URLhaus Database

You are currently viewing the URLhaus database entry for http://adv-garant.ru/cgi-bin/https://Overview/Ed2cmEiUnnd6Hd/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:452600
URL: http://adv-garant.ru/cgi-bin/https://Overview/Ed2cmEiUnnd6Hd/
URL Status:Offline
Host: adv-garant.ru
Date added:2020-09-03 17:27:04 UTC
Last online:2020-09-04 06:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-03 17:28:02 UTC to support{at}mizapro[dot]com)
Takedown time:12 hours, 50 minutes Good (down since 2020-09-04 06:18:38 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-04inf 1403964.docdoc 03cb9a738ad3ba7f5744d092532b2e578e9ade9b376af945fca5faf115b06c4bVirustotal results 40.68%Heodo
2020-09-04Rep-20200904-D95582.docdoc 0ff1c95a7d850d74903fb10610c4d99e54fd900d51cad0f2deda82e1122f403cVirustotal results 40.00%Heodo
2020-09-04286-2020_09_04-Y15473.docdoc 2fcecf7ef769ae49ecdf3905e7c5e7aad9a7f0ac4279fe518ed0108f25a0ec79Virustotal results 39.34%Heodo
2020-09-0493467Y 2020_09_04 847.docdoc 6bb0dcdffbd9df010a6d7951c4a8ecb8596b694a6b4f59c866f30a012bc325f5Virustotal results 40.00%Heodo
2020-09-04Attachment 20200904.docdoc ac647d90b3039bce667132dc5186534b23351caaf4e883d9bf6330a66d6d84a2Virustotal results 40.68%Heodo
2020-09-04mes_968.docdoc b928a4ea1aae65b1c3ee2634f0d4d3bba7d8f0d7bd647c3befb30ba0f8b6a1abVirustotal results 41.38%Heodo
2020-09-04REP RN35102.docdoc 6c3530951ad2bde0a96b5bda4698fb3638e360f5176d3f6aa4f9ea0570a3f45dVirustotal results 40.00%Heodo
2020-09-04Attachments 2020_09_04.docdoc 9a9c96896e784dc4ac0ff44a3052d2ff2d7cb744fcf3255981f30894e95d6c42Virustotal results 40.00%Heodo
2020-09-04Dat-20200904.docdoc 6333175d3560cf42c1b0b3631cfe1302ce937aa2b85c3ecc3407cfde4c9cf37aVirustotal results 40.00%Heodo
2020-09-04Inf 2020_09_04 IFO315323.docdoc 90d7013803edb798ee2da7fcf3de07420ccd536dd01c96d0c787a80c0923f08dVirustotal results 40.00%Heodo
2020-09-04Arc 20200904 GF97517.docdoc 2f40ae83dd7e6ea630b731213a7f9629565af65eca2bf9990d77114dc2b441e5Virustotal results 40.00%Heodo
2020-09-04Rep 2020_09_04 LXH17664.docdoc cbf75dba4c6b4f8cbcfb647112f9a0a4f8efb293526aea73ffebcd800379e08fVirustotal results 40.00%Heodo
2020-09-04Arc-17664.docdoc 595e8a24f2e5e51e56138296f7c6cd58e709e8f532dbacc38ae66f462e0e071dVirustotal results 40.68%Heodo
2020-09-04arc_20200904_56759.docdoc b0eafc0cd064f11cf1aaea20c1f55afc0770f81b4a59723d453b1ea6f6dd276cn/aHeodo
2020-09-04REP-2020_09_04-156882.docdoc eaab7e71c3da44a79d28d2bef0582eeadb430df7d20febba2eed46323d6dd3eeVirustotal results 40.00%Heodo
2020-09-04inf GB5624.docdoc 87b97c090bc37e5a2a9ff93540bcd5085c42db5b1d0d4db34a0c68ab714044afVirustotal results 40.00%Heodo
2020-09-04MES 8235784.docdoc 6300e903bf3720bb91e4db31ad186d98f0b8307f0abd3b785145f72f0a89edefVirustotal results 40.00%Heodo
2020-09-04REP-20200904-B5041.docdoc ee7586771fa02df0ef18b9f88c3bb45135371e5f7a16f6304b1b500a99a0ca6en/aHeodo
2020-09-04dat 9331.docdoc 0bed9ceb6c02ac01c38804705e397d72379abfba81c416c2deca29e08e32bd54Virustotal results 40.00%Heodo
2020-09-04inf 2020_09_04 3206.docdoc d6da8adc7df4680bdfe56aded8385d20e63b8af6ac83ff2abdccf2910232809bVirustotal results 40.00%Heodo
2020-09-04HZ873 20200904 425907.docdoc 945f9c6c84eff86e098fcb02268e716fb80f5c6fa8a5e64e08175a306d3c0a2bVirustotal results 41.38%Heodo
2020-09-04Attachments.docdoc 39f12f314a1431044af9b7061ac6b7b2d68e29927ba8650ecfd4a5a41337922cVirustotal results 36.67%Heodo
2020-09-03W86529_95362.docdoc 62f2e2f1e282bf930eaf8a31d9904112fa33e4c5bcb2d14f0efc91df5351ae54Virustotal results 35.00%Heodo
2020-09-03GA542_20200904_3204.docdoc 5b1c5637bea570eeef52ff79044a41de92de4e33ddffcde3b3611bee6fc8e5b1n/aHeodo
2020-09-03mes_2020_09_04_G785.docdoc 9e3d362ff8dc1daec89813f11f73bac91ac2ee3f97f803fd413522874432ebb4Virustotal results 32.79%Heodo
2020-09-03Rep-20200904-9445320.docdoc 198716bbb4d8d22a81603b2d905312ceae4b0f8df0a17ccda349c44ae024011bVirustotal results 33.33%Heodo
2020-09-03Attachment 20200904 BM827067.docdoc bf1b9f0a76233f9cc5983b3b48fad1f4edff9c94e363dbab7f91cb8050ab315fVirustotal results 31.67%Heodo
2020-09-03doc_2020_09_04_977.docdoc 2f9910b3fffce2373726bb19cee907def1ad66df1c9210d955647c7a638ef9edVirustotal results 30.00%Heodo
2020-09-03Rep_VOC9648.docdoc eb96e6409fa3b1e2510201d45d3a629be387c1d50ca84645b13d0614702d7c62Virustotal results 30.51%Heodo
2020-09-03INF_2020_09_04_ZPS741.docdoc c9915f741ce8d4cf9ca8c30d7711a0152562b3b68514486b5b49442ea9fc3b06Virustotal results 29.51%Heodo
2020-09-03File 2020_09_04 QFH20219.docdoc 657e6e8ae1d0a5dd81e22e4c5966596510d091f0621e520d9f85c46ddad6f3b2n/aHeodo
2020-09-03Rep-20200904-247.docdoc eff6ba195fc7d083d41cc3c5d0bf90588ba4de22599bc9adeb053e04f0f4d55cVirustotal results 30.51%Heodo
2020-09-03File-2020_09_04-B7790.docdoc 4f5a405c856619a4ed5e618fd60249ffb0ec9437f94ba328f235c14375271a7bVirustotal results 29.31%Heodo
2020-09-03ARC_2020_09_04_J216.docdoc 4eb0ea9ea11d15ca77a809f48e8303d336ce6d204ddc6712cc67164a580a9de5Virustotal results 28.81%Heodo
2020-09-03Attachment 20200904 893.docdoc 168b5da0b0b11a0bfb519c5efdce6d03fa2c2e576a7e7cdeffda1c09641f7556n/aHeodo
2020-09-03dat 20200903 8231.docdoc 473941d39d5c25ffe3ce4b7d3da0b2e3203fc8fd7123c8392d025ea706d45d32Virustotal results 28.33%Heodo
2020-09-03REP_20200903_544878.docdoc 2bb99d9824b62fad58399309008db0c35224a435f3128a9f1104bae218fff192n/aHeodo
2020-09-03FILE-MK0259.docdoc e727d2e04c5bc6f27e4a73ce18b8074fc192758dc0abaed60480c0f1dcbbaa0bVirustotal results 28.33%Heodo
2020-09-03rep-PDP770.docdoc 40ec353665d839a0fcec8f7a4d4ecd3b413df4f2f60186bf1adc7101a408a6e9n/a Heodo
2020-09-03FILE-2020_09_03-AK403.docdoc 83a608a684d531170d1d962a923ec80ff882ad17ac5a24ce4477d634e575c74eVirustotal results 27.12%Heodo
2020-09-0349296 2020_09_03 1687.docdoc 11a48462bad54a423a4107a55186e4d10c0ec205bd1ca12673171f08fdfba500Virustotal results 23.33%Heodo
2020-09-03Doc 2020_09_03 025926.docdoc dfb1031ce56f9f39a32ed410629d9f46e753b4e0671d121c063d52a7a23785f8Virustotal results 22.03%Heodo
2020-09-03ARC-20200903-J264.docdoc af81984de14d081c2a5d015a4266dd625fd7eb4153810cb71c2ba3e9dbf382ddVirustotal results 23.73%Heodo
2020-09-03doc-2020_09_03-428348.docdoc 63930b14af729c7269381e50fe9d2aa5c1e270c629023c4a39564d39ef0d42f0Virustotal results 23.33%Heodo
2020-09-034762973_2020_09_03_34999.docdoc b9f390e14ff3a741d40f78b33a9e82622638b6a50caa19f042764a40ffea8236Virustotal results 21.67%Heodo
2020-09-03Doc-20200903-535.docdoc b66793cda5150365d467a564f89991b5d8c1942368050aeefee9db6fe5c8a107Virustotal results 24.59%Heodo
2020-09-03013TP_20200903_1172.docdoc 039593442d9e6207131ebcf1a580c3e5bec865876db4457c1f8caa6947159cbdVirustotal results 25.00%Heodo
2020-09-03doc 20200903 7742.docdoc 4a3bedb4532a6a86ab7b29012a3adedfe19e06aeb7e032dc0514039f3622b6acVirustotal results 25.42%Heodo
2020-09-03Mes_20200903_GH489909.docdoc c443164c089fb4765ca30a77309a379fa8ee043af4e723dfc4ffc6d977656613Virustotal results 25.86%Heodo