URLhaus Database

You are currently viewing the URLhaus database entry for https://fanfanvod.com/lda/open_resource/Ppajf_AZ6tuHzZ_forum/TAfoqZKWvpA_5imeJy7znuIo/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:288461
URL: https://fanfanvod.com/lda/open_resource/Ppajf_AZ6tuHzZ_forum/TAfoqZKWvpA_5imeJy7znuIo/
URL Status:Offline
Host: fanfanvod.com
Date added:2020-01-14 19:35:08 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Spammer domain link
SURBL :Not listed
Quad9 :Blocked
AdGuard :Blocked link
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2020-01-14 19:36:02 UTC to abuse{at}sioru[dot]com)
Takedown time:21 days, 2 hours, 30 minutes Bad (down since 2020-02-04 22:06:14 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2020-01-17Attachment-5753253411.docdoc 3b3388c5f0830c3beaed1ffcafef5d5a5a63e4e7c7ac455a401d15745f9c4b6cVirustotal results 56.45%Heodo
2020-01-15Untitled_876821.docdoc abbac4cfe051493dc1f2e9622f16494e6dddd3bea503031cd4d178fadf50593eVirustotal results 31.15%Heodo
2020-01-14UNTITLED_54795.docdoc 94c08dc1525df7f0ed38e3c7b6b60c548e0e1387ecaf0691b835388d35d625e3Virustotal results 24.59%Heodo
2020-01-14UNTITLED\_{:REGEX:(\_[0-9]{5,12}|\_[0-9]{5,12}\{:REGEX:(-|_| |-| )\}|\_[0-9]{5,12}|\_[0-9]{5,12}\{:REGEX:(-|_| |-| )\}|)}.docdoc 719cc760cdcd62afd663e6813781d494443f47988388cf0ba10ec6b93f74103an/aHeodo
2020-01-14Attachments-49646189603.docdoc 8ba6b30a8b1f359d94b21946288b672916b5090161d40e97aec3d5a2bcbea0b2Virustotal results 17.74%Heodo