URLhaus Database

You are currently viewing the URLhaus database entry for https://pureairvents.com/tsms/?1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2633918
URL: https://pureairvents.com/tsms/?1
URL Status:Offline
Host: pureairvents.com
Date added:2023-05-16 13:14:29 UTC
Last online:2023-05-18 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-16 13:16:25 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 7 hours, 44 minutes Poor (down since 2023-05-18 21:00:38 UTC)
Tags:BB28 geofenced js Qakbot link Quakbot link USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-18Cbchgpuq.jsjs d3c6e06204212c1aeeef29809460056535cba3beca8cf163b7c8719671ef0c9fVirustotal results 22.03% 
2023-05-18Harpfhg.jsjs d76b1300fd995ec8def343df0450c11a58a217803fee3749db4afacebc64182eVirustotal results 22.03% 
2023-05-18Rnrgrs.jsjs 1cea0c4b1af9170b9ed2927f3b100d202bebd1b8e69ba1527336aaa6b2c0bffcVirustotal results 13.56%
2023-05-18Nwmthp.jsjs c00a5b50c54b76482312d173cb13b1343ccd73882db28c1e99c81f4144b267c8n/a 
2023-05-18Qayiuxr.jsjs 27f17e9ee4e8f78f3e02acac452da67130c961c7c0d07e9ac05fe68ed2f3c07an/a 
2023-05-18Xfdqkjic.jsjs b0be9915846a032654d7a5cdc2488d13fd892ca71f707d67ef917a7ed79bd43fn/a 
2023-05-18Gbki.jsjs 13fa98699be69d8a22ee7c59e1a9efe2f504a721757490445465dc8a1de1765en/a 
2023-05-18Baspr.jsjs 36fa7b7d4e7fc7c9366c2fa6533c47fd96cdc2d9a6f2c3a9025fc4271c5d4c18Virustotal results 24.14% Quakbot
2023-05-18Dlzjm.jsjs d7ee80c4c9f9a041e63b9e4a454dfa6c60dcb7fdd18ca658f2f92fc97f61d766Virustotal results 22.81% Quakbot
2023-05-18Zrminhe.jsjs 47838303934003e958511bf93e4b40816c144d7ddb6c99ad7cdda7145ee5dcf8Virustotal results 24.14% Quakbot
2023-05-18Ufkbed.jsjs ceb34fba0cd428a9dffee10f6b9c5857bfe8e363974adecbd1c42b994a5bb36cVirustotal results 27.12% Quakbot
2023-05-18Cnpxuad.jsjs 2936b6742f1d05f0f4625a1582b4bb5e44cf16340984eb0eaf2118709e5f7933Virustotal results 30.00% 
2023-05-18Ndwlmsxj.jsjs abae955795961dc369ba3d41196f2f4238001efcff8a2dc429ababf4821ca7f5Virustotal results 22.41%
2023-05-17Ijpiobg.jsjs 0e713770fa4e2a4f457544637a3e0172325fd23e5f1120cded0547dd2236f70dVirustotal results 15.22% Quakbot
2023-05-17Uzpyqy.jsjs d1a92330c8f58a18b81d7ff1a9ea348b205fda7b106c31a2d1e09764a4557fa0n/a Quakbot
2023-05-17Tebrhzx.jsjs de40c651da56945e6aa4f1adecf9ca842f4b2c630f3e1ad45c2c02952d4578c7n/a Quakbot
2023-05-17Nshpemsh.jsjs b11ddd3e32db780631dee2546f8eb8498cf1976976b4f9b6229279881aff3e12n/a Quakbot
2023-05-17Rzmm.jsjs dc776fb044bb27e20a16f383ecdaa44a67be283f4902ddd48f1f6cffd24d036cn/a Quakbot
2023-05-17Idxbga.jsjs ccdc371fa95a2dc8192ecf73826f489942857addced0e8ce4b9aa969aa98381en/a Quakbot
2023-05-17Lnhlvwx.jsjs 03652beb5abeb2e27fe43d5ddbecd035cbcb347a4e522a06b97f53e9c8f2c3a3n/a Quakbot
2023-05-17Pcnz.jsjs cb0831e577584283006785f01a0814bde066409ca601dc339554d7a5f57cf641n/a Quakbot
2023-05-17Rcqfzaa.jsjs a74445a5f0012b1c090201a042447749d4c8df01a288c2c2ab1f557e5bb945a7n/a Quakbot
2023-05-17Pgdbsxsg.jsjs f00d747e34af4a6f8b93915bbef401f4d5ff274200ae972602a3da617ac3e847n/a Quakbot
2023-05-17Kekjpakx.jsjs 008b7c92cd4bdebab4da47a745622e42eed22ad90208b795ebbdb323ba51fc74n/a Quakbot
2023-05-17Smro.jsjs e51a8356d40f9cdf4abeaba0ca0693929243c1317cff83b65210a3643b23bdb4n/a Quakbot
2023-05-17Rkeluu.jsjs 686f1a74c1a234ad79877421044397228b0f90ec8f3189825183d66b5399c106n/a Quakbot
2023-05-16Awwohtqx.jsjs 23a8d0cfe179b77f2cfbc5695c47cba4fa9497ec42446a3f9648342eb8aecaf9n/a Quakbot
2023-05-16Eqvhlfd.jsjs 836289526afeb4cd1f6887b8ed67f0f2ee5f64d10ae9afbdd51494784ee31d26n/a Quakbot
2023-05-16Schwid.jsjs f0a3f273b01032852ac730bb43aac896ceddf8ccd82b6c24c86c745c2dbeed15n/a Quakbot
2023-05-16Pyfblk.jsjs 996c4202f06d1366d314301ef0ca78a20b94aa9624506bd0c5a10a30d85034edn/a Quakbot
2023-05-16Lmycykf.jsjs 50565b9dbc5b57d06ab1d03ce8388b36bc561579a2be1120a69affd861f95ca4n/a Quakbot
2023-05-16Ipad.jsjs 706db40c11140f502301cdc80cba04e4238c41fe13334bfbbe680961fe8779ccn/a Quakbot
2023-05-16Pnftj.jsjs 53f4c229a06b02c9d7fb581556febb4bd817ee7e0e45d8dbcfc015efbd9022bcn/a Quakbot
2023-05-16Uzkhnkl.jsjs 5f65913afa22c4c227b2ceac9c007bb90a541b654552a046050daa5d8878d2a6n/a Quakbot