URLhaus Database

You are currently viewing the URLhaus database entry for https://vanatun.am/wp-admin/multifunctional-sector/verifiable-cloud/5IB85DB-xi1hLbp8hy/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	418083
URL:	https://vanatun.am/wp-admin/multifunctional-sector/verifiable-cloud/5IB85DB-xi1hLbp8hy/
URL Status:	Offline
Host:	vanatun.am
Date added:	2020-07-22 22:20:11 UTC
Last online:	2020-07-23 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-22 22:22:03 UTC to abuse{at}hetzner[dot]de)
Takedown time:	12 hours, 9 minutes (down since 2020-07-23 10:31:23 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-23	MES 20200723 Q8291.docm	doc	654e6bd6920ccd6177242d7e58e504e354a9e5fc0be08816ce3afaa64b0dee93	44.26%	Heodo
2020-07-23	file.docm	doc	885dc147be1221ecee44115a61f7df1e11df4c2bfd930c5dc7e3c8ae1910d1d9	n/a	Heodo
2020-07-23	REP-964323.rtf	doc	c16f62ec18e9ca91236dfbab6da3e98fc15a8574e3c66dcb4c652ba820bac07f	45.00%	Heodo
2020-07-23	list-157466.doc	doc	ac7930487897476241e49fbc630ae0da49daa5efde7a3b8f017ec4e1a6d97133	45.00%	Heodo
2020-07-23	FILE-44910.rtf	doc	907cdbd0036f8c72ef0830f26aee15b16f5498fe3fb88c9ac852fecebcfd2771	44.26%	Heodo
2020-07-23	Arc 20200723 R939476.docm	doc	1b96d3881a05f141dca8c4cc847ff24cf5e03d3e37e67333351cf7cf4bb9e32a	44.26%	Heodo
2020-07-23	Doc-2020_07_23-99946.rtf	doc	4e765584956c4f9fe770cd92e1d32522023508d48ba53b6ce7ace6c04d4e8d83	43.33%	Heodo
2020-07-23	Arc_20200723_936880.doc	doc	cec6250fbf5fb227dd2bdf92b7031f41fa3d65fe1f1d5a441229c14913884ea0	43.33%	Heodo
2020-07-23	Arc.docm	doc	3871eed6206b0a99254d0c9687c02a628857c89231e009285a476dacff80d98d	43.33%
2020-07-23	REP_2020_07_23_ZE631980.docm	doc	769b01f8c9dd10732e0a5d287a38b2946260496bcb17be7319e7070e4f3a62b0	n/a	Heodo
2020-07-23	inf-20200723.docm	doc	3f733796d3615608e933be5a6880061ec7fc506529e9ca3ad7c555fe460fb388	42.62%
2020-07-23	inf-20200723.docm	doc	3f733796d3615608e933be5a6880061ec7fc506529e9ca3ad7c555fe460fb388	42.62%
2020-07-23	REP_2020_07_23_R7776.doc	doc	9a3ea141f8d72bc76545f030fe43d91476ce753bd525ed872269184599692c81	n/a	Heodo
2020-07-23	mes.doc	doc	49700dd4aae08be36bff9524c53990a3f170568a9e5e56b7148ef982d9f3bcb2	n/a
2020-07-23	REP 20200723 4806.doc	doc	f07f1ea8f243baad0226c6de69f32eabbcbad57b7a06b840428ef9298b24be1d	42.62%
2020-07-23	file_EJO43719.doc	doc	275106731a63f606b2872a59c94e63ab81c43795ae62521e8c3083d113060c01	43.33%
2020-07-23	Rep 20200723.doc	doc	509d990ab47a4077391cc0faec3f6f01b735af8594472d843b42fd58538d40fb	44.07%
2020-07-23	Dat-20200723-MEF640.rtf	doc	f90d92c5c4d8e67b7332df917d99caa81a46a3fde2e3686f43af146265bdd6b2	43.33%
2020-07-23	Mes-20200723-JWY01562.docm	doc	3479ceef59526d78569e37da10322c1230cbd27228b79fc3d57bcac836896f94	43.40%
2020-07-23	Rep.doc	doc	c0b8c4425942c9d1049245fa6d1da47652f468104c851849f60728eeda4f1c1d	42.37%
2020-07-23	MES 2020_07_23.docm	doc	1dfea81b5777c0554c227f6e584810d2cfe5a178e38133583c6e936f8405c36a	42.62%
2020-07-23	arc_2020_07_23_I85111.doc	doc	8d52990eb4b83e90b44ee30643fd95f19f9388ee75c00be6df5599390ad4e60c	43.33%
2020-07-23	ARC-20200723-9940.docm	doc	9d0012fea01df26cfc4c35de504723054fe05b21727960ff8dfa77dcb27bdc3a	43.33%
2020-07-23	MES-20200723-581.rtf	doc	1fd1cac3c782288baeb2c1b23dce8e5bbddd7d5b8ee10ee798017eddee05db3b	40.98%
2020-07-23	MES-2020_07_23-960.doc	doc	4ece67785ff57d602ca2e5c69538ef2b7118da45f20bad760bb950556ede54b6	40.98%
2020-07-23	arc_2020_07_23_FT735000.doc	doc	04f164be53df8877786862bdc212d2138e66e3d3eec4669585165b8957de5897	41.67%
2020-07-23	Mes_2020_07_23_125856.doc	doc	d3bc562e210e2b40b5ade3646ab15c5c13d1b65395b325a8a905faf73a3bf6fa	n/a
2020-07-23	rep_964.doc	doc	db63760903d7321d485e5e4de4871219bcf280aa8d10a5b45adcba8968650ab0	n/a
2020-07-23	File_Q785.doc	doc	57dfd33d9f1ac2d1ac1e989fc1f64affb20aafc1530591370203e9bd13be3e82	40.32%
2020-07-23	Doc Z78808.docm	doc	6042f1b7f7bc35380db47233f01f51564c5f1dd87e38e1c7f0af9605d557ccaf	40.32%
2020-07-23	Dat-E1721.doc	doc	33c154cefec10fc509dc5502bf3632658935229cf47994b249d2c528c0c5bbca	40.98%
2020-07-23	Rep 20200723 UO6930.rtf	doc	e881a58826ad79a56fff01bc459089e0e02bcaa8071bbf4737279a153c4c60ea	42.37%
2020-07-23	list-2020_07_23-MA873.doc	doc	12c4f7a51f3a0e32a279891ac5335593fefca0f48434247ce0054a568d7afe7b	n/a
2020-07-23	list_2020_07_23_JG321788.rtf	doc	57c701ff4952c9b4178af5689028a04b38a2db1ff57b28ad534d1b1d804ee028	40.00%
2020-07-23	mes-V409.rtf	doc	5d72371a45cf75d1eff6513b68a6b70f35b1723e1ddfdbbf6ff59c62c9770068	40.32%
2020-07-23	LIST 2020_07_23.doc	doc	72d01c86f0d425a4f2bb8b4bf5e4321c7f49cc1283bcbc074d66c366f6ffa324	40.00%
2020-07-23	Arc-2020_07_23-TNM918.doc	doc	79b3b0ed83202e34b8f1e3030face4fc7df332281b16802674bc0cd0dd27bf5a	39.34%
2020-07-22	FILE 2020_07_23 E820.rtf	doc	6b9a8492195e594bfae51fd48f35fd2ed3c614a1078a518769f44f72a234f37b	39.34%
2020-07-22	List_20200723_131683.docm	doc	e9ec8dcf35e5618cf483a8622e4660b2ad226abbe8e88df98e25db180a1f8aee	38.71%
2020-07-22	file_Y22129.docm	doc	85c9b8464b14bbfbc90c01fe540a9ba134191dd42668aebfb5c09e35b1887dc0	39.34%
2020-07-22	mes_M385226.doc	doc	8aa7ea8c9d1c9de29d54f88600c9ffc99c05fafa3017b298e03b7cbc73ddf5e7	40.98%
2020-07-22	ARC 4375.rtf	doc	abecaece2a01d6e8d9a77368929fb4d818a0b836c5fd5b075a251b7833e72116	39.34%	Heodo
2020-07-22	Dat_20200723.rtf	doc	093cc1977c0adf342635037335e8d76802041ca0b406c065ee63bb3c4b0d30aa	37.70%	Heodo
2020-07-22	doc 2020_07_23 HZV9544.docm	doc	be720b7a706eae0e4fb267e2ed1709351ae68658728bc8e55a774921eb79a81c	38.71%
2020-07-22	arc_20200723_F942594.rtf	doc	06ea16c8f47256c5551752bd00c34d5cb30e9b5ea7daa3434e35ca178ca75c2b	37.70%