URLhaus Database

You are currently viewing the URLhaus database entry for https://proguildgg.com/ire/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635046
URL: https://proguildgg.com/ire/?1
URL Status:Offline
Host: proguildgg.com
Date added:2023-05-16 21:59:09 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:01:21 UTC to abuse{at}bluehost[dot]com)
Takedown time:1 day, 23 hours, 32 minutes Poor (down since 2023-05-18 21:34:04 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Ekrklkd.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.33%
2023-05-18Aiayxyu.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Vnlzk.jsjs cb1d80bf504d693efbd235385c1963fa5cf5c50889d88e4ee505a800a486bedfn/a 
2023-05-18Pvfrd.jsjs 875bccb572b756073e35cf697abde47c18a8fc4156b093bd6d229ef766faed99Virustotal results 28.57% Quakbot
2023-05-18Dlnmdyxx.jsjs 3f14bbee3c8ce3a67b5dfc257b5cff8e6f131ed1b17c77a50e705cb44af1c616Virustotal results 22.03% Quakbot
2023-05-18Shgzlty.jsjs 80fc6bc22b972a2f7976468afbf26152a90501570de0a295a92cc9b9c55b15ean/a Quakbot
2023-05-18Qfscm.jsjs cb852f121e9dc83aa982abacf01603aed7cf0dfd1ac5c52956539b688ad41539n/a 
2023-05-18Qmjt.jsjs 6325a36db9c4fb5af943871bce9ae9c80002f6d9379e71cd94bdefe0342b14f5Virustotal results 32.20% Quakbot
2023-05-18Wsutjiq.jsjs f463f7a1eabfcde6cac3157449992b10b752021a61c46392c383c0949c81a709n/a Quakbot
2023-05-18Sjuryzis.jsjs a64cebdd853596ce95beeb112b9dfab6eab26ff09b77eaad1c909cb1b6cff48an/a Quakbot
2023-05-18Npihv.jsjs 576d767be1b5ee880a56263521aef9366435f9ff583a68aebc426d7da2c02e2aVirustotal results 29.82% Quakbot
2023-05-17Nunv.jsjs 0eb9fa07ffbdae465ca7afa7b68b6b38311315046844cd6ac97c9e3b77d5fe99n/a Quakbot
2023-05-17Pugwn.jsjs 714d6297effa9020249e19940853d50dcb2ba31d5301a716f34ddf73f9a58bf1Virustotal results 28.81% Quakbot
2023-05-17Hhib.jsjs ea84f700c5132b793e8bbc20dd9383bd71e86ffe8be7ec16ec7fd5ada9cfb33en/a 
2023-05-17Uohtix.jsjs f39cee789a4050e31f3f61e2dae48c0b5328d480424a439ba3c06fdf7d12ba43Virustotal results 29.31% 
2023-05-17Yunrbt.jsjs 49636b8d67746ef7da6e75b7b961332aa2ec681c92060c1648c4a9730e0abf7eVirustotal results 22.81% Quakbot
2023-05-17Atan.jsjs a3cc568085570fcadc8c808a54f2482fc606cfcc1e1ad374e88b6d8b8de6ae58Virustotal results 25.86% Quakbot
2023-05-17Bzmzq.jsjs aa49eea2c5b828df4f85742d3d76bc365ee6c18721795dfe567bd8be0b360d61n/a Quakbot
2023-05-17Jygr.jsjs 90b4065d971ff280d7c021af518f3087bf9079a7dc8db678fa9b091de1a5d420n/a Quakbot
2023-05-17Cnbdfehq.jsjs 76c5ce14379f7e4846be04e82013c17dd89a3c442b3a25747adb24ec4a2f92ecn/a Quakbot
2023-05-17Ucduchva.jsjs 4a4171363587e2b8456def6d1f60a8db8a5eff66ed750aad000cc03a568cca2bn/a 
2023-05-17Lgsk.jsjs c83b3322fcd631507b76f02c5c9aa29d6acb2d3c87feeff41f659c05bf196b74n/a 
2023-05-17Qvztak.jsjs b6ea26f2d58de6c3d6e658b3d169deaddbaf173d19c1bce99637c5e0305f7f6cn/a Quakbot
2023-05-17Tqhoy.jsjs ff457ea044cf301627f74a9ba0e0e91a8d25b495a009467d45fe064cb40adf79n/a 
2023-05-17Yjpyaklk.jsjs 886016ea5a8c5d1ddcf2d0488e636d8a85b60e308832be5495e1ae386406a258n/a Quakbot
2023-05-16Kgak.jsjs 9707539301e78f4ea08212f73ed18334980a9d7c444bb8296921e500e9b53e8an/a Quakbot
2023-05-16Bdvwwrz.jsjs e8b29facdac3f3e469c57f8372772417f03e572d5953792564407c8610c1c6b1n/a Quakbot