URLhaus Database

You are currently viewing the URLhaus database entry for http://gestionycobranzas.com/2/task.js which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3609409
URL: http://gestionycobranzas.com/2/task.js
URL Status:flame Online (spreading malware for 9 months, 8 days, 2 hours, 10 minutes)
Host: gestionycobranzas.com
Date added:2025-08-22 19:56:10 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Botnet C&C domain
SURBL :Blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: Riordz
Abuse complaint sent (?): Yes (2025-11-20 14:50:15 UTC to abuse{at}amazonaws[dot]com)
Tags:opendir RemcosRAT link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-05-27task.jsunknown 067beb9d7703d7dd66b960d946745e77006236931bf75e43bc3d2d157374109en/a 
2026-05-26task.jsunknown 5208a7566c915ad491d5aba908ffc98c37a5dd1558d60c694d4061793f8affedn/a 
2026-05-22task.jsunknown 7b2b1e7a1ae484a23869c289ed8fe4082d8924b54efc97a27c73b76a51689880n/a 
2026-05-19task.jsunknown 3c8af6dd35984f319eabc9237ba5d729aaf68ce86d8917f2302258096729b2c6n/a 
2026-05-13task.jsunknown 1eda3589ec3fd471459c490d1a12d5108adbb4a0ae3c1adc1164d7b8669d7276n/a 
2026-05-12task.jsunknown 7048a3e81dbc53e3afab91dceb3379ab03adfdaf4c0c8ff0534cd2f1f824a0d0n/a 
2026-05-11task.jsunknown de5843a336930b53f23254277d54c4eeee609d59dd4eee8a2826b11c1034a60dn/a 
2026-05-08task.jsjs 47ecd46c91d74a8d6467c7e4d6a038e9d5f959007b341e089c97589f31b25970n/a
2026-01-26task.jsjs 0c7e13ddbeaa7e1ff1433439e632054b3061fecdf6d2437dc32a2dec2782923en/a RemcosRAT
2026-01-22task.jsjs ffc93f07c85d1fd0745093caac3b51f0d1df959aa4f483230ace089872129842n/a RemcosRAT
2025-11-13task.jsjs 0fea82f8fc3080d40ec9fd86a161f5011cd2f3efad982495866fa06d3299368aVirustotal results 1.61% 
2025-09-04task.jsjs 6d401c709dd2a40e41f124164168f994dc9996a68025bda2df2f224ccab1908aVirustotal results 0.00%
2025-08-28task.jsunknown 60ade6262db0b1603755ece3ef0a64c35c8f5ef6df46ff42da5c0fd72cc08a37n/a 
2025-08-27task.jsjs b87150092f1670db17050a71ba068b4515d42b104cafae4be5d76a7934674d0en/a RemcosRAT
2025-08-27task.jsjs cfa5264d2592a1fe11fed0d39d463cd1303eb428506125cb6c180a0e4c20caf0n/aRemcosRAT
2025-08-26task.jsjs 0f18a22d54319e113ae30f9f3bd14fdd3c243924e8b8143692952cce72ecf09fn/aRemcosRAT
2025-08-25task.jsjs 87fcbd1f67359062e18c02f3a27bc8e192cf771819fd929cc8a96d884cf35f5fn/aRemcosRAT
2025-08-25task.jsjs 7fe73890d1d759d4787546b61a296d3ad97d72ce95e5cc60f4c67fc68b371ed4n/aRemcosRAT
2025-08-23task.jsjs b637ac96e93426857c85f0c7e98ed3b07b8ea8a7444534292137c6e2a632a7adn/a 
2025-08-22task.jsjs b5db53c35044419ae5c13ecbb481b063a418cb08623e34cd877c318fc10134dfn/a