URLhaus Database

You are currently viewing the URLhaus database entry for https://pfixs.com/vse/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635053
URL: https://pfixs.com/vse/?1
URL Status:Offline
Host: pfixs.com
Date added:2023-05-16 21:59:10 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100116913 created on 2023-05-16 22:01:03 UTC)
Takedown time:1 day, 23 hours, 20 minutes Poor (down since 2023-05-18 21:21:53 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Mqepro.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Cxoga.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Qyudfkk.jsjs b694774da114f8ab723e2beb4250860942db5e017fd8f65b98c921666951b7b0n/a 
2023-05-18Yxmno.jsjs f0ba5660e9ba7e62c93207a7b6fd775ee56ae1fa8dfc2ece0f169a6e96076681Virustotal results 25.42% Quakbot
2023-05-18Ybbtbfv.jsjs 8e028afe5e530bff241456519d98c4afe35e4e8432ca6929cb4a327144ecb765Virustotal results 28.81% Quakbot
2023-05-18Zlknmqg.jsjs 7f2be16fe7cc7d8502ae20c7169578e1f795f15ed0f88cbe7c8a98ab4585d012Virustotal results 25.42% Quakbot
2023-05-18Zqfk.jsjs 09d00cc1758af4e79c7a38e65ba9555ccb18dcc1f628a22c1d9bd5a337b03d88n/a Quakbot
2023-05-18Rqghte.jsjs 53d2ace5dfd9b4384bcefcc9b7e2c0b6701053df124573ad3dc1044ca98e8398Virustotal results 32.20% Quakbot
2023-05-18Oknuxh.jsjs 9be436ae8d8612af572358c0394b27e9c751e6f50b2597c2b7ae636e99088255Virustotal results 28.81% 
2023-05-18Faepyusj.jsjs 1eaeb0800e5cf78a2590fb2ea6859c5f0bb66ad09354a079964ab9c7e6381781Virustotal results 32.20% Quakbot
2023-05-18Abghb.jsjs 494e69eca209ceb575b3ad74ff164605bc99c57a7621108280f95412b64e0becn/a Quakbot
2023-05-17Vlpbwt.jsjs af020f4121ed33dba057c101c7d8fb714a2c96c883601c63acf7dc505818a5a6Virustotal results 27.12% Quakbot
2023-05-17Kmkqgge.jsjs 946d5e2c822a804863dd95b51f9cf5738b216cacbfd4e739d28af66952e4821cn/a Quakbot
2023-05-17Sbfwzek.jsjs b93e7c1a5d378e99de142cb47319276288120a8138977edf98875c43822f6d86Virustotal results 31.03% Quakbot
2023-05-17Kblfzktu.jsjs 97961abc6b3628852a890d9f074e8095b28bd2f9f186169b33981286e6f0529cn/a Quakbot
2023-05-17Qrvfr.jsjs 5382511d86a2d24fb5f8fcb921bbfd21b64b9c071494bcfd096e738c2464ebdfn/a Quakbot
2023-05-17Wetg.jsjs 5089e9979f6a45bba9ac940e1e725185230875623b2242cad8dfcf968141f073n/a Quakbot
2023-05-17Uypfgtoo.jsjs 5e1581b1da5a05a5baee064cf15334c7199e5808fcb9b16decf62e6cb66940c5n/a Quakbot
2023-05-17Fkizx.jsjs e6dc50b0a368bbba540ade31116711dc18b2912ddb085eb6ebc69c0cf3f20e92n/a Quakbot
2023-05-17Btpgn.jsjs 61b28638aa963a723ef75241ce028a3cd7ebb3e65debdf9fc78c4d28855867c7n/a 
2023-05-17Gchrpmpk.jsjs ddc309a5adf420e2939fc5188c4c818b313d938689cdce3d13f92c01254ab4e4n/a Quakbot
2023-05-17Xjihnx.jsjs cd3644f72f06fc4277b551edad175c4f07403e9ff7e9640291d1c56422ffa8b0n/a 
2023-05-17Wlrby.jsjs d907f6bddd33951ce3fc942149261a00474e007fc35ed3f436eabadb53dbcef0n/a Quakbot
2023-05-17Gfazny.jsjs e9fc293d3f0b99565ffe0a480a010e7629a725b7100ce7246f737a217580f3d0n/a Quakbot
2023-05-17Tzzgsp.jsjs 611e75e0f34de66fdc92275a988262fc77439f671e2f5a983a4cf624d9a99d90n/a Quakbot
2023-05-16Bfba.jsjs 7691554a4216282aa82590d744937bc6d07272669183b8a17a688fb035875f49n/a Quakbot