URLhaus Database

You are currently viewing the URLhaus database entry for https://www.dl5.zahra-media.ir/dl5.zahra-media.ir/l34jaFq0PIh3/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2167520
URL:	https://www.dl5.zahra-media.ir/dl5.zahra-media.ir/l34jaFq0PIh3/
URL Status:	Offline
Host:	www.dl5.zahra-media.ir
Date added:	2022-04-27 13:18:18 UTC
Last online:	2022-05-29 20:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-04-27 13:19:11 UTC to abuse{at}rasana[dot]net)
Takedown time:	1 month, 2 days, 7 hours, 3 minutes (down since 2022-05-29 20:23:09 UTC)
Tags:	dll emotet epoch4 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-29	xAzy5pNtjfYqUpLuNp7hWvsUPbS.dll	dll	6741647ddbd9ee98a11f54d8c6650c7987fb0f2fe3df05e3db911e4b6e518471	13.24%	Heodo
2022-04-29	6s3X7iy2wjDItPntoS6wB98IluXFhy5.dll	dll	cf119fa417f92b2e6784a4d019963691561953f6cb50aec02618e49b3b0d768e	n/a	Heodo
2022-04-29	ogp4HCRtbMDadv.dll	dll	dd4621aa10da48188922ff4cefe6608c74592fdac8fb7acff5457b9b0f199ccb	11.76%	Heodo
2022-04-29	l0NwgZFkOva5BiyB8uhS.dll	dll	1d333a8d56c25aff698d3939060fc205832e12ba3424b40f507d4db7a58899fc	12.12%	Heodo
2022-04-29	C7OYhCln5zQ.dll	dll	11f5ea059993c77487e5e699fbcfd98425f22099ede7dec792f570b55c64269f	10.45%	Heodo
2022-04-29	QSMHZltVyT.dll	dll	f053c984bb223a47c85d7f37d6284227f8a224c2284acaeb79640dadb2666788	11.76%	Heodo
2022-04-29	xG9uzQfcwFG0FGEfPlPS6YzfatFH.dll	dll	ffc90f20190226bb86eb1a1eb7a5a23e8073e786cdbfba2984718ca039fd137c	14.71%	Heodo
2022-04-29	gsnF6AU2KPl2C.dll	dll	f1f87c1497f7cbd7ab6634e3adb83d7233184f3146ee2d915cbddced7574c919	8.82%	Heodo
2022-04-29	q07AUuIzeummP3K88cyC.dll	dll	f9ce809794f31b1a3e47b0dba629a3493e81139435cbfb2fab83e68d603ea457	n/a	Heodo
2022-04-29	l1YqVZ4tK1j2ss55IlJbQzzZ7.dll	dll	a15149cf8b4ec5e10413d02d85be47a8163f3f812d1ee49989b0af7130e33367	10.29%	Heodo
2022-04-29	nkpRkqHeiz8POOm.dll	dll	cb816e3fa7850ef0cf7fafa93ec483e8356f8335f3dc885bcb65b719c946226d	8.82%	Heodo
2022-04-29	RCo0EiWLs7BM.dll	dll	35b616b65dbc5c0ec2892106e3f4e0ff4e9dbad4b583f457f50485ded12cc73e	8.82%	Heodo
2022-04-29	q9xOOVoRBoL0aif5QngNStYeHE.dll	dll	cc6929934bd690adbfe57173783096e702b35636fdfaafa2d7da3c3a6cb9aae8	n/a	Heodo
2022-04-29	Bau0laJDnwERVL4ftKJmKGm2RIErNDE.dll	dll	e594e2f43063475025ad01a38f758a8e5250139748acd885d74cc968eb6508e4	n/a	Heodo
2022-04-29	ZPpFjiYwlzG7f8KKh3fzK6Y0o2uyw.dll	dll	881a297dbce80117b21f0626745b922e3a78a3cd39672c313295086e384098cc	n/a	Heodo
2022-04-29	NZhXbmm.dll	dll	1ffb018fbe126443e2ff475a50f2c548ce8df04139badf92d2e72907ceb508c0	n/a	Heodo
2022-04-29	w3NnKD3kjLWjv34mthiofcYkKa2UHnaJ7I.dll	dll	a3bf7a9c0534a73374274c39c2a4cdee7e01ccf3857ecab0591d33103bf4cf2c	n/a	Heodo
2022-04-29	bpGpyKVvha.dll	dll	31d86ae9d3a7baecd7ebe09137e7101d3deab0f6b08d00e332076ea14b59af61	n/a	Heodo
2022-04-29	87xhjzhMMEFeHV111kLqlqmQb9j19zRNU.dll	dll	f8ba571a5badc834f1c0f4ab4f9f34abff4178ad3e79a4f73ee125821d50a6fb	n/a	Heodo
2022-04-29	d3nuFg.dll	dll	cb4423820f6e3ca66165c383d596438b57022022902acd64245c80cfb999e31c	5.97%	Heodo
2022-04-29	2EFwl7pBfk.dll	dll	3fa483f00a452751649d65d5e9462c103481c524ab21f86b414f82fc51b80e45	n/a	Heodo
2022-04-29	6TC9Au4iRirW5F4hti4fvISXc.dll	dll	250a880e42d8936eb54d7e04b9585d7f51cadf8eb17186904d33bfc121d24fff	5.97%	Heodo
2022-04-29	nrCCa8HXPVx5IUJUttU9J16qCvq.dll	dll	9e8cf25bdec3e5672fbe40b3b99f9b9bc1a09b7f11134299cc1774e2b8ef42fe	6.06%	Heodo
2022-04-29	342m0s.dll	dll	3eae41e9add533a635fb96e399b943f1f9d12abec39423d6ffe2e3b27eb3ceb9	5.97%	Heodo
2022-04-29	JNLLhPfjOcV2AykCNPl1.dll	dll	c16d8d9de30ecbe1bb4467cd90f8a43bb3af2384a9cdc0f8b78f14a83f56ba39	4.48%	Heodo
2022-04-29	GEZYLLNrIuPaNtR3dB6.dll	dll	f8ba7b9558b9e5eeb04eb088a1c218437c401294d3d02bd34eafb8a3412535f2	4.48%	Heodo
2022-04-29	OBAW6XWLjeU85qppewjYVjJVqbdfi.dll	dll	853eb9ae884441684fe00c86026ac9769acc5015fef1173b803ba591494e5f01	n/a	Heodo
2022-04-29	bCkvjeXQ.dll	dll	3e7236627d2ad794175892e3090c1b6757934d73d846da5edefb68093ca59cd5	19.12%	Heodo
2022-04-28	Nqhj6jwiAib9WLgRbZlIZRr.dll	dll	211bb2b934c16cf06146d5b5e7ae38963d3e060f77f2ab0e23b1a5601c1dce63	17.65%	Heodo
2022-04-28	hzlO77FGich4S.dll	dll	1daae776c5a5c2297985c81a4b2997d4ce09c5144e880cdbb68c681f167bb9d7	19.70%	Heodo
2022-04-28	Ecv6DfbKQmMWIs1uCOztrTE0uOfwakJq51.dll	dll	75421db8e85b3f997ad57a7ec9737071ec230cf61b3b7d281f2930a05b7a3226	8.89%	Heodo
2022-04-28	xVbvj5psOFdciC5reMTwx6.dll	dll	0204091a2b916ecdc6b5f327dabd6ac6b0828a073573e89a72e54722d47d258a	19.40%	Heodo
2022-04-28	TablXq3Sj3njP6F9hZFR7aqvI6zRzOq.dll	dll	e05243ec70891d75bbd33d5ac93a6a4f40adcd1d0f9e3e6f8a9cc2331b5c11c6	12.70%	Heodo
2022-04-27	nFSjyIz4XiFfxBp4Vrk.dll	dll	b481ac05ea9a59eedf6233166327057279babef26c913a8e89536472b192e86c	9.09%	Heodo