URLhaus Database

You are currently viewing the URLhaus database entry for http://cepc.ir/wp-content/public/v4l0z2jgqrn/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	271099
URL:	http://cepc.ir/wp-content/public/v4l0z2jgqrn/
URL Status:	Offline
Host:	cepc.ir
Date added:	2019-12-17 23:12:03 UTC
Last online:	2019-12-20 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-12-17 23:14:03 UTC to ripe-abuse{at}hamipars[dot]com)
Takedown time:	2 days, 8 hours, 54 minutes (down since 2019-12-20 08:08:22 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-12-20	BAL_58892018859196760699.doc	doc	94ea280d7309a499f9742772c221572f0fc1e44b78057cfb8c09e6872c7283f3	29.51%
2019-12-19	PAY_ROMFKQAD0.doc	doc	52ad170020b424074f08671fd28489a1d7565cf98d6543ccd7293fa6ef961e55	29.51%	Heodo
2019-12-19	OK8204134521UT.doc	doc	6964014b69bade0d221fd7af866add333c9b60291bfc41bef70f42263a57d6c3	29.03%
2019-12-19	INV_O2G2C61XD6TH1KC.doc	doc	418448a9e03c300d29a1442db6c5a6b38b0458ea72f09e6cbce326f32b95b84d	31.15%	Heodo
2019-12-19	BAL_IR0063766374XF.doc	doc	329915e7a80ca2eaa941d1e7dd96c6308f5cdf054dbf8e8d546ae0571e5ebd43	25.81%
2019-12-19	ST_PO_12192019EX.doc	doc	3588991c8173834c8c413bbee1c1f5dce7f308ead3e9339e250c75e95459921b	27.87%	Heodo
2019-12-19	RP_PSM_120119_QNW_121919.doc	doc	99f5916f3803009668c44ca41a2ca4b5a17f9647163738438946951f7d3930b3	27.87%	Heodo
2019-12-19	DOC_062535061419.doc	doc	856db418ae86d091dbe54c6f710d19e8ea0da98981bb21d959bf50db97393154	28.57%	Heodo
2019-12-19	BOND_93530769562857612454373.doc	doc	f3e5b744b082ac91f4569bd3795822a360b43e848ae1354b0b93a2a63cee1f84	26.23%	Heodo
2019-12-19	PO_12192019EX.doc	doc	983bfe2db0099f8bedff111f84e467d8ca14e731d3338a79aab5573d2f2b8412	26.23%
2019-12-19	FILE_PN4XS5H6.doc	doc	6a209d185231e9b9e146b04a44e886d6387f51a8972bcb3f0b492f9c11e8c0c5	22.58%
2019-12-19	HR9191640352AQ.doc	doc	12a6d597072bb87189f674704a2c3645a812050289fdd6325627637f60f19587	22.58%
2019-12-19	RP_484901935826892730.doc	doc	e4cff33774c6680c4f2e21c49fd53035033df8960dcdd09ab257f157f3bdbd09	30.65%	Heodo
2019-12-19	HD0128916439ZL.doc	doc	eece617e68c6bd59cba0abfe3a92b1bd28f333ded755fdeecdf32aa5d9369d44	30.51%	Heodo
2019-12-19	A_UR9791811235HT.doc	doc	8e0c8ce71d167427a04e9522cf9e4ee7f7a9eca9261c0dfa41d4d8f48a265031	30.65%	Heodo
2019-12-19	QEB_PO_12192019EX.doc	doc	ca0774fb16973d2ece0be648b888e477193ddf8a4ee79065845e730a8c3015d2	24.19%	Heodo
2019-12-19	PAY_24267090.doc	doc	7b59717378331890255ad1aee1b7581861360cc08cb8285756a7ba1bf76a6bf6	24.59%	Heodo
2019-12-18	BAL_AIR_120119_LGE_121919.doc	doc	2f37a55acc32e7d59e31d6c98effdc3171e447d51f5aceea59451fe493461b9e	25.81%	Heodo
2019-12-18	PO_12182019EX.doc	doc	53c21d965d731f212e3c62743ad88519b2a4290af20dfadf8ba74762743317bd	27.12%	Heodo
2019-12-18	P_84814339.doc	doc	7af0436052fc188b4873f17046e2e073a7a82706179a796f82c27b32a8fcb95e	24.59%	Heodo
2019-12-18	5807858525149264756422826.doc	doc	8b974a004a4926372021ced18f1b480e32367d38fb9e5e8e29ef08f9b03232f4	24.59%	Heodo
2019-12-18	D_DAG_120119_JSF_121819.doc	doc	6f2ee6ab0615008c2f192248ddd134e9128b5c40bcd96650dfd4ae5b971b3dc8	23.33%	Heodo
2019-12-18	FILE_2CUDM68W7LUE6XXD.doc	doc	c7a4384f56804bd3f32c9e65713fb455ce84bc5a3d45a65e8e7ad429c17990ad	22.58%	Heodo
2019-12-18	247OMSN99NYMH.doc	doc	171e26e1ed7f8a422b2a0f5098949d0faac6938cabdf6a5ef2aeb95761c92eae	22.95%	Heodo
2019-12-18	BAL_PO_12182019EX.doc	doc	267c6b931989c13475cfdd22641b07a8fe42059c916f87d6c3f186981e675709	n/a	Heodo
2019-12-18	ST_IP9819837286IE.doc	doc	751bc11854450888ec606d7c725c004e83771068cfcb57409ae20ee399d7e5f6	21.05%	Heodo
2019-12-18	INV_PO_12182019EX.doc	doc	d19458049a137e1bfcd3f580aeef39686b6e1ea204dbf4f4a3abf79bcde08016	42.62%
2019-12-18	INV_0902964868328081.doc	doc	53f9a8929a317cef9ef0be07118146e7ca56149c35b7552645999b1c6ebae147	n/a
2019-12-18	PAY_PO_12182019EX.doc	doc	862593f0ec4b40cc1593362375fb3751cc51fc9f73e14dd6e5681c81433d3472	41.94%	Heodo
2019-12-18	INV_KD2913627356XH.doc	doc	d93540d00b3e0df9c0d44218338d46c79dbbe156480a89c7f298ae1ededbc1d1	42.62%
2019-12-18	SW_MXA_120119_OHQ_121819.doc	doc	7c7fe6921fd0483b165be4f787c8d10c0cc92e33a275dee48ab6454ced2df79a	37.10%
2019-12-17	SW_ZET_120119_XIR_121819.doc	doc	d494fef0346aac9497abd8465b6e3bd64fce90b32a1e2048737ae5ca345b7d1c	n/a
2019-12-17	BAL_5U9N1ZBJITJG26X.doc	doc	30d32e0187649a1613e5227d8764a5cf550f6458d7af759be91949fb28206e5a	n/a	Heodo