URLhaus Database

You are currently viewing the URLhaus database entry for https://raydansystems.com/sqq/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635033
URL: https://raydansystems.com/sqq/?1
URL Status:Offline
Host: raydansystems.com
Date added:2023-05-16 21:59:06 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:00:09 UTC to abuse{at}godaddy[dot]com)
Takedown time:1 day, 23 hours, 14 minutes Poor (down since 2023-05-18 21:14:43 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Gbiswek.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Nlgvsb.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Stslug.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Gdsqxc.jsjs ff6c86b86f00f452e357729771845d39f6e477dbb4608cefb2f95f8dac06f3c0n/a 
2023-05-18Mjrlmu.jsjs c977474e11ea0066144f719c48b4f2d5ae32da3a13eab7d64cb3433546b8d738n/a Quakbot
2023-05-18Uwkydjf.jsjs a5e07fd19c36096b65281a4da6788fdb724e4cc4be6fae21497a969c1255a622n/a Quakbot
2023-05-18Uoxggod.jsjs c63bbe3dc673315fe3da91f26e53709a754546f9d2fe9fdbbd7dfebbf28c116fVirustotal results 23.73% Quakbot
2023-05-18Gnrmiq.jsjs 32710b418e9ddc449d0548590b62ac23975ad6efba53cc55cb1551326e182cb9Virustotal results 30.36% Quakbot
2023-05-18Vakpy.jsjs fcddde4aefcc392bf143eaab986f85fa9fea69d7d232194ecf6c3080b8b60a1fn/a Quakbot
2023-05-18Npwqqcb.jsjs 6cc345a8ad3df8d8da07821f31095f9c217201e0065038c5bb7e15aae14a9035n/a 
2023-05-18Sqvbg.jsjs a99deed91507b2e0aa98b17753892aa733b12eed707f493c38359420a3a4f109Virustotal results 25.42% Quakbot
2023-05-18Blqsvsxw.jsjs b3c3f0880fe1ebd5b9f5146a8164da0834ee29a37e5a1cd8e534efe15c786daen/a Quakbot
2023-05-18Pmjud.jsjs 4ec189841fea600476bff49f643d0877dcdc3e3050e54e56abc5a7c492ed00dbn/a Quakbot
2023-05-17Vmdyos.jsjs 8116e7914df0a4fae9adad12da668660206754557fac016131c53fcd305d537fVirustotal results 32.69% Quakbot
2023-05-17Tsmsi.jsjs 8e028afe5e530bff241456519d98c4afe35e4e8432ca6929cb4a327144ecb765Virustotal results 29.31% Quakbot
2023-05-17Fwvev.jsjs ceb8cce48cb241bf1dbcb587ed7d6d8d4c9fdeb5f87bea993602228464eaf9a5Virustotal results 11.86% Quakbot
2023-05-17Rxfjps.jsjs f6367e6003455bd5ec09ff23726731029805bd0357bc8cd5184dfe270962601cVirustotal results 32.08% Quakbot
2023-05-17Slmro.jsjs c2b44422f7f4e7dc1cd2abeab300413b55a00cd9d34fda7542a467dd852bafb4Virustotal results 27.59% Quakbot
2023-05-17Zorpe.jsjs b89d6433da85e8b53b60dd8f31aa096c923d9b4fb337c03d3b381482ef280974n/a Quakbot
2023-05-17Hyovthu.jsjs 6346f32ba9c1ebf2f5baab73d50b7841676a4b6653fdb11b3d827cf443ddc8dfn/a Quakbot
2023-05-17Hycnl.jsjs de99673e9360b98fd457f450601c4c616ed20699d05473d9945d732bd5af1704n/a 
2023-05-17Lnnvwl.jsjs 3d3ade7dca432e909728672d67c4b582044f082efdb7ed388fd22da790c5566an/a Quakbot
2023-05-17Ytsly.jsjs 40409e6222e46de836b0297d66251e59d253ba5ef12577e44f4807904401aa3en/a Quakbot
2023-05-17Wbuhtr.jsjs 5d54f9f700c4b27aeaa224c7d8cd733764d81fc5087522e749b007e592668ffen/a 
2023-05-17Tprp.jsjs 4093be9bd36e0ef176ffd1bcc27e695a475240f294ad54adf63f73821421dafcn/a Quakbot
2023-05-17Bejynm.jsjs 899861f93b15a75e1234b7b800eb79355c9349a5f43968c28dc1d33d2713ba66n/a Quakbot
2023-05-17Czfwqtms.jsjs 9ab7155fd9d85e411ba41ce11a5c39efd919ab0779f76b31abfb13a751152179n/a 
2023-05-16Jpwwy.jsjs 5431ea78e388ee38abac28e88b5cc4d972320fe1e607adb48878a3af7a1dc0d5n/a Quakbot