URLhaus Database

You are currently viewing the URLhaus database entry for https://livingwatersinvestments.com/aiam/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633902
URL: https://livingwatersinvestments.com/aiam/?1
URL Status:Offline
Host: livingwatersinvestments.com
Date added:2023-05-16 13:14:24 UTC
Last online:2023-05-18 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:16:10 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 9 hours, 30 minutes Poor (down since 2023-05-18 22:46:56 UTC)
Tags:BB28 geofenced GuLoader link js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Xaanyd.jsjs 51ffefa8a10b6da720a80cec4735fe173669e7c974946e46c8dda908e824d8a4Virustotal results 22.03%
2023-05-18Wzrli.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Wxjj.jsjs 9b53168cab07922f9b504b1d175d9766a65fb7a77adb7e1c0a8fac8c276cd9den/a 
2023-05-18Xkefjdvu.jsjs f11d7ad43d7a6c6cc716d06a9d41c96156d6ce0dc45d6add8d3039cae526e350Virustotal results 25.86% 
2023-05-18Vlyos.jsjs 0c002b88627f5df1e7415950b066ddc51bf3e0f4f3ef5a2b01a266b2c4282ee1n/a 
2023-05-18Sqlvjer.jsjs dff43d93176f7f0b50d2b960680eb78be307c219d3a2f9b42d969390818a467fn/a GuLoader
2023-05-18Bwcqumlq.jsjs 973858251132d0779245a2e9dd301914a73702dadb9512759bce343a0fa1cb23n/a Quakbot
2023-05-18Rtssziw.jsjs 9dc74a47b57fcd85200f975b411792401c29e5d1ac2806f4efca47c4fbc00eben/a Quakbot
2023-05-18Tbzzjy.jsjs f7141b5e0f8768e0c1d39b6da886c311b1ba7a4a1db8d4efe2c936270bc2f0c8Virustotal results 27.12% 
2023-05-18Hspxl.jsjs 3b413252866f0b4261ccf3b4972d86690f29353242c85733133be84940ad6fa3n/a 
2023-05-18Hosgv.jsjs c3e99de4200fa77aa025ca9c3691f352cd668d0a77b4f467305f66cb4f933618Virustotal results 16.95% Quakbot
2023-05-17Rezzyiq.jsjs f9a03e213a2bf36d23d4a6877af8261834b3049ed458410c5e8b4c6da00e2383Virustotal results 27.12% Quakbot
2023-05-17Siwbdv.jsjs 69d10bf1c18cc7df540de106a1056c5af79f8b60f1ffae762d06532cc84375d8n/a Quakbot
2023-05-17Jnok.jsjs b4a90889250c70642150c7b822ece35979290cb3664a5f778ccb8195b4c440ecVirustotal results 25.42% Quakbot
2023-05-17Mjfrvf.jsjs d50736e0dc6f86a7295550e45d34bcb51be1915a810402b50f05881002c45135Virustotal results 22.81% 
2023-05-17Wjhbscfs.jsjs c5b4c29787160ccb71f79ff6637aeac99008ef606c71a4b14629e1281f03f74aVirustotal results 22.22% 
2023-05-17Kbnrjcbd.jsjs b726185bac5c9502b0014a711f793d0559b2d0afcaf5cc376d063cb315412020Virustotal results 30.51% Quakbot
2023-05-17Wnuqgos.jsjs e21d7ce5a24617b4a823482fea8b703cee1f434028f5ee807b3d77bcb4197988n/a Quakbot
2023-05-17Ylviz.jsjs c1064ed6356f294c6981938454ee3a3712e5e63930c1554a3c1602eacbd6554dn/a 
2023-05-17Jdzw.jsjs 93af25c2bb84dbbc62530b5748e2f3991c97a4ec3b33290a56e7457210cb7a37n/a 
2023-05-17Xogfincx.jsjs 6172c01a006d5cc724269e018a69732ebe40056f6975bf5cf71abfb4345b8bccn/a Quakbot
2023-05-17Zfveqkmp.jsjs bcb6a37bb954ab7f9b30c21476949c023b39ea65812bc2a160f0f522d57c3f64n/a Quakbot
2023-05-17Eloikqvd.jsjs 0204987c7b898357ad31c247590aad172a2cf5572b3326b44d9ac56ecf527c3an/a Quakbot
2023-05-17Raalggj.jsjs b18a0794892c7db8ed12a79ea1f625d7565ddec1bf1aac34b764014562b3d814n/a Quakbot
2023-05-17Vfseppts.jsjs 9dd88528754400f74d4791136423b4fa4692fdb96c55d5e55720ce89696b5c74n/a Quakbot
2023-05-16Zgywyj.jsjs 0548b85b4014a2072109c678ee978af7f7e809e076f5f7572e42d7e6706abc52n/a 
2023-05-16Zneeur.jsjs bcc511874a76993eb20e795e618bc68db0e28a81e0fb1601c060f8ea21671b8bn/a 
2023-05-16Gnlqjstf.jsjs 922c9e56e238d3e3f7bd4705d85db8c38262767f98a6c74dff0f5441838a2b79n/a Quakbot
2023-05-16Rfvloir.jsjs fbf89199c5ccc788b76742572e9ff06b2090c20cc7902c0754d0c2f8c892fb4fn/a 
2023-05-16Mhgsidb.jsjs bfbc144bed831e3f65d7e1ae3f55e1c91ca9d726eddb5d3ad4b88e35cb83af7bn/a Quakbot
2023-05-16Hvxtdq.jsjs 3ba23753b8bce855cd387a8732f452ec142ca84ed3c79b483737ac9701760f37n/a Quakbot
2023-05-16Whwltzo.jsjs a503efd57d1a320d5dd06ddac9220ea88b9ae35b967920d9e5205165a3614991n/a Quakbot
2023-05-16Fxzitipf.jsjs 7691ece71c3084de5b0a9da3fe76d9b0de510ec56a76bf56b5bb29541ce97e15n/a Quakbot