URLhaus Database

You are currently viewing the URLhaus database entry for http://ananastour.com.ua/wp-content/FILE/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:434561
URL: http://ananastour.com.ua/wp-content/FILE/
URL Status:Offline
Host: ananastour.com.ua
Date added:2020-08-17 11:41:06 UTC
Last online:2020-08-26 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-08-17 11:42:02 UTC to network{at}abuse[dot]team)
Takedown time:8 days, 20 hours, 31 minutes Bad (down since 2020-08-26 08:13:18 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-19INV_PO_08192020EX.docdoc bb8612a686ae9c12046192e2792a6ee1841b6c6ec871d1112fef955888458a34Virustotal results 18.64%Heodo
2020-08-19REP_899473415967302549923250.docdoc 962a26c8b14fff33e17a53528c31a36242e3a8c223900a6feeb4cef134039a0eVirustotal results 47.46%Heodo
2020-08-19BAL_GC2246872147WE.docdoc 6b59c1ac41886b7b520cb46b401444b04190a20523acdfa15e3c77701c51660dVirustotal results 48.28%Heodo
2020-08-1999846010.docdoc 64a3e365b04da23fe6353138e4634c2b4ea09a7a0723786bc08bd0b6f9c57c4eVirustotal results 46.67%Heodo
2020-08-19N_PO_08192020EX.docdoc 882600fee7e0ea4b30699f07b2c5237c9cb80b2ed0bdd471d055f7b450565272Virustotal results 46.67%Heodo
2020-08-19BAL_JV5838806969GE.docdoc 921d56e761468b549fa46c41ff67ac358ff606a0b979d11556e10eac06f0ce41Virustotal results 45.76%Heodo
2020-08-18DOC_KUS_080120_JFW_081920.docdoc 6132d38c562ce3fd2f815bb85f961fe7be3153f058d6b86f366c69a51f65bbf8Virustotal results 42.37%Heodo
2020-08-181YC7HBR2A8Y4L.docdoc 6da50cf09dccd404a87f6b692d5b3afecc03f6fdf1fa9e127257d26a137a92d2Virustotal results 38.98%Heodo
2020-08-18UDGR_CCS_080120_ZPG_081820.docdoc 462b55199b1901a5d737132fa6f604c4b6e8d201ca57b5971ce95294fb74a056Virustotal results 40.00%Heodo
2020-08-1889332228414.docdoc 87becefe3e3cd497258a1bfe5a143aa5f119ddb98b934070d60c747f85529fa6Virustotal results 40.68%Heodo
2020-08-18BAL_SG9494979172HQ.docdoc cab6349ac0df4084c7ff95a5e68f961048537236c2602cd3aff11482fb0d0af0Virustotal results 40.00%Heodo
2020-08-18BAL_XQ6227165685WE.docdoc 58f54242a517952baf0ab77f9eba354e7f6299fc66a0a2ef3eddfbc9def3870aVirustotal results 40.00%Heodo
2020-08-18XTV_080120_CLT_081820.docdoc 455f2ce2d5b18bbce7c1ff8a8eec0e143f98fe0c1e0a4d289aee56f5f8e33e4bn/aHeodo
2020-08-18FILE_PO_08182020EX.docdoc 74226a70313533ca0e2db01942f0aac396ee7490eb12db52c07ceeecc4b3e451Virustotal results 40.98%Heodo
2020-08-18KW0689397462FV.docdoc b41ec1e2a346142f6a70bfdfacab07de1e84348cc1287cb09b59e439fff526c5Virustotal results 40.68%Heodo
2020-08-18PO_08182020EX.docdoc 92ead9beb0f0ee749c6a38ee8d501842904e734a8447da279aac49c26972e1f8Virustotal results 37.29%Heodo
2020-08-18IRHI_11052518.docdoc bdd85267f67804c6f1c42527e35af1227c53f8b6d23a756609e9220b2d2b49b3Virustotal results 35.00%Heodo
2020-08-18REP_15436637.docdoc 9accb8d6a50b316eefc42786492d88544d8c6cdff9ae250fe9683b6ef89ce93aVirustotal results 29.51%Heodo
2020-08-18L_IOM_080120_HFI_081820.docdoc f769750910439a4e1091fe3e718a7cf0b9e2fc7441d1ea7fa6bb6c9340367283Virustotal results 28.33%Heodo
2020-08-18KA3430756562FS.docdoc afbaf532b23649c54f6d7d8b15601ea4c65e0a43ed75ff099bcb8480b2cf0651Virustotal results 20.34%Heodo
2020-08-18REP_LRS_080120_CIQ_081820.docdoc 679270b48ad04036553294cf790dfbe503d0d2ebe2d5fe3bf9a534f306203e3aVirustotal results 22.03%Heodo
2020-08-18Z_529057027428977334.docdoc 40adc356165aeb925dcc32c72e98d5d0a548f3f5ca83cd3f932792c081bcc106Virustotal results 23.08%Heodo
2020-08-18S_CKUFMLD2R.docdoc 5a02e9e8ec9cf79027a2471af5a5c50b588f345abe83cd33bdaaa8464b92d7faVirustotal results 21.67%Heodo
2020-08-18RPCZ9J5.docdoc 7c86327f0deeab1d9dd791f64c58e46fa7efdc401dbabe6013a80fa09fab74a8Virustotal results 21.67%Heodo
2020-08-18YRUM_BID_080120_NZF_081820.docdoc 044aa7e93ec81b297b53aaebad9bbac1a9d754219b001aaf5d4261665af30bc7n/aHeodo
2020-08-18DOC_XJ6824763952YE.docdoc c0e32bb3934d16ab19f764e6471ad6f135e2bee38ef98451fe976f56613e0bebn/aHeodo
2020-08-18DOC_LG7DB6AMV.docdoc d021a79aebe130ed1440dfc99908def9a8947d245ad9f8c9dec7a339adc06135Virustotal results 22.95%Heodo
2020-08-18X_OK0370791311CH.docdoc 69acede24787c4d9c45a9a66aafa7cc25935e5e6d777ea8dc3ca59af4512dda2Virustotal results 21.67%Heodo
2020-08-18BBQT_40636177.docdoc aa738cf80b7b1956f2ac70f42845e0f58487dbf9fc1aa028eb3aa4f8f8c1188cVirustotal results 21.67%Heodo
2020-08-18XS3716585215DT.docdoc ab6c9909e16fdf41b17881417d7ae3e0caa1a66bff25a443a4e5ce8b338ddb0dn/aHeodo
2020-08-18DOC_PO_08182020EX.docdoc 7976a8188a5d793cdbb85eae76d2bf5dcd550789634815969fd953edefd06been/aHeodo
2020-08-18IKZ_080120_JKP_081820.docdoc 8265ec213eaa6d222c57d0befde6281f1e53f7cbbc3e23df4b0b151921316accVirustotal results 45.00%Heodo
2020-08-18PO_08182020EX.docdoc 8e753065e300156e56580de3e895fe3aa55d7ec678c49eb160e2ca68534519c0n/aHeodo
2020-08-18ZUET_PO_08182020EX.docdoc 7f1c65238bdfc720f45f489cc20e78173bcc8d8bacad5a4299fcb08f010a0a14Virustotal results 48.28%Heodo
2020-08-18INV_43521142640.docdoc a821076f4e8ae03d113a981ac01066b1025195206bace6b13c4a12e00b868bdfVirustotal results 45.00%Heodo
2020-08-18ZK_PO_08182020EX.docdoc 01003564db8e02cdc33e4d259b217f180b85cc278ef24e8f8077a6071c0899d6n/aHeodo
2020-08-18BAL_TWV_080120_WKR_081820.docdoc 5cd230c2b9aba6fe87d1b68c517682690a758f5fa5864a6424b548f7417c39d5Virustotal results 45.76%Heodo
2020-08-18INV_G7R8G6KMXA61HD5.docdoc b1021100edd56e9a41eb6661376e44e4066fe511be9fcf5a71538156713fd91fn/aHeodo
2020-08-18REP_92929506.docdoc 2b221062e6443009fcdbcc513a4f981e019e92626e88fd9a6f1c849a74b1169an/aHeodo
2020-08-18I_68457843.docdoc b4391434a4bd48c6f939fb55a7ed439917514aa935d56b3bf82123bcf44d1d54n/aHeodo
2020-08-18BAL_42922395.docdoc e2f0cb86eadbea45515eddee89bc46912333b4bf97129ee3cb33951aae3c3fc4n/aHeodo
2020-08-18REP_GUX_080120_TOI_081820.docdoc eb46b89d7e58183df45838e5a44989e33a129063e6b410d5e1a0fb8eb9e5cfban/a
2020-08-18DOC_PZV_080120_YGN_081820.docdoc abf4df098427eb89d2af50d31227c22b4230010dc3a41cd0728083d6c60c63e4Virustotal results 41.67%Heodo
2020-08-18F_6YHBFTTC43XIS.docdoc aecb14f5fd610dae65d94c788e6451f3f073561c8c00b0b62b4cf9d710c570edn/a
2020-08-18INV_999968021434237227824.docdoc c5a5417ac06397f164bc4984deb3c87c1d4290465e649f541f74aa3e19854fcbn/a
2020-08-18DOC_ZVI1VJK0SF9E.docdoc d455be8bab47cee43ba5e71e1ecb482cddbc0c320d39874a081d23d5d27d7fa8Virustotal results 42.62%Heodo
2020-08-18DOC_JZR43NDL0ZRJCBZ1.docdoc eec53e193ef4301a8a7e0c901b5525cc447136daa569cb0a4e589d75bed15be9n/a
2020-08-181054120780601962.docdoc 27c375a8f3878f06b0f95f14705dbf8400f42c0208bdbffc432c9fe9be231b7an/aHeodo
2020-08-18REP_52945296.docdoc 4b2c463c130aa9358e9853fd7af4e476c3f9721168623f6befc47050979d936eVirustotal results 42.37%Heodo
2020-08-18ENTE_476RZUJ2TNV.docdoc 5b6530e4d580725b37bd1d03eeb44c472d0529b1422b830bebdc62bf8b6d0c83n/aHeodo
2020-08-18BAL_PO_08182020EX.docdoc 5c8b923944c5816b259806159d34a3d379b2c8f347ef3b69cbc5b18f60637d93Virustotal results 41.67%Heodo
2020-08-18BAL_PO_08182020EX.docdoc a9f2dfb969ec4a5c09edfdcf49a041eed112c8ef64c36610131b1ef17118292an/aHeodo
2020-08-17REP_PO_08182020EX.docdoc dff1df7c560a8a24caa14cf006d941b7c3d80648923fc99f691cf668706dd683n/a Heodo
2020-08-17VLZ_080120_MHJ_081820.docdoc c0bd051153ba3fc559191e1a744dafb51332259e42fe8e436dade8cc96fae9een/aHeodo
2020-08-17N_AN1653977893RE.docdoc 6cfd3bc71ff38c615ec9c2b54e9f7b2a878e5b34918ef26526b8d2695f04ba6eVirustotal results 42.62%Heodo
2020-08-17KQD_080120_OPI_081820.docdoc d4917c2e36254107abd6f1f06201f1cedf4bc6fdf73e569b6ae7827bdf677925Virustotal results 42.37% Heodo
2020-08-17DOC_YIU_080120_KLV_081820.docdoc b9b63541ecaaa34dcbec65dc87f19610faa26ac3f9b45a749f686bededa3b54eVirustotal results 40.00%Heodo
2020-08-17SG6494360033HN.docdoc 18b1585abb668182213b56998ae5ed30758e1649c11469b52af43723c5b0704eVirustotal results 40.00% Heodo
2020-08-17DOC_EC6509815952XY.docdoc b46dc61d653d60ad6c496660e2145b3fd27354a3c6e1ff594d17394f2cd887f2Virustotal results 40.98% Heodo
2020-08-17DOC_WS4UR3LS0PXK.docdoc 974cee607e26fc226dc6835c3823f25a77541be94a01be3d3ffdb69afaabcdf4Virustotal results 37.29%Heodo
2020-08-17FILE_48207149.docdoc 2f70dfac38cad01f35e35b9af87dce14dff3cea72cbab5c9650ecb608cafa766Virustotal results 37.29% Heodo
2020-08-17PO_08172020EX.docdoc bb8b51bb8f2d33030c1f963dd95654077beff6ce188a27f1fbf8d0fc792d03a9n/a Heodo
2020-08-17ARLD_47757555.docdoc 9659bb43672c6bbb2908a60a397ec276690d9c49f02d4bab375bd933a2cab5d3n/aHeodo
2020-08-17II6132695259QM.docdoc ed272e78da90606a1672041b7dd8e538554ce2432cb083701918ffadb2492f42n/aHeodo
2020-08-17REP_81929655.docdoc 45c12bfb8fe3999e238da081df10be3d1eb7d03190fdd0921affae9bc945729an/aHeodo
2020-08-17WG_09182454.docdoc 8c5b8907514829cd3c77fd2dc48359d7a74533ae80fc0451d6ac51a998894584n/aHeodo
2020-08-17R_ZAEB12E6X.docdoc 1cd70b85d84995c98f97e756a60de5967745ffb88d33877402208761aab5ea86n/aHeodo
2020-08-17INV_83137881.docdoc 98b1f2eff24595a16d48e214e8f412c7e6dca8a44e20f4bc3aee00441439eab8n/aHeodo
2020-08-17DOC_18114592294941.docdoc 367d2ef7ea1441dcde2fc0753659e679ada7edfbc17a2a0501123ba0d39ee926Virustotal results 28.33%Heodo
2020-08-17B_96870237.docdoc 3caba7efd725be382a8a8eac13727a40e06874f65eb610f89e0b36dcc38ad34eVirustotal results 28.33%Heodo
2020-08-17PO_08172020EX.docdoc 61ade7afc3021dfde983fdab31597cc2934ccda2012fe9ef49c985f5a52aa89dVirustotal results 28.81%Heodo
2020-08-17INV_ZNS_080120_SOW_081720.docdoc ea5c34f5476af3a195a69280a548a233ef0657ade8908a1df661ee3c9abbb802n/aHeodo
2020-08-17FILE_EY3YAWURVP.docdoc 40b916c60bebfac16dffbad45e27b3c26421a1920c779a4415a02705df4e740cn/aHeodo
2020-08-17NPXLVQ91L5.docdoc fb97c4ab0046a60d20e5ae58c4fc426053c1c168d24495e1463765c194272238n/aHeodo
2020-08-17DOC_JHM_080120_VOH_081720.docdoc 095bb889a019ecf676de31a52ae472b04486e8ce2dcc1db0f9698dd27d4fb8fdVirustotal results 24.59%Heodo
2020-08-17670404399375.docdoc 6d8658726b4fb0e9ef7e2c4da945df3eb19d81048f5b0d4445be37f1e6cc8ad2n/aHeodo
2020-08-17REP_64798308770927.docdoc be85dc6e1ccbe1a1c0f6d504a7893e15d4139c39f4754e8c90a503ae4dfeeea5Virustotal results 27.87%Heodo
2020-08-17UBUI9O9IN4Y91FIM.docdoc 060c6fd92c84f52d8d4519be377e1ae53efd464bb9ddc6558bc8c0049bf89d67n/aHeodo
2020-08-17UME_080120_LCZ_081720.docdoc 29d60bc7e4e20f26c55afa5ee7d6139f9cab9cece5c0eb2ee3676777343403b2n/aHeodo
2020-08-17REP_PO_08172020EX.docdoc f160b7196b2ae74264c75c03364a119a8e59a322a5e56592bb5037130a236252Virustotal results 23.33%Heodo
2020-08-17DOC_PD1P5XPDVIJHF0LN.docdoc 84ccb7dd64a2a08a9be41050698b514edd4b7b2360f42a6342f4960977bccdc5n/aHeodo
2020-08-17PO_08172020EX.docdoc b7294a864de05ae57bbfb41d555203d9e0e7073587f2a8c7a062bfb5644bc2e7n/aHeodo
2020-08-17UPR_EUQ_080120_SVR_081720.docdoc 9929898e10dcd99ea93c2f09a547e6a8e63e9c0ac53f0e066e799b0acd1bde65n/aHeodo
2020-08-17INV_0U4WMDP7.docdoc 85063dea74121863a9ec22bae6b095765373c4f3bb6fb8fdc7d4c7a97aae6344Virustotal results 21.67%Heodo
2020-08-17O_FIIV7MQRNR.docdoc 5703c758f1686aafaa3e8b0dc664b5956216319aa48e2188e759ffdcbf68aa02n/aHeodo
2020-08-17W_3I2968D.docdoc da9dc42c7c6633c150e79f8c1cdbad078bd29454742d4b23a921cf5e30442a09Virustotal results 22.03%Heodo
2020-08-17BAL_AM0584543055QV.docdoc 93400c3e807aa9fa5ce6c7251d89c4332bccd266c69e0638349625a868bc1ed4Virustotal results 21.67%Heodo