URLhaus Database

You are currently viewing the URLhaus database entry for http://webnaqsh.ir/salavat/paclm/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	293046
URL:	http://webnaqsh.ir/salavat/paclm/
URL Status:	Offline
Host:	webnaqsh.ir
Date added:	2020-01-20 23:34:06 UTC
Last online:	2020-01-27 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-01-20 23:36:02 UTC to abuse{at}hetzner[dot]de)
Takedown time:	6 days, 8 hours, 57 minutes (down since 2020-01-27 08:33:08 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-23	FILE_8404120188976792439.doc	doc	bbf3f412e3b15c98806ea3d173dfa3d18cfeb0b628794ebbaa2727ce704490c0	26.56%
2020-01-22	AR3977403049IF.doc	doc	29487cc347b96694240c5003b2fde7f8e509ac63ea9365249aa1a23c122502ce	27.42%
2020-01-22	5WIAO6VIQXIH.doc	doc	669eefc104d806bd76c96aea4774af65b2fdc557d7bb93f72910014b7093d9c3	26.56%	Heodo
2020-01-22	CZY_PO_01222020EX.doc	doc	0fed8a6d0f31e05943d5e786c31313260f8187f838e8ee21b42c285e41df16cb	28.57%
2020-01-22	INV_RMU_010120_QFD_012220.doc	doc	9756dcc678b46451f83fdfda2c1b587c0c0ed23f343a60636bf2a41683f15f20	28.12%	Heodo
2020-01-22	PAY_LB7621533554ZB.doc	doc	1edd209142cc223e891e8dd444c153f50de141b3239f20dfad8f44bf278752a9	28.57%	Heodo
2020-01-22	TI_34939646.doc	doc	6ae88a641c3cf227c2db6bdc728158b97d4b9f912b642fc6c41e453eda9c27b4	n/a	Heodo
2020-01-22	ST_OBT_010120_OVP_012220.doc	doc	5f685d49710e07b7bf6d016e2e75676bcba151a6f2af4c7f08f826261f7fce75	28.12%	Heodo
2020-01-22	FILE_88502959140535082.doc	doc	70d96ec5e5e5a5da15352cfffba5a86f32d246617e3dbf34a3ba180af0d4281f	30.65%	Heodo
2020-01-22	SW_44874488.doc	doc	4c80edcbb0062e3b1f50fd07de05afa15805203131f6a34ae1dd4f4591dfcf20	30.65%
2020-01-22	49407076.doc	doc	a8e86ce1edef7bad9f725d8f9b127d50d0a80a4e3477a2294f61bd2be001bfc7	31.75%	Heodo
2020-01-22	LYS_010120_SOZ_012220.doc	doc	cd1d589c80332498c1497b75ec3532ce643fa739a27ce32fc53e53551562361e	30.16%	Heodo
2020-01-22	RP_45491740.doc	doc	c4b215a59659e1c91fffadf971f2d9f6a0865a757e23c4ded707e894927c7837	26.09%	Heodo
2020-01-22	REP_NJY_010120_HZO_012220.doc	doc	6c41de0217099d220e5646b6aa20f6e596c9d39e9361de08795ce79c09ec51d9	26.23%	Heodo
2020-01-22	FILE_FV1367224960OD.doc	doc	2060f7df174027271307cce5c7a8ec61c05546b084780a80186d00fc343a2b0f	27.87%	Heodo
2020-01-22	DOC_522417221.doc	doc	336ab3a461e1a9206d529c38bf94f01e340884585fe63edd765c3fd0821f68e6	n/a	Heodo
2020-01-22	DOC_RJIKW4U3OUGB.doc	doc	96e71ebc8855336f1ff5006afcd5167486abf09cebca7b194da01a83388a9053	21.43%	Heodo
2020-01-22	INV_PO_01222020EX.doc	doc	38787b38f9ed7908075086f02ec866791014775637c563d31e7926535cfad02e	20.97%	Heodo
2020-01-22	FILE_FXI_010120_XXM_012220.doc	doc	8205eac5713b6e780f44ca0ead54f7b14258c7553e717184eee2ab927d901095	21.67%	Heodo
2020-01-22	PAY_YJI_010120_XHW_012220.doc	doc	a0855eab3940a455dc8d9abb41fe9a44d09eb1153e79da6e813565d5dac82f24	19.67%	Heodo
2020-01-22	FILE_PO_01222020EX.doc	doc	8bb40f94230c4779d38d4849765d3c668b37c66d257ecbf89fe76f042c850958	19.35%	Heodo
2020-01-22	ST_MCCF7OZBSI.doc	doc	6321d13c864a5af9a0a39e72120db0999714232489e7bf8461b8a795db19a222	19.67%	Heodo
2020-01-21	LLJ_OD2715736337HO.doc	doc	73ae92b67a773aeb211f7520d6d98ff0b4f01babd23ad51535129e1c09c78e97	21.31%
2020-01-21	B_PO_01222020EX.doc	doc	afc71ff2f950fe201610ccb3658ecabd28277de445f299d235048e06bb3c02be	n/a	Heodo
2020-01-21	FILE_QE1413734819DC.doc	doc	4a5b9b9742ab79ec97f03a713d79186193ea89fbdce64cc486bdfeb117c7e7bf	19.67%	Heodo
2020-01-21	INV_PO_01212020EX.doc	doc	b719fe6775a43df4cc11ea66ffbb5923fd8fb3323fe1bacff9bafe830eff8658	18.33%	Heodo
2020-01-21	DOC_907051425.doc	doc	f8b7610b7621a91b5d28857ea340a864fe7c4b11e544e0a8d55b06130078f520	n/a	Heodo
2020-01-21	PO_01212020EX.doc	doc	0ba2bc2d8ddd7c95e3a17870d34c390e31968ea645b5ca3c5978da28719eeb99	19.35%	Heodo
2020-01-21	SW_37009403.doc	doc	0ac7a98f0bbf451a51cb75aa5b065d00e46c0860c7cd1c90a194e8a40a56aa93	n/a	Heodo
2020-01-21	60921246.doc	doc	3b395eb78042a1f0b5703918e01736f33b6d2e250697b802effe097a05ea2b00	22.58%	Heodo
2020-01-21	FILE_NC3205658177GL.doc	doc	f8cd0ec825c89fdfbdcebefa1756132a3f4d14e798d4b8f1833de4b6db4eeb91	n/a	Heodo
2020-01-21	RP_PO_01212020EX.doc	doc	61507dd50818260d95aaadcd23ed886f445d5c1afe613e53e1633c08ee5bdab8	n/a	Heodo
2020-01-21	SQLM_7683165401.doc	doc	dfe2815ab27e806aa38d3a86f0c43e7aa9fca4b580604411f1d339c734d038e3	24.59%	Heodo
2020-01-21	X_UXWYG7VH8U6GGS.doc	doc	ac0a043ddb5cd2ef939889a7dface6d1464766b504e1cf491e8d05d6983e0d12	22.95%	Heodo
2020-01-21	INV_RT9142310261QW.doc	doc	f17aecacb4c59bf2959bded698efef9d09011deaa526b24352fab366fa66dcf1	n/a	Heodo
2020-01-21	PZ_NCM_010120_JHI_012120.doc	doc	3d7638d3dfb9736e90003021fd9a8a5dde3aef6a2d13539f6734043630d1d035	22.03%	Heodo
2020-01-21	INV_NKHI2RV.doc	doc	8f4c14f97223ec8f494ad5728dfc1e5667d176c2400fe9afebf812dad4744212	23.33%
2020-01-21	SW_PO_01212020EX.doc	doc	b8083992ca8cf08ef3353bdea04c93eaeb2c2d9a0840119f89868e27b2261a32	n/a	Heodo
2020-01-21	REP_PP4736785819UE.doc	doc	1a54c57512dbcac388648552cf8ec7536827af1c60f032cf6b3b6fc3197033c4	38.71%	Heodo
2020-01-21	SW_06397240.doc	doc	75c18f408894f1bd20cec6f8a0ee58eeafcdb92b73ab75859ce6132806d9bd4e	36.67%
2020-01-21	IWU_010120_HUM_012120.doc	doc	bab6c6989935ad3265af5fe641a9070d85fafb84e2148f1eb356282fd2a51aec	32.26%	Heodo
2020-01-21	REP_8062260750605389498827.doc	doc	e25410f15ae5145a3b9fb099147c11d5ebb9839ef106c08b07b2aa53319d292e	n/a	Heodo
2020-01-21	RP_17619845.doc	doc	6f95ea0f92c00748e1215edfe2c7b4c7e772776fc5e4c48e67ead100f4c5c835	26.67%	Heodo
2020-01-21	EG1469009944JF.doc	doc	964e177fbe7a317c7e75ed23ba8723e734df7257536a548cc779df5b24cbac4b	n/a	Heodo
2020-01-20	RP_PO_01212020EX.doc	doc	bc613922a454677dbaee2bebc736d388f90e99ad1865ecf5ed474e13a83e5a4b	26.23%	Heodo