URLhaus Database

You are currently viewing the URLhaus database entry for https://youthsolidarityfoundation.org/nci/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635166
URL: https://youthsolidarityfoundation.org/nci/?1
URL Status:Offline
Host: youthsolidarityfoundation.org
Date added:2023-05-16 22:02:06 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:03:38 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:1 day, 23 hours, 22 minutes Poor (down since 2023-05-18 21:25:45 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Jxwxhyn.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Mhuzkb.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Hlyqmd.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Rigadw.jsjs 256ae1df16faa16efd0ae7ee39b034e310f3a38b679d03369b7bb65caa366cd4n/a 
2023-05-18Jwzgl.jsjs 8ef706183443d30910cb1d411aa36e657e86119ff849b6a9edef4125b752bb92Virustotal results 28.07% Quakbot
2023-05-18Nwat.jsjs be782f3af4554ce0188bf903632e461191f0020d22f70c2760c1f9d32b21bfban/a 
2023-05-18Xzvpxz.jsjs 9ed630b44354fa9a5b12648e092b487dbecee08d6aad53bf5d2695dbea9b9cc6Virustotal results 32.20% Quakbot
2023-05-18Yslyyv.jsjs 586fe07a69bfe8b72088da7156e3feb75ac24d66ef99584f203b73fe30f08076Virustotal results 28.07% Quakbot
2023-05-18Yyzgiu.jsjs 7001d12f0aff0c6712230ed17f0fa70b2b0f2f7f58554663f28e687b643386efVirustotal results 24.14% Quakbot
2023-05-18Gzfpdx.jsjs a0c936769d05f511e808dc9d178d44c1b60779ae7ad0e7424e520b2e75ce335cn/a Quakbot
2023-05-18Amzxhmwg.jsjs e6473de8eb0f10d14a04ffbd68eec65c5efe6755a2bca86fa2fce1a0f317a9c3n/a Quakbot
2023-05-18Wnvhbhs.jsjs 404e30334a58830297758dd73f2fee67f6ed0ea8c6d7fa501d7eb809925d82fcVirustotal results 32.20% Quakbot
2023-05-18Xbuw.jsjs 94482ada3a27f9e8cf8f7b554597969eef03e0593d496ba95205fdf735ed010an/a Quakbot
2023-05-17Negcczyp.jsjs 20bd75aa446aa0b87c0d7042cd6119cf26dee2dedc5fe401477ada73a6c84e1eVirustotal results 22.81% Quakbot
2023-05-17Qfmh.jsjs 7f2be16fe7cc7d8502ae20c7169578e1f795f15ed0f88cbe7c8a98ab4585d012Virustotal results 25.42% Quakbot
2023-05-17Bsnldpb.jsjs db756aef0c52e6f31a7cb628eefe67b0cc7d656427dd2d71c87ecce62165b562Virustotal results 22.03% Quakbot
2023-05-17Qoonuxnx.jsjs 0692b014bee9b6b1a01cd4fcf3293e88388f98fb01460d6ffd2b3415d5de9779n/a Quakbot
2023-05-17Esfmhofi.jsjs 287c569bf794a7ec47dcd5f308d39f138b6b4b964ad50c335991038cafd9d476Virustotal results 31.03% Quakbot
2023-05-17Hugxnfi.jsjs 93bba231e08381a78fea4f6623a38ef11130273ca9bad59f5132b68797d90d23n/a Quakbot
2023-05-17Jpgmq.jsjs abc1d3a3c48d69672844d031d813b047f736bd53f53a3474fee04ae41f235cd5n/a 
2023-05-17Gbtp.jsjs ae2664829639390f8e099d45b71007bd5ff7ceb6f0c5a0c7ec051ff5d9bb566fn/a Quakbot
2023-05-17Zxcrkr.jsjs 58520b7cf018f10d1c573697aa452424d60e4a4885cdd544e02336700f0437b3n/a 
2023-05-17Uefb.jsjs 054a8849a627217ca630cf8ea60cf3c80b874abef9e4807173a788c0ce90c287n/a Quakbot
2023-05-17Oygmh.jsjs 5f213e41fd11b8d2d0212adf4b98f4eb5ced49d0d2d005a51887b7f68465a109n/a Quakbot
2023-05-17Savbzqb.jsjs 6f8381b446f8b2e63e44c933eaec8579524727439b2e33bc8b804b9eb0caf351n/a Quakbot
2023-05-17Rmmjenor.jsjs 59ee050e3ceb67c5d317fd5e72008ccb924a00bc04a58afdf5e411ade1a630ffn/a Quakbot
2023-05-17Ewtwxrf.jsjs 87e23f34927a00b1e936c0e4ce304738970b529362195b31f24ac7798a1298c5n/a 
2023-05-16Puvgxth.jsjs f532c2bc6b7087d764e66570e0a3f0a87a8011c9193131c1674bbbce69a71ef2n/a Quakbot