a1b5c11ac465725f40b235b232adb02f122a1d9d3210656cacf4ee3fVirustotal results 25.42% Quakbot
2023-05-18Mlbro.jsjs a23cf11c2f986f5d2412a9c98d50dad0b0a02cd2dbbd6fdb1eb47c20cb7dd2bbn/a Quakbot
2023-05-18Evptoan.jsjs dc776fb044bb27e20a16f383ecdaa44a67be283f4902ddd48f1f6cffd24d036cn/a Quakbot
2023-05-18Mxabc.jsjs 5e2610a338e8ef5c3c882966366fdd36d988d79233ad84071b96fe04a7ea18cbVirustotal results 30.51% Quakbot
2023-05-18Ekpnbpio.jsjs 683503e1ee6accf36b4e270156fa48982aeb9619157f07c35c1dbbfeb8a43e7dVirustotal results 29.31% Quakbot
2023-05-18Pevnhst.jsjs 9d9924b0f0e33e1b74db34d25035395c2f29b1c29926ab16bfec2e29f30c8b81Virustotal results 27.12% Quakbot
2023-05-18Wqye.jsjs bc85062a6ed96ba55f83637c5941ebb10dd8734a7486eb2e716a41e21578b347n/a Quakbot
2023-05-17Pqcn.jsjs 08a4ded15b1b100031a7d4d5816c32a45f5bf29a74bb677f99634db21d3cd646Virustotal results 11.86% 
2023-05-17Wvvkd.jsjs 49636b8d67746ef7da6e75b7b961332aa2ec681c92060c1648c4a9730e0abf7eVirustotal results 22.81% Quakbot
2023-05-17Ppgc.jsjs 2683122550edbc50a5df311f2d51a511e7f980332b26d307f6ed2babdab38325Virustotal results 21.82% 
2023-05-17Fobg.jsjs 3a16d7765c95e4f1c085fb18814d67ba3d65e6bf93e38d064ef74c1f9d15ac83n/a Quakbot
2023-05-17Aknq.jsjs 6c3bb42119a38ed4e706dec98aab8fb4f0dc1823dc596ec2ef93209f6fd5c217Virustotal results 25.42% Quakbot
2023-05-17Wroqtmnk.jsjs 9a8083ef127004e2a3fd6d38ac13339555b0e82a7347cc9a1aaa97c8dda4041bn/a Quakbot
2023-05-17Xatz.jsjs 8b2b3c3498bea970b5883a908b36e4437b9809a010cf2df44004264d33d66dbdn/a Quakbot
2023-05-17Ghijeii.jsjs 6152e31eeaa0491bd6e11074e92f4ebf47ff11528e9f8ae714a211e22823404bn/a Quakbot
2023-05-17Tsae.jsjs a1d0e0e798e1b57f977a624c88f792f20ee584b32a759000e28224076501a37cn/a Quakbot
2023-05-17Dzjqnp.jsjs ab3c6dad7c23555e61b6b4fb7bd617bba5147fabd6fb92903b42f18e30ba736cn/a Quakbot
2023-05-17Uatrxjl.jsjs d9cbb977501e8e389bb44b61f8aab6816c5fb7fc8331d764fa11ff7a3d2230b1n/a Quakbot
2023-05-17Vdbux.jsjs 268e17bbd2b11abca2b64cab89ddcd086d78462c30823dbafc67dcb9c2429df3n/a Quakbot
2023-05-17Lnmqog.jsjs 4e68c8bed346c1224a2a22eedc86657dcbbddcd65b1d9d36a381ea80372e4920n/a Quakbot
2023-05-16Pmwpajqh.jsjs f73c27c285e93b7a9c361be2dd7e878cf8936f5d50e4f9b665aae059472708ean/a Quakbot
2023-05-16Gqxme.jsjs cbac10be456cb55b905a07d2f26232bb76ca71ebe01cc2c89354b764f3ede227n/a Quakbot