URLhaus Database

You are currently viewing the URLhaus database entry for https://jojoexports.com/nesr/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2647641
URL:	https://jojoexports.com/nesr/
URL Status:	Offline
Host:	jojoexports.com
Date added:	2023-05-31 13:31:12 UTC
Last online:	2023-06-02 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU100125588 created on 2023-05-31 13:32:16 UTC)
Takedown time:	2 days, 8 hours, 14 minutes (down since 2023-06-02 21:47:10 UTC)
Tags:	BB30 geofenced js Qakbot Quakbot USA zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-02	document_C706_Jun_2.zip	zip	261d04203b0b108aecc16ee70961d5559c4e4fc5080be7648c023497388c95e0	19.67%
2023-06-02	document_C642_Jun_2.zip	zip	b4226389ccc9bc5772783d8949b0b05b47dede270feb956d7a84f326b585d47a	20.97%
2023-06-02	document_B768_Jun_2.zip	zip	86b82c1586b14f7929252ad2229bce46e2109ae7368d6eb742d68fc680778187	n/a
2023-06-02	document_B426_Jun_2.zip	zip	dd500ee69cd82dd998a4f95c17e23d322fd83fa14e3b5753260c397f07cc42d1	n/a
2023-06-02	document_F376_Jun_2.zip	zip	6bcd42996e055004f03a0548311ae37b786abc5d937199d70cb8b66678f444a5	n/a
2023-06-02	document_F823_Jun_2.zip	zip	5767f5ef99e6d978f841da135d6e3f8c561475b7590d61a71f75c9b38cfb93b5	n/a	Quakbot
2023-06-02	document_D135_Jun_2.zip	zip	ba5c82e778c008138687d82f2b9dca5541e1818623481ca77da4963b9c3b5c6e	n/a	Quakbot
2023-06-02	document_D097_Jun_2.zip	zip	397ad85f2e3e08c1929b1a51f4b847af8750a9e6978b7e8d2bd9d57bf1817873	n/a	Quakbot
2023-06-02	document_A102_Jun_1.zip	zip	5841556b82b875b484166a9ade86305ad5cce7d096ffe9b5f8e42da5548a8c62	20.97%	Quakbot
2023-06-02	document_E149_Jun_1.zip	zip	6af12d2ce533dff3297ae1061a495b44edc3b6e88e236480ee7578cb6740a71d	19.67%	Quakbot
2023-06-02	document_B682_Jun_1.zip	zip	5138e00507833b4750937a941cdd7782b07d7ec786ef949f78b2654345c6b253	21.31%	Quakbot
2023-06-02	document_C016_Jun_1.zip	zip	5f3df328dc4ec9a004fc592bb70abaf753329e3875ac7088c234aaa83d279bb4	20.97%	Quakbot
2023-06-02	document_D430_Jun_1.zip	zip	b76b6f296436f22e86fd41c95da79b3790a33738b73350defdebc539d078c85e	20.97%	Quakbot
2023-06-02	document_A521_Jun_1.zip	zip	b198ec5762c2afb1fed91da2f8506f0560883d840d4e634a18705b2e71e80d55	20.97%	Quakbot
2023-06-02	document_A153_Jun_1.zip	zip	01910020d4ba7c06bba8dda60650db09e9b9b35efe39d29c1eddefce249d0a79	n/a	Quakbot
2023-06-01	document_A627_Jun_1.zip	zip	a0951485c1aa30f5898c0f0d782b31141ce2d8b9ec1e49ae57de9ab3a0ad8ef3	20.97%	Quakbot
2023-06-01	document_A483_Jun_1.zip	zip	2a558ab2720c220fa3e98d5dfe48905939af5898950ba75fa5782fb407cbc5a8	21.67%	Quakbot
2023-06-01	document_A935_Jun_1.zip	zip	c537c8d0e4f54db46a29a9450aecb4f6de400af1a5331ad7ee24f789c5bcb2ec	20.97%	Quakbot
2023-06-01	document_A304_Jun_1.zip	zip	3a767cc177b9971becc6ed7ddff718f7ae74ce2a946041649d3ed8444861e04b	n/a	Quakbot
2023-06-01	document_C841_Jun_1.zip	zip	995181d957d9f34c5d2c0b166ab8cb0dffcc0d192414cde2360551a06f8e0f0d	19.67%	Quakbot
2023-06-01	document_A839_Jun_1.zip	zip	bc2a94521ccb6d5027ed76edf7e9edd27fe99b2600d69a9caf9b160a238e1a09	n/a
2023-06-01	document_F024_Jun_1.zip	zip	cc103ee2e842414742fc24a5545d553d962f01e87032f3286bb0ddc197f9d9bb	23.33%	Quakbot
2023-06-01	document_E245_Jun_1.zip	zip	df54dd57a38d438bb50b657ac472a75e611344ed34c1af8d0f0fdad7cb40ce46	n/a	Quakbot
2023-06-01	doc_C045_May_31.zip	zip	66ec53e9bd45e1e4b9fca5b00715dc6e681aa074ed2727e96d7863c7ce889354	16.39%	Quakbot
2023-06-01	doc_F810_May_31.zip	zip	78a8fcd58530ef40ec58201fdac2bcdbba08fde31d4b858ef977fc802688de0f	19.35%	Quakbot
2023-06-01	doc_F627_May_31.zip	zip	598b197b912b177329155a0504680695ca6f945564f25548ab06a257342a162b	19.35%	Quakbot
2023-06-01	doc_F036_May_31.zip	zip	ed7cef427d4aa349037a0db40318720096c721e858073acc5607524cd637615d	19.35%	Quakbot
2023-06-01	doc_E890_May_31.zip	zip	3bf48d7f94da4e1551a29bbf33261f32e01b98cb867cdcbfb205e160db285050	19.35%	Quakbot
2023-06-01	doc_A546_May_31.zip	zip	d96e218870df535028886fa421421c8ee7e6c13744537cfe0e7254973bd45a41	20.97%	Quakbot
2023-05-31	doc_D735_May_31.zip	zip	b24eb3ddb60403c386ba35f598fc571430c797f4f49b79cdeef6d0697737472b	19.35%	Quakbot
2023-05-31	doc_B091_May_31.zip	zip	ad85484e48fbc0afaf7b6ea427e026fd434a7fe9298a42c031a5b456d6fff8a2	24.19%	Quakbot
2023-05-31	doc_C539_May_31.zip	zip	60f923f23b39baf43fd01003e09434b65833db60095741a2013e884fca21108e	19.35%	Quakbot
2023-05-31	doc_C938_May_31.zip	zip	aaef9093275ac410f4faa5d1d108c2dd9bb66682f4aa6e83350cef442864973c	n/a	Quakbot
2023-05-31	doc_D710_May_31.zip	zip	460e6ef1df55c04c734da6a2b77884fa517413b162d3af56df341367154f7507	n/a
2023-05-31	doc_C079_May_31.zip	zip	fad1a4ce441a60a9ef45fe7eb6b9b2b59599789dc5a35684eab299ec7f2ab024	n/a	Quakbot