URLhaus Database

You are currently viewing the URLhaus database entry for https://icosmo.ir/wp-includes/gnmem-go2xe-7551/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	293207
URL:	https://icosmo.ir/wp-includes/gnmem-go2xe-7551/
URL Status:	Offline
Host:	icosmo.ir
Date added:	2020-01-21 04:32:08 UTC
Last online:	2020-01-26 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-01-21 04:34:04 UTC to abuse{at}arvan[dot]ir)
Takedown time:	5 days, 13 hours, 34 minutes (down since 2020-01-26 18:08:15 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-24	Invoice Z91_8840104.doc	doc	d4a5dec72600091f43cc79f5efc5b76ed09571f1a906a6fe4400b3ff08341638	25.40%	Heodo
2020-01-24	Inv VYV4757_029078.doc	doc	d830dd74d73625f82a36da760445920cea41b3321cba4769dd421d38e5c8b366	26.98%	Heodo
2020-01-24	Inv-EW9_232379.doc	doc	21ed646e9c73d65b5355a50adb7b3a7b2f6d76b45d4248e2ad2480fd784ee8b5	25.40%	Heodo
2020-01-24	INVOICE_KKOK2_006510.doc	doc	e6227f508ea8149469cf318e6939e1fd1d8b32b728997677e8220d7c4b827ac3	25.40%	Heodo
2020-01-24	Invoice_KU79_0190160.doc	doc	f650d229a5a7baea3cf86104f874121c82bb34994d2be1d3344cf45769387acc	25.81%	Heodo
2020-01-24	invoice_YLFY295_716617.doc	doc	7c181b5800d9b531de9f431cbd6947e93f55ac0e5f6fcad200acf2466f411a8c	49.18%	Heodo
2020-01-24	INVOICE-W6_669564.doc	doc	1824cc4bac3c95af19bb19db000fa09999ed3e4ceff6bb1ca9af0ab4a96104e4	47.62%	Heodo
2020-01-24	invoice_V4079_264534200.doc	doc	614057ec99d029b526fc3313b3385293cbb2a480d15596dd0a975d679fd753d9	46.03%	Heodo
2020-01-24	Invoice-R2548_50133819.doc	doc	5c566546a1462e17becc0023ddfae0f8e4d8b495e4feda5bcc5f7fa52e0ddd0a	45.00%	Heodo
2020-01-23	INVOICE-XFVE05_350525007.doc	doc	4d65aa1d4d4356e59a68839a7e437a4e3d207e6bf481c90baf4ba6de5b9d0ed4	34.92%	Heodo
2020-01-23	Invoice-G6152_823763628.doc	doc	4cb4d8d3fe9f861f5ab75bb11d23fedf98a1561b3aac9173f5dc211b8bb8bd5c	40.62%	Heodo
2020-01-23	Inv-2_4311308.doc	doc	69896fb1907aeb3711bc79924a6aa0f9d636605647439f36e14ad1e7c1afa917	31.75%	Heodo
2020-01-23	invoice 469_040619353.doc	doc	af8976ac691aa40327d9844ef283ec4de84fd38c56d57218befd747516e4e92e	32.79%
2020-01-23	Inv INNO127_0192641.doc	doc	12958a0020162751f99e336844423a03e94d65328cc2bb55a570293e54d2a0c3	32.26%
2020-01-23	Invoice-ZQI247_618691650.doc	doc	3475216fd7f40791c7a6f620a37544ce6ff9866f4ade999ad3e4eab76ccb91a7	31.75%	Heodo
2020-01-23	Invoice-ETPL3409_456174.doc	doc	93500a32e011f40c983cee5dd2d53b447421643672ec0823b81e5f7d5125a6ee	31.75%	Heodo
2020-01-23	Invoice P51_41398416.doc	doc	3ceb6736ad41ce7eab6677db54901559e0f3aec143fea7d74390afa03e0ec421	30.16%	Heodo
2020-01-23	INVOICE A680_689617.doc	doc	9bbfe0b457184f41255832ce9e3b15e25fe0bdb51a9ecf942163063c7f38acc3	25.81%	Heodo
2020-01-23	INVOICE-8_0797061.doc	doc	f8a99bfbf6c324f6f76f07ae81630edabaf926a75bc2bc290abeb01d910b9a67	27.42%	Heodo
2020-01-23	invoice-00_9598620.doc	doc	4efe99e760c862d17d3128bc8c9bfe85a4512b981ac9944bd6f3c38d0d02651b	28.57%	Heodo
2020-01-23	INVOICE_KJ37_210104044.doc	doc	c72dd27b499d4dea90b30a82818446418aa2fe8c1cfade8a1912d1e757a4204a	33.87%	Heodo
2020-01-23	INVOICE_6062_4437216.doc	doc	aa561ec45a890d783fcb412768c706f829bf7648de033cdd190fab9584ed7a40	26.98%	Heodo
2020-01-23	invoice-DLVX2275_065785421.doc	doc	bcd78fb2ae376c31ea21a7d1b7d110e4dd0a49c9a8261bc5f68816e4d1091bbb	22.22%	Heodo
2020-01-23	INVOICE-21_17362414.doc	doc	93cac8f7e51e270b89a9c834216ec2cdc9273ea5cb5cc6f31bf7d2b145c36776	21.88%	Heodo
2020-01-23	invoice-M2_73540539.doc	doc	68ac922c713a804c7deb999f07b98b907019e4c339554a965ee4251d5459b660	22.22%	Heodo
2020-01-23	invoice_A996_65199827.doc	doc	0f8e10bbdc8728918591e85cccb046c2773c40bac92da35c9474905528e4f22e	20.97%	Heodo
2020-01-21	Inv_9_3254287.doc	doc	83740fd06a390664d028dd6d88e746043c92d6fa71f3d3c3c11b4037e3814daf	26.23%	Heodo
2020-01-21	INVOICE WJH6_40152365.doc	doc	53939e69f5db9c35729b5d1f1af75235b246f43c436fa05fa6fcbc4da9c72077	24.19%	Heodo
2020-01-21	Invoice IRF36_3383686.doc	doc	550771bc583f1691f3f2cebecfc10f027ee98291e072a6e2ce7f2cde126077a5	24.59%	Heodo
2020-01-21	INVOICE-E933_472801964.doc	doc	95852bc2a7d2fc8fbc3ce8c4a1cde2dd4142f857a564791284b600c43d5d3120	25.81%	Heodo
2020-01-21	Invoice_JJU9139_52050831.doc	doc	30a7bced6bd50ca952a2601c976877e665d04b882ba5f6c66efcd064dde6f339	25.81%	Heodo
2020-01-21	invoice-187_7547954.doc	doc	41a39aba7e866bc9556210ca2f0fdbb66cee751719cf7ca1f6ae526ef0005460	n/a	Heodo
2020-01-21	invoice-MED42_56511992.doc	doc	c9b288f025cd8dd448fc3b9a7315b5f54fd97d274d7c3716334e92b10c22bad9	39.34%