URLhaus Database

You are currently viewing the URLhaus database entry for https://mercyiwof.org/ai/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633561
URL: https://mercyiwof.org/ai/?1
URL Status:Offline
Host: mercyiwof.org
Date added:2023-05-16 11:25:17 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-17 17:40:11 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 10 hours, 10 minutes Poor (down since 2023-05-18 21:36:53 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Twoi.jsjs d7522ab4f64ae0950e24bb00df9157136bbcb900ace0c77bd1a46f06149bf37aVirustotal results 23.73% 
2023-05-18Jvzwqkl.jsjs 6016f12710a18923ed029eb1dc62882b5f1a032a7424e0169dd8c2228598f59dVirustotal results 27.12% 
2023-05-18Mxdzm.jsjs 1a2e818afb29521c8658d2a0643158af97370d69c32c0bd85cb900bd3e85b0eeVirustotal results 22.03% 
2023-05-18Mpmoutgp.jsjs bbcdb87a842c5157acea98f0cedd358f764e2613b6a635e4f9f5946de8c07780Virustotal results 13.56% 
2023-05-18Vvws.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fn/a 
2023-05-18Ujju.jsjs f33a199b902aff95c3dede5cbfe632298042593120c23bc925987f2dcdcfce53n/a Quakbot
2023-05-18Rslzrn.jsjs 7f1024ee7a57ad586eb6a36dbb25ba4f7e78cbd55b3c87d5209716b7628bc53cVirustotal results 28.81% Quakbot
2023-05-18Mxxoioce.jsjs 257dab59e71c1109ffbf0b4ee1568df9566b886ee56301a089577a0fbec29fe4Virustotal results 13.56% 
2023-05-18Cqmj.jsjs bb118ed7175733d7b31163818a3948e5e35d0e3ab3627a549e93cf6afa196585Virustotal results 29.31% 
2023-05-18Ympnok.jsjs 71122ff461bd77e00f131eb7f52d813ed7a1fdb3262bba2adb83ee04085152f9Virustotal results 34.48% 
2023-05-18Marct.jsjs 55de6657c16f6c71d27bc0cb38580d689241943b653c659ae89fd4b63fdc279dn/a Quakbot
2023-05-18Evvvgwpj.jsjs 5848de38e1e0698b0e24ebe9bf6c45ef062f0f7d7dd7444e4a32d6731d5802aeVirustotal results 33.90% Quakbot
2023-05-18Xjsy.jsjs 882f433be14420954cf276d10abb6b832e89ab1dc301d2d047538fab217afdabn/a Quakbot
2023-05-18Tuvz.jsjs c97e0d75191c3cd583de9edf9cef56be0b4b4bb3e072a64e3fd6133eef6ea96dVirustotal results 25.86% Quakbot
2023-05-17Dcapgum.jsjs 9459a0cb6bc3dff0f7972ac6852fb2f11dace3df33eded8be946a0ca5f1160d7n/a Quakbot
2023-05-17Ccfolyx.jsjs c6712a15900f7986ac9ad350dec34f50284b50e708bdeb42e320d99659f8d46fn/a Quakbot
2023-05-17Xltmic.jsjs 0204463c040334db593942c0e48063d6f6df33cbfba1fdbf8bfe51aa0bf83372Virustotal results 27.59% Quakbot
2023-05-17Qitc.jsjs 812cc57a966264823ac9c3e7a2ec885f1ade0a4a304ac4ef12554bbf9328338aVirustotal results 25.42% Quakbot
2023-05-17Mspybb.jsjs 1c527faebea66510912a82a4ece923294f74fa2947ce89b48b9b341ade828e1en/a Quakbot
2023-05-17Qnfj.jsjs ace729a8273c30f923532f7f1a8c2d214aeb49b0c3109d8eff64612384b29140n/a Quakbot
2023-05-17Inudghx.jsjs 78a09834bde88bcf04dd934a793540b810b090e90efb96a977c2477be294fc75n/a Quakbot
2023-05-17Lprj.jsjs b9837537d26bc58d903cc90fd3a9929a83f84565eebbb32bd91de9eb8d226538n/a 
2023-05-17Bekxd.jsjs 31413a96164a823d226a1dd7e10ddd3650b2303f610ff255b575f05b9bb2ac5dn/a Quakbot
2023-05-17Klltcq.jsjs 621636713802b353f675ca6e89c7d172abfef64b9df914e88d532493de1d2256n/a 
2023-05-17Mjinsiw.jsjs 9121d650c7c97744bee6e871773313364dae885ed4335a41f7a8348425685bb4n/a Quakbot
2023-05-17Iunjgart.jsjs f775370a309cb0a60a09647ff57cc00f7187a8e0868b5b0b64a018aa1995564dn/a Quakbot
2023-05-17Csppc.jsjs 20c0777bb3ade83c76564cc1eb7f4ffa56f2028850521ce9c749b86bea825584n/a Quakbot
2023-05-16Gqwiee.jsjs 9277bed1f6a3d7a6b25f2a51d4977b4dc15fa33854e537f5edfc319400f2d0ccn/a Quakbot
2023-05-16Jwfgsz.jsjs be28a470bd55feeb6c9f5d9cc8b1b17d4b562f20a132fee4dc42a37568cb9ce6n/a Quakbot
2023-05-16Cmdbnou.jsjs dbf24e7c7ef6d146b2b36f05a182d0e6ca644300c176ac70075d1e77d54b66c0n/a Quakbot
2023-05-16Kpgs.jsjs 85a0e9606707f345b4215264e56000bdff85ef83155570e0f0712aa2bcff1637n/a 
2023-05-16Lzgf.jsjs 4b039a40bd02eac80995cd460a6b46854468e3580eff7a65583b2313802b9de0n/a Quakbot
2023-05-16Rlxkcfa.jsjs 75a3b83db5efab6e8f5a3af87b2baaf4c7c55953afd7c024d102cb8c4d3a3599n/a Quakbot
2023-05-16Sckkq.jsjs 9ff66e4ba29ada0be2df162697b88a7afe27865833a14b2b93ba3bf0ad754852n/a Quakbot
2023-05-16Wbtqhpm.jsjs b5e8f98e6482e9f63919fb565c3b6f886f213797ab9be20efc954632ec86aa20n/a Quakbot