URLhaus Database

You are currently viewing the URLhaus database entry for https://yourhelper.in/lsdd/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2659374
URL:	https://yourhelper.in/lsdd/
URL Status:	Offline
Host:	yourhelper.in
Date added:	2023-06-13 17:52:22 UTC
Last online:	2023-06-15 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-06-13 17:53:21 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	1 day, 21 hours, 57 minutes (down since 2023-06-15 15:50:24 UTC)
Tags:	BB32 geofenced js Qakbot Quakbot USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-15	document_AD614_Jun_15.zip	zip	6949ce0d039c447aea5a966f667cb851554a4edfd7b95ee16adae766e9734aa2	n/a	Quakbot
2023-06-15	document_FE304_Jun_15.zip	zip	8af76db02a0363ef0e93d6d08638cad190c5632b760e8f82e4ba18030a4a9f38	n/a	Quakbot
2023-06-15	iMfUAsnzoPWj6.js	js	6258cc5d5bab543bc0a284598ae34ef2da0e05873736d65962f1f80c4c1a02e7	n/a	Quakbot
2023-06-15	VS869DnWPvZjOx.js	js	750e966311be69d1445c01cc0c7c1cf4ab2428b0683f4f9d3bed89ea35c5391c	15.25%	Quakbot
2023-06-15	LbY2KBi3SEQmOw.js	js	de4792a275b808a2e17037e4926f6e1b32fb1b5cc0c8d49c1adb6cb742920e4b	16.95%	Quakbot
2023-06-15	HAvE2FfsM5qKN3.js	js	08bfcc3151c4b647717d7d7ebaf3616bca9efbc76704fa45c1f547a8a9e32e07	16.95%	Quakbot
2023-06-15	TAtXuMs9L73d.js	js	f0c36fa089e8912689dccdc9af088c2dfd82a3839cd123358b3bcbe9999d9b42	0.00%	Quakbot
2023-06-14	00uptuRUsITH.js	js	83b27be254fa17565d9ef46fe430273b85b142ab5a769f632d1d439e07e53eeb	n/a	Quakbot
2023-06-14	5YNHRsIrH6ZTU.js	js	57ea674c3ccfabf7827408635e7d919bd9bd80a34f964b1550a0853793089555	0.00%
2023-06-14	lOlDbYwf5rMFiV.js	js	e0517a6760a35ecc915698964b78e1a131d195c65311aa6c848c5254822dd508	n/a
2023-06-14	docu_EF925_Jun_14.zip	zip	10e566dcc281e6b991c1793ec7bb7fcf5340ff7c607fbc94780502a1567b8bc0	n/a	Quakbot
2023-06-14	Qkar5wIR4erg0.js	js	7039c75c670048a1229f475146b53304bafa2c639cd2ae8e5b11e4dfcb02e5c9	1.69%	Quakbot
2023-06-14	NaxSTqUp7VGOCo.js	js	cf511c31b333d8e91a5fbde65fe820f6343954ee168d177476664a9aa8000721	0.00%
2023-06-14	F5WaGVReLXmi1.js	js	3dc6376b466935f3e4274c9b2512a32fbf78081607bbb34764f18674b3f487ee	15.79%	Quakbot
2023-06-14	LFAotk6pLsJq4z.js	js	8b2b5ab2f87cee54c8cc50586169b8759ffe94753cdf9084e2f12cd58cadcfc7	0.00%	Quakbot
2023-06-14	Yea2QDFuLFAR.js	js	67076bab342d29b913071be1cd29b60d1800fda7c0f4379f8f5adfb4e3b6f0ce	16.95%	Quakbot
2023-06-14	IgABP14Sb2o9LS.js	js	bf6bd90587cc1646ab66519e30a7343bfce159ac0469a186f082fc5011e4d1b8	0.00%	Quakbot
2023-06-14	J9Ibc7dYW0yL.js	js	36adc1c9e2bd8c45cdc4e1b0c11f8003b933601148dd8be6123d3af05ae95e84	0.00%	Quakbot
2023-06-14	3fDNbmg8kqzK.js	js	c02d10872cba0d9ea47cc36cd92a6784bfbe334c1ff1386886cd6c9b5bca6061	15.25%	Quakbot
2023-06-14	XdQu3FX1q1GF.js	js	54373fa75a0dda2c7fcd65b3fd408617b4476fff9c36c456e3eb3b07961404fb	1.69%
2023-06-14	uQ2TFNzOMgl7D.js	js	5c4e49c1977a1a6350d56c77e09bf00d527cf459ffc47c665697c3cf349bf90a	n/a	Quakbot
2023-06-13	6xZKbBFcl5elIP.js	js	12aa30c168e0bfb3f09cd7bcd823186ae8f4a1bafe7f97e3a0fd6b925433587e	n/a	Quakbot
2023-06-13	jQWEZa5Zg7McK.js	js	1b8f4a5af32fae186acaede95d52665e3059cb8f0b963a4a6d0f7a3c08258fe5	15.52%	Quakbot
2023-06-13	0zB86c1Yw2yze.js	js	de5d5e81e6960f9dd9d6c161de7982eb4502e1bd04a6e671274c76520fd5f5fc	0.00%	Quakbot
2023-06-13	abRPqOJokQcesk.js	js	4e8982e4947c150330946006c0127fadaa61218145f6f113bfdaa965458924a9	2.13%	Quakbot
2023-06-13	IvqEQRq4cyAkAT.js	js	851fd360e88d59579915ce7885ebd7f385f17accfcd3d06c321dbea96e69c960	n/a
2023-06-13	Gt2NB2RuAWvR.js	js	40ae0a5f29fc9b0a2efc8e843fe5532991b1a2286f4afbd85a89dd512377e77c	n/a	Quakbot