URLhaus Database

You are currently viewing the URLhaus database entry for https://skymedsshop.com/osar/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635111
URL: https://skymedsshop.com/osar/?1
URL Status:Offline
Host: skymedsshop.com
Date added:2023-05-16 22:00:20 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:02:08 UTC to abuse{at}offshoreracks[dot]com)
Takedown time:1 day, 23 hours, 34 minutes Poor (down since 2023-05-18 21:36:08 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Wmftxdpi.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Jhzkwv.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Fxxoosl.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 28.81% 
2023-05-18Ynkb.jsjs 46eb06c1c19c960019cdcaa23ceeb572902c91d5b259c8d2b6e607b23523d13an/a 
2023-05-18Gtrfq.jsjs e0642fe2c08773c4f9cd1e58913df9c41ba972e034fb64016f0f078efca68bc7Virustotal results 27.12% Quakbot
2023-05-18Jqsn.jsjs 9fb9192d902b2bec0253263ac7de12696284a3203d04c735faf491c94c94ed32n/a Quakbot
2023-05-18Bgyujf.jsjs 7f96290dff45385bfd8340f07e433e56831a66a593d5472a2ef8da6d665f355bn/a Quakbot
2023-05-18Srkanrp.jsjs 6cc345a8ad3df8d8da07821f31095f9c217201e0065038c5bb7e15aae14a9035n/a 
2023-05-18Laoz.jsjs f4fb9e206467712813d87a31c0ea3285bf1a5ad9658839ca77ac0a61dcbf0693n/a Quakbot
2023-05-18Mtjyyoll.jsjs 56e7ef28abd5d99579c0cda0cafc94f64335c3b99a2c4a88b27c75bc943583d6n/a 
2023-05-18Hagfxcau.jsjs b726185bac5c9502b0014a711f793d0559b2d0afcaf5cc376d063cb315412020Virustotal results 30.51% Quakbot
2023-05-18Pdtlbfce.jsjs e4a27492752db4f16d33fd2962a507bbf88d2a2714ae618f3dfa598bdb44db2an/a Quakbot
2023-05-18Nitcercv.jsjs d772a62298f946a1a964db9c0e6aa23473d6590e013fb3056502ad74b75a046fn/a Quakbot
2023-05-17Mnlkhq.jsjs 6003ec795de91a5d5a9a9abb15e037b5f4dcd8cbf43bac5330005fdda61c603aVirustotal results 25.86% Quakbot
2023-05-17Tnbt.jsjs 148afa4bdc9cc4fbfe4816e01d70172a2fba4ead24c822bd4cc936cb0efefaddn/a 
2023-05-17Onipexi.jsjs 6637cd86cb6d1780d474d49c347f8accc08a24f73ec7d212ecaa591e370d7e1dn/a 
2023-05-17Mqxyn.jsjs 24cf08aad92d93dfabb65546276958ba1bad72825e0af1a4fe5d2a2f0d2a451fn/a Quakbot
2023-05-17Bofmujx.jsjs 4de3c0071371884b0a2e8815554e19a2c0d89112e1bd9bc512d30aa306d3f0a9n/a Quakbot
2023-05-17Apvmvv.jsjs 906e50a48250213ff6fa64b72219e204e4f47e919757a5b1214a5e7682a44da1n/a 
2023-05-17Thfywc.jsjs c3e99de4200fa77aa025ca9c3691f352cd668d0a77b4f467305f66cb4f933618n/a Quakbot
2023-05-17Odrnuf.jsjs d11d1d1d8890ef96113cbff18e3497505ebe3e4ba3665c9f9b490dc720b2dc41n/a Quakbot
2023-05-17Xsrhrrg.jsjs 2fb4329e38b18a8b2cd0121b3c5fa5b15b33c8e7df4d64713981325cc682eb56n/a Quakbot
2023-05-17Jmbr.jsjs 07c8eb63000d0d30eab485db5f6c69ea0c79eec37f5e4c989ee79e893278160fn/a Quakbot
2023-05-17Vpzcgw.jsjs 431120a8d32e5fb3691e8b51c29e939ecd724903528dbd717678e364219a4084n/a Quakbot
2023-05-17Wwzyoe.jsjs 1c395d7573e34eb191e2ad822a1562316878efbde9f98a9d136c62d8e2451a3en/a Quakbot
2023-05-17Emfbct.jsjs 4f276d9a4a93b8ec4daa8d02cc7ba67e439f0ad8deb91a7c8a03d014819cca01n/a 
2023-05-16Rkgoddt.jsjs 57dbeb832abb49b16403b4a925c2a116d877a8a4aa2ddf68b4fc79084b5bca11n/a Quakbot
2023-05-16Pfevya.jsjs 2dadee0d06fc14199fc4d39ecb30f21c45f3e3ac310f806c61cd996565d492f9n/a Quakbot