URLhaus Database

You are currently viewing the URLhaus database entry for https://mirangallery.ir/wp-content/common-zone/FHhHNa-HuFXytdkkWvp9G-cloud/54716410-ffDLwnsTlwmm/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	415412
URL:	https://mirangallery.ir/wp-content/common-zone/FHhHNa-HuFXytdkkWvp9G-cloud/54716410-ffDLwnsTlwmm/
URL Status:	Offline
Host:	mirangallery.ir
Date added:	2020-07-20 17:37:06 UTC
Last online:	2020-07-21 14:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-20 17:38:02 UTC to abuse{at}ovh[dot]net)
Takedown time:	20 hours, 22 minutes (down since 2020-07-21 14:00:26 UTC)
Tags:	doc emotet epoch1 heodo ZLoader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-21	REP_20200721_QE519.docm	doc	15617b37ed587c9af7ec3de8d4aabd3de95ded6604f652abea14822da2c94ce0	28.33%
2020-07-21	Mes 6663.docm	doc	3b2f5f46ff691d1339cd98d00d79cfc31b0a7c7820a17c45c7be9197a392f2f6	26.67%	Heodo
2020-07-21	Inf-M734.rtf	doc	c7822a15dfb48ca078ebc0a41816b3bb1925bba9198831892a7e77fe64e84f42	n/a	Heodo
2020-07-21	file 20200721 5889.doc	doc	a82dd2141315d36a0f9ba74bb443a40e0495cd089323254c35d0c4686249de7a	24.59%	Heodo
2020-07-21	ARC W88321.rtf	doc	55a103c16b3c4d8958091e55cfb62091fd2d209e07ffba0a5c88252946b8ae39	25.42%
2020-07-21	Mes 3620900.doc	doc	1cedf6604408daa4487f0f7d69db320dccc441b5a37ab755ba99d159442acc50	24.59%
2020-07-21	Mes S2808.rtf	doc	0f8288ecc5022d06cdad8fae0c835f114f39303b84778aa885154623802bf532	24.59%	Heodo
2020-07-21	ARC_2020_07_21.docm	doc	deb29a892e444cde34fe7642bacbee1bf74d35fcff478966636eec77c5e28646	25.00%
2020-07-21	MES-2020_07_21-CHV403.doc	doc	2e716647297132c94bca63747c48379889273658b12366fbe0e689a2b9966470	24.59%	Heodo
2020-07-21	Inf-20200721.doc	doc	14f298945ba541ac7f6cf64b12d67423fffd432bbf2e598d25cd50f0e8cfd86f	n/a	Heodo
2020-07-21	Rep-2020_07_21-412.docm	doc	7b19a0f8eec4e97830795e9551e2f09ceb4fe93fab484152127439f952f2b404	23.33%
2020-07-21	Doc-20200721-96929.doc	doc	a8d9eceee2cd3735b96abf3528e7ec3e8e2d8ceb8991c00c7ff479e9034655f5	34.43%	Heodo
2020-07-21	list 33503.doc	doc	aa4a6dae1e4ea4aaa6e4539fa9a3fbb129544c7d56807321757f41321b723abb	n/a	Heodo
2020-07-21	Inf-H34007.rtf	doc	b56639e31ca0b91be1be4530948430617abbf4a71376d356b7521b5044767bca	34.43%	Heodo
2020-07-21	List 2020_07_21 BLB0094.docm	doc	793132996a7b6875055c2bdbde2173f37e68ce5f04ab651acad13f84ab89cb82	34.43%
2020-07-21	dat-20200721-36981.rtf	doc	276568f9c3bb230aabe183dbfd02ad1c36b7aa141d382d34a839a611a422c07f	33.87%	Heodo
2020-07-21	LIST 20200721 085.doc	doc	9e7349a986f7139a74245edcc8f0028bd6a10f81e79a7ac8bf7134e6d4932c2d	32.26%	Heodo
2020-07-21	arc-20200721-3864.docm	doc	754a0bebe018b079d9d9260256ea2106b4b5ad9a654c8b8a1989bf6e3f4568f7	34.43%
2020-07-21	MES_20200721_A936.doc	doc	5816bc271d88617e627d64210b8ac9df417f8072b362af861ade766137eb1564	34.43%	Heodo
2020-07-21	LIST-59909.doc	doc	ace014e43d78870f28d2a732d72b60fe0c602b71dcc8771989e5cfc0bb1e0bef	33.87%
2020-07-21	DAT_2020_07_21_JH471.docm	doc	3bc869822322f3e700ec706660323daeca6ea90553d0bff45ce1fdc1ad6dfcfb	32.26%	Heodo
2020-07-21	LIST 2020_07_21 410.rtf	doc	122b0d68ee819b2ceb91c0b2cdcc0327860dadbb29f884a776968a58c9480ec4	32.79%
2020-07-21	mes-WU38535.docm	doc	32a11fccc02f1372c54ca027f00c35e33268d3819191a348b9096fd3853ab6fd	32.79%	Heodo
2020-07-21	FILE 2020_07_21.rtf	doc	41718a7885dc57496b953e118a0e425ba2af1e37a2a3a868cf05ac83e3db792f	32.79%	Heodo
2020-07-21	list-20200721-308608.rtf	doc	276dfa20b9cffd3ac104aeafed599b2f70a9fd0e8d4faf1d86ffd46e8354a416	32.79%	Heodo
2020-07-21	arc 20200721 779080.docm	doc	cd605825d74d60677fec41c84dc39462658ebbd5edd8e29cfe9610a29291b3e9	32.79%	Heodo
2020-07-21	ARC 20200721 392526.rtf	doc	1ac71bc3a613397302fc4eefbe3d81f107740541b6a87e051b452eaa6e74f3b8	n/a
2020-07-21	File-BI036726.docm	doc	1236dd4116a2c4ba4427175d0a3e88c848f70dc6219f6b22f1997ae3ba80ba14	31.67%
2020-07-21	rep.doc	doc	4e34674eaa422795c92ef9cb66994e18a57553e217b4bb4de69c1369608e36e6	31.67%
2020-07-21	Dat 20200721 B75666.rtf	doc	49b857e2068f710d1facd444264c6d8804ecc9e2ba9660953b24bbf213cc66ba	29.03%	Heodo
2020-07-21	file XM597.docm	doc	33e64096db5340fb26c5b5d6f9b1dd89674d3a77a96a25fafcb878d9929fc9da	31.15%	Heodo
2020-07-21	FILE-W83831.rtf	doc	99c6c8f02c2fef792bc8a5a6406b0baa294156cb38b8df191f98cfb5a90547f5	30.51%
2020-07-20	arc 2020_07_21 3793.doc	doc	cce8e5e706869261ede523822b673dd52e48d4351de8600f5ac209a7f0189629	29.03%	Heodo
2020-07-20	file 746730.docm	doc	0d657d365282571dcf58adbb3a758c81fa3df50bc081a60d01f14c5431b9492e	29.03%
2020-07-20	Doc_20200721_QH687.doc	doc	518def77204a86e55289809beda7c491b0f9ab290b10d7b4bae1c670a0f69c8d	29.51%	Heodo
2020-07-20	Doc_6764.rtf	doc	f83e32a15080c0f31451809377046083d52daef3354edecea6db6ccf4158a43a	30.00%	Heodo
2020-07-20	inf 20200721 382.rtf	doc	68f85e639cf07fc84c8204cec1bd82fd8985d854aa17d02c89b58b255b98ed48	29.51%
2020-07-20	FILE_DG110.rtf	doc	a6ca24bb5b1de30cd63ecceac1727ca4102ed289d65fa05c550c4485e6ca372b	29.03%
2020-07-20	Inf_AM165.rtf	doc	c0696d196c346305861f4e358f48f216dcdde4251309abed3547504007cb858c	27.42%
2020-07-20	INF EXS6040.docm	doc	616dde6dc6e22e28f4149e26996578dde114b40f896cee3cb36165d52ff70857	27.42%
2020-07-20	Dat-97445.docm	doc	1269bdbbc40be92cc1f13918a692b34fdfeec466bd7d872863ecc405ff38f77f	27.42%	ZLoader
2020-07-20	mes 2288398.rtf	doc	c6050ddd07c6d8c4aee73c52d0e50d6056ebd5f3e82550d8c771fc4353d489fe	28.81%
2020-07-20	DAT 20200721 LSW2199.rtf	doc	eccf2d10cb44fb11136e2edaf7af5de351637d1479888142221354abf8986760	27.42%
2020-07-20	list-2020_07_21.rtf	doc	ec87e9999c894cdef59c964d06c6de6c7a7134d373b4e754180d90dd5fb23f64	27.87%
2020-07-20	list_2020_07_21_8963187.doc	doc	d28f9dea8c5837be7474d3735799da462ae74c0a0f3e7279a3eb8a50ba6183ee	27.42%
2020-07-20	rep_2020_07_21_55408.docm	doc	d6da6435e94d2fbb2a3847c934bf0b6d41c613337ac951b10fd5851eb98a9bf3	27.87%
2020-07-20	mes-LQP715.docm	doc	f4295c97af0389a32cb42495d1b102a8e8698e5f107c50034cee1d0ef8735a1a	26.98%
2020-07-20	inf 20200721 NMO078230.docm	doc	eb1f1cf5bb142fb70ac9421ceb472dad3f583fcc852ae768c1ae347506cbcc04	27.42%
2020-07-20	ARC 2020_07_20 6809126.rtf	doc	dc9d3da24212096b6029163166558cefcd8b37aae588dd461d9b5c02700700af	27.42%
2020-07-20	REP 4341718.docm	doc	ba9dea8d19d91af5e263e8bb98b6ef25c7f8d994944b6d6a0ecae3fae653199a	27.42%
2020-07-20	inf_20200720_V564104.docm	doc	a1064f658ecf514ba982b19196bb1ea0b7f1e85661c20777b3e93093510db141	n/a	ZLoader
2020-07-20	Arc-20200720-53533.rtf	doc	dc83903be08352444bfd3116d33bda30da619c60371f037e0bd56f82a2a768fb	n/a	Heodo
2020-07-20	REP-2020_07_20-3978211.rtf	doc	eb193bc39825dc7e1397022e2a0a3a3e304be6b65d8128280fa02d2ebd1099c6	27.42%
2020-07-20	REP_MAV65901.rtf	doc	cbe8fa6812edba1a4e2b1fe7c30f6cbf05f21e5935e95ecbdda6d3f5d3b6de9e	n/a
2020-07-20	Inf-2020_07_20.rtf	doc	d15b22e83039303eb5d1e6301196c50e06877bfd99caa5ab3fb87f1d7d91fc0b	n/a	ZLoader
2020-07-20	list 2020_07_20 PJJ41997.doc	doc	c8b4b7e686954bc7ebd4115f98ec29527b1b0d47d1a817adebc3c6b44c26d787	25.81%
2020-07-20	rep-20200720.rtf	doc	0cd73a229418caf24e599b0db39e5ff3ae2903ffb83340c026c0ffa0f7e9f86b	25.81%	Heodo
2020-07-20	file-T655.doc	doc	2ed0a17884d80b91110cc117b3963361ae603c91ce2cd60de6131972d6a047b1	n/a	Heodo
2020-07-20	doc-2020_07_20-47905.docm	doc	0166f61ac625e1b9d1c2fdd21754f660249388b5b9a7bc3b2f573c7aba127e27	26.23%
2020-07-20	list GI58656.rtf	doc	31adf970450cb8a76809bff658f19a6e62c31894dee3957e3374752544f042d3	25.81%	ZLoader
2020-07-20	mes 3174562.docm	doc	a8b114a82f64917ed11c8e081de40eb7121b26ae5e8c8aae05d858ec88c370a1	26.23%	Heodo
2020-07-20	DAT 2020_07_20 55009.docm	doc	04a35f7b397982fbe11de7e8ab4c378f98ce92328cbd34d3c67051cc4e3baa59	25.81%	Heodo