URLhaus Database

You are currently viewing the URLhaus database entry for https://yarrowenterprise.com/lo/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2635177
URL: https://yarrowenterprise.com/lo/?1
URL Status:Offline
Host: yarrowenterprise.com
Date added:2023-05-16 22:02:09 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 22:03:47 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 0 hours, 34 minutes Poor (down since 2023-05-18 22:38:20 UTC)
Tags:BB28 geofenced js Qakbot link qbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Fikdpwo.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.33% 
2023-05-18Anznppzl.jsjs 76443e093ed6d6e3961cb5f9bbd546bab2d05f6bc2536c5744dc86f7a769bea8Virustotal results 30.51% 
2023-05-18Yinoxo.jsjs c74cf0cb7927a8438a84c9cedbdbab3e4815550813336043f39674a67b6a021aVirustotal results 28.07% 
2023-05-18Asexzw.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Ggxkn.jsjs fe46365a2844be84f2c3b00d38f7039338747244b46bba5976f29fd3b93040ffn/a 
2023-05-18Oymcown.jsjs ecb53b7bd1821908e3358a50f35b5cc1aa92c43f7c190eaa7e0e473ca199dfa6n/a Quakbot
2023-05-18Tbtvfcnd.jsjs 0e3f95cec4063907bf68a435963ea684b5f9bbcbdd4ac6337048ae70087a81fdn/a Quakbot
2023-05-18Pict.jsjs 72b50fe52615ed2facfe5a1517ed75f7ba6d2d98e26968645dd646186fa5fef9Virustotal results 24.14% Quakbot
2023-05-18Nflhiyk.jsjs 07b159de000e3d081a5de88077364dcaec1eff528f38b286c7ba65059429853bn/a Quakbot
2023-05-18Vssgsj.jsjs becfbdbbd5a9cfbb918940eafdd8f586133d77eb11bfc5dac1f96e7787abfd65Virustotal results 22.81% Quakbot
2023-05-18Kfugdl.jsjs e4ec32150d6e87a71d76e7b2f71274e3ac9a2b263e4fec937fbcf4b766731192n/a Quakbot
2023-05-18Nakufnf.jsjs 2936b6742f1d05f0f4625a1582b4bb5e44cf16340984eb0eaf2118709e5f7933Virustotal results 30.00% 
2023-05-18Hxoickq.jsjs 9b57a0a1ea9fbea6fc63b1a41a52f5dc8e9fa5facdff20d031096a0075e9c715Virustotal results 30.51% Quakbot
2023-05-18Nqef.jsjs 33f33ebc5ae78bdbf3a9afc064c64f1121c0214e1305d5567232cbc8779ab8c3n/a Quakbot
2023-05-17Gnpsqypv.jsjs 58b0e516ec4c36b4a0582314a01bc968a5e3a7acce646abe2179ef5adde91a24Virustotal results 27.12% Quakbot
2023-05-17Cejf.jsjs a9f2a0cb2e1331cb0fde62a0318a6e4666f4e283157690f3f7a1059aa73b2f71Virustotal results 30.51% Quakbot
2023-05-17Vcqdazd.jsjs dcb4d36d51f163518e7ef97ffd77d55e49a72dc3b351a6e4051187b5361ecf7fn/a Quakbot
2023-05-17Bhcppmkw.jsjs 3f883b067422272c3b10eea88505351741b599d103f66676cb75912106735cfdn/a 
2023-05-17Khhdzw.jsjs 6ee195c06baf35069572750e08cf581ee2a7a59c0b75faff8c5284a839f34ee6Virustotal results 32.20% 
2023-05-17Cbgbk.jsjs 5e580c21deb2f7d63ad49462e90d33c85c35e0b2c3f49ffeb5363cd11e8e9ea6n/a 
2023-05-17Hhhuv.jsjs 78416fcca7554fb3cc440610418511210e0dc5abcebf75ace7c1ef65d4d29216n/a Quakbot
2023-05-17Ubccqjpz.jsjs 3dcb3bdcade006bcc22a8dde435ec318aa1c329ebf7b3f5881bba401e78b580cn/a Quakbot
2023-05-17Xutajov.jsjs f485aae6c124b421195b2d05ac6948a910b0cbf0a05ae7c7237b7d36536bf1ffn/a Quakbot
2023-05-17Guzbiink.jsjs 63c1b26c3a062a853ca6da96627c3d91f2339eb364a0ff52413aa47c1d4afd39n/a 
2023-05-17Gmvkr.jsjs 17340eeff943397897b9ae407dc5b5a3054eb25d7d4490b58113c8a3272d5f7fn/a Quakbot
2023-05-17Atmrhxi.jsjs 21b10d2b41358ed7a1d740a332d52403f4cefbd97957d955d8a26f33e27155f3n/a Quakbot
2023-05-17Hjvb.jsjs 3dce64aee355300a2b42c351219bd2b6b2b7a675a8d6dd10e003066a2f2bb81en/a 
2023-05-17Fjjfah.jsjs ca1b1175cb22b9ea05bf8f9d12543633e5b69f031df5fce478a67ab24931d7efn/a Quakbot
2023-05-16Fyjrciw.jsjs f38e43ba95b20de4be6402d56ce4f899bb9006754de9f375f8095506b7369b34n/a Quakbot