URLhaus Database

You are currently viewing the URLhaus database entry for http://adv-garant.ru/cgi-bin/https:/Overview/Ed2cmEiUnnd6Hd/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	452809
URL:	http://adv-garant.ru/cgi-bin/https:/Overview/Ed2cmEiUnnd6Hd/
URL Status:	Offline
Host:	adv-garant.ru
Date added:	2020-09-03 21:41:07 UTC
Last online:	2020-09-04 06:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-03 21:42:15 UTC to support{at}mizapro[dot]com)
Takedown time:	8 hours, 30 minutes (down since 2020-09-04 06:13:00 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-04	dat_20200904_581049.doc	doc	03cb9a738ad3ba7f5744d092532b2e578e9ade9b376af945fca5faf115b06c4b	n/a	Heodo
2020-09-04	Untitled-20200904-014399.doc	doc	a7f7db7e743de3993fe73005b54d739c61d8b922446cf434ecedcca82c63e922	40.00%	Heodo
2020-09-04	ARC-3556.doc	doc	05558fbc6250f15d45880b5ebfb3798d415fad3e982b503fd6b61e658d902aae	40.68%	Heodo
2020-09-04	mes_968.doc	doc	b928a4ea1aae65b1c3ee2634f0d4d3bba7d8f0d7bd647c3befb30ba0f8b6a1ab	40.68%	Heodo
2020-09-04	REP RN35102.doc	doc	6c3530951ad2bde0a96b5bda4698fb3638e360f5176d3f6aa4f9ea0570a3f45d	40.00%	Heodo
2020-09-04	363_20200904_7303603.doc	doc	f1d06faa66ff49136e73546caaa462dec1fc01c209288126d019c0c688f6f5d9	40.68%	Heodo
2020-09-04	dat-20200904-YQ560.doc	doc	886d63b614006458acc2c30f3864476e896c318a90248243fabf63f0e992f712	n/a	Heodo
2020-09-04	Dat-20200904.doc	doc	6333175d3560cf42c1b0b3631cfe1302ce937aa2b85c3ecc3407cfde4c9cf37a	40.00%	Heodo
2020-09-04	Inf 2020_09_04 IFO315323.doc	doc	90d7013803edb798ee2da7fcf3de07420ccd536dd01c96d0c787a80c0923f08d	40.00%	Heodo
2020-09-04	Untitled-2020_09_04-2378.doc	doc	113f271d566b508aed976158e057211703fe30c314960665466fe58d9e08e50b	40.00%	Heodo
2020-09-04	Rep 2020_09_04 LXH17664.doc	doc	cbf75dba4c6b4f8cbcfb647112f9a0a4f8efb293526aea73ffebcd800379e08f	40.00%	Heodo
2020-09-04	Arc-17664.doc	doc	595e8a24f2e5e51e56138296f7c6cd58e709e8f532dbacc38ae66f462e0e071d	40.68%	Heodo
2020-09-04	Attachment 20200904 I297291.doc	doc	f9cb536060fce2bb170aa95f67947db48d9b7e43e2095dad2337eda509017040	40.00%	Heodo
2020-09-04	LIST 2020_09_04 VI207979.doc	doc	9cf29b7fcce905e807fd1e4493af36f7f0e8618912601f1a85cf52af6d38d6b8	40.00%	Heodo
2020-09-04	REP-2020_09_04-156882.doc	doc	eaab7e71c3da44a79d28d2bef0582eeadb430df7d20febba2eed46323d6dd3ee	40.00%	Heodo
2020-09-04	MES 8235784.doc	doc	6300e903bf3720bb91e4db31ad186d98f0b8307f0abd3b785145f72f0a89edef	40.00%	Heodo
2020-09-04	REP-20200904-B5041.doc	doc	ee7586771fa02df0ef18b9f88c3bb45135371e5f7a16f6304b1b500a99a0ca6e	40.98%	Heodo
2020-09-04	dat 9331.doc	doc	0bed9ceb6c02ac01c38804705e397d72379abfba81c416c2deca29e08e32bd54	40.00%	Heodo
2020-09-04	arc_20200904_825053.doc	doc	69e91274a22bb98b54013be9509ad757c17fd9ab44d80c5a8585ec639ea6f04b	40.68%	Heodo
2020-09-04	inf 2020_09_04 3206.doc	doc	d6da8adc7df4680bdfe56aded8385d20e63b8af6ac83ff2abdccf2910232809b	40.00%	Heodo
2020-09-04	HZ873 20200904 425907.doc	doc	945f9c6c84eff86e098fcb02268e716fb80f5c6fa8a5e64e08175a306d3c0a2b	40.68%	Heodo
2020-09-04	Attachments.doc	doc	39f12f314a1431044af9b7061ac6b7b2d68e29927ba8650ecfd4a5a41337922c	36.67%	Heodo
2020-09-03	File_8087.doc	doc	5b1c5637bea570eeef52ff79044a41de92de4e33ddffcde3b3611bee6fc8e5b1	36.67%	Heodo
2020-09-03	U991-KG07952.doc	doc	d313ce8483aa86f33b4fb8f8eaf32cc9162fea1ecd980baf5fb9ae5ba1e2024c	33.33%	Heodo
2020-09-03	doc_20200904.doc	doc	9e3d362ff8dc1daec89813f11f73bac91ac2ee3f97f803fd413522874432ebb4	32.79%	Heodo
2020-09-03	Attachment 20200904 BM827067.doc	doc	bf1b9f0a76233f9cc5983b3b48fad1f4edff9c94e363dbab7f91cb8050ab315f	n/a	Heodo
2020-09-03	MES 20200904 BWQ014241.doc	doc	10d9f95cbaae87c8e1ee5a2d4ed21022d9a419859eb29f5cb055497a345006a1	30.00%	Heodo
2020-09-03	inf 553.doc	doc	eb96e6409fa3b1e2510201d45d3a629be387c1d50ca84645b13d0614702d7c62	29.82%	Heodo
2020-09-03	rep-O0061.doc	doc	184ba331ed727480fd65743bfe0cf1489eca3b4d49b68a31b970ee96288c9484	30.00%	Heodo
2020-09-03	File 2020_09_04 QFH20219.doc	doc	657e6e8ae1d0a5dd81e22e4c5966596510d091f0621e520d9f85c46ddad6f3b2	30.51%	Heodo
2020-09-03	Rep-20200904-247.doc	doc	eff6ba195fc7d083d41cc3c5d0bf90588ba4de22599bc9adeb053e04f0f4d55c	30.51%	Heodo