URLhaus Database

You are currently viewing the URLhaus database entry for https://thenasd.com/ntus/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635149
URL: https://thenasd.com/ntus/?1
URL Status:Offline
Host: thenasd.com
Date added:2023-05-16 22:01:13 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:03:20 UTC to abuse{at}hostgator[dot]com)
Takedown time:2 days, 0 hours, 31 minutes Poor (down since 2023-05-18 22:35:05 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Zyzuxs.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Rqsj.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Crnrud.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Ueawxtj.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Idsyvmqc.jsjs 2f7d5f38507698a804762aa8af629ea8acd0b2ec7611e31a6513eb50842cbffen/a 
2023-05-18Kglawsq.jsjs fcd00b353c980d48983a4a2533eb482d632935a343b2034ea119d3a4a74f3841Virustotal results 27.12% Quakbot
2023-05-18Czfpjw.jsjs 90fa0f56e8df4147606c0590d9bf8794253f48339dcf3295c0bd6d7b2dd0664an/a Quakbot
2023-05-18Rpgyl.jsjs 92541d594f60bdb46e24073e3720e0deb32a8bb5a4409a44b650b790dbeda309n/a Quakbot
2023-05-18Fdpy.jsjs 3833419abb83fe2369255a23b3fa983e65047ca005c0dee0d772efbdbf8ee75fn/a Quakbot
2023-05-18Xttzivzr.jsjs 759b7245c8f5cd0c5db7853442c740696c4a66caf8aae6a281b32f063f6c660an/a Quakbot
2023-05-18Ltdfxjeq.jsjs 8110c40ddb65d964d81ab30f4c4f9bdce11b8956b986d647f4b81c4c0652f5a3Virustotal results 31.58% Quakbot
2023-05-18Oyuszrj.jsjs c97e0d75191c3cd583de9edf9cef56be0b4b4bb3e072a64e3fd6133eef6ea96dVirustotal results 25.86% Quakbot
2023-05-18Nkxy.jsjs 1d6e41a96832fff256d4c07d7cdb318a251230e1445351f5ad36b87ce958bf1dVirustotal results 25.42% Quakbot
2023-05-17Fwduancf.jsjs 77c78781fbf40291d31c545dd06a094505a49bd415cbeed6b922cafc6af07586n/a Quakbot
2023-05-17Ncxdpuq.jsjs 568dbf92f0bf53b20857f863e58e7f82287fe96c9dc066c782f5f82c64287a75Virustotal results 25.00% GuLoader
2023-05-17Eiji.jsjs 0f84fb63f382f7d5fa07382924a980e68a9af465c630f026b8dbfeb5a804c7ffVirustotal results 29.82% Quakbot
2023-05-17Txrbpdg.jsjs bc08bfae3a441cb9485634aeda5f5ae4cbbe5e36cd98ce7b2812cd62ed4e5034Virustotal results 25.42% 
2023-05-17Qzkr.jsjs 17dcb0baeee21444da6b254c7dcd1d98989c6a0c089b8d79530a2c2a83dc34d3n/a 
2023-05-17Yozqriqj.jsjs fd32fe1312ed075ac00d30123df24382ead0744d83a1a8787e5f0303d68f70can/a Quakbot
2023-05-17Ctofer.jsjs 0b3324b249fb9e33cb3970056ed6166b271c1f678d65d34cdff6079bbd95f2c5n/a Quakbot
2023-05-17Yvsjab.jsjs 320db1d64ed5a7a4ed401ebf9861a9776e220be46c59f4113bebf562f9e506f3n/a 
2023-05-17Nmxljbuy.jsjs 18d3e95b80fa9871085f837b13269525e7c1a0adfd2cc7b8756575cd5c96ecb3n/a Quakbot
2023-05-17Jpsbhi.jsjs bfa623376fd0656b215b67d59bdf64ad0c44a78e8502fd93563a7f834e57518cn/a Quakbot
2023-05-17Ynfyb.jsjs 67c06a4dfb905f40777ecca639cd84c62abba8f2e33f5596ae59d95a6a2c97b2n/a Quakbot
2023-05-17Nzffh.jsjs acaf54b9c28216f8207be4b287029fe9c21ab0e4bbb823623f10798e23297aden/a Quakbot
2023-05-17Knwflxde.jsjs 32c5598d69faa278dedd1f9fca96a2d0c1ece535d432457b4efbb1e9fff83421n/a 
2023-05-16Wabzl.jsjs c92ce007fde69105a2c18cb13eb89bba107e1e90ce5870c27dad84545c498ebfn/a Quakbot
2023-05-16Kdpwum.jsjs 6acd94c6663961b70aff1c9fd07f32830200e6e84a9f90c203cceb409c199f13n/a Quakbot