URLhaus Database

You are currently viewing the URLhaus database entry for https://andam88.com/izvej/https://sites/pqmwpiF2Xu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	499308
URL:	https://andam88.com/izvej/https://sites/pqmwpiF2Xu/
URL Status:	Offline
Host:	andam88.com
Date added:	2020-09-14 16:34:16 UTC
Last online:	2020-09-15 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-09-14 16:36:40 UTC to abuse{at}choopa[dot]com)
Takedown time:	22 hours, 40 minutes (down since 2020-09-15 15:17:16 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-15	DAT 2020_09_15 B382504.doc	doc	2a4cc83ad99ad88c6b5fa1765caa6fa73556a95b7804bce90a30eb324da08b9f	25.42%	Heodo
2020-09-15	Inf 20200915.doc	doc	c047f9d1998c9fa46c601dda1322b6040cf7ec915e10c0009e787e1eba465867	26.67%	Heodo
2020-09-15	DAT-2020_09_15-7096.doc	doc	41a83d4f450961c0ff076f3368c122da8d1d5d59d51722c8988b223029a47587	25.42%	Heodo
2020-09-15	doc 20200915 EHR292789.doc	doc	92004fdfd845395f59b03e025722db7fbe54c0425e07e389df08769dc0b7a695	n/a	Heodo
2020-09-15	list J47643.doc	doc	a54a399d9a047d56f0b33e904a7da2852376ed8a5211d14e4c3e225f992ac859	22.81%	Heodo
2020-09-15	REP-20200915-Z663.doc	doc	03eba8f767391edb3306b17a1db4e48bc59f582db8f6adb1bda9ed56329f9755	24.14%	Heodo
2020-09-15	Attachments-20200915-XT5264.doc	doc	60cc7889d4bca6658e884f969b130358a8911b73a5fecaabdf207e4880aee458	n/a	Heodo
2020-09-15	0328513 2020_09_15 94201.doc	doc	738282eb7cc063af9334cbb625bf13105ed6f56a48a6bbd0d39a937500087844	22.41%	Heodo
2020-09-15	REP_2020_09_15_515805.doc	doc	d6a6ba1726014c272a4be4d8867b85739b700790d83f97c25845567b63783796	n/a	Heodo
2020-09-15	file-20200915-293.doc	doc	f821d9a95241b6f5d1bb45ba001828945417d3dc229bb05c6cb72f3bc0306c45	25.42%	Heodo
2020-09-15	Mes-2020_09_15-LT3693.doc	doc	6880d2e79190370d40b0b27d9a18e34142fab5a99a6e94aac94e5e32c8cbfe84	26.67%	Heodo
2020-09-15	Untitled_20200915_8970.doc	doc	412596dec4fa04e74c59e47719fc060637ab56ffa9ff1429ce9c9e5b109d8d29	25.00%	Heodo
2020-09-15	DAT.doc	doc	0cb05acf641f3f12f0d2f43a62786cdb1847eeafff45920ac8d2a2d155f0c12f	27.12%	Heodo
2020-09-15	dat-2020_09_15-WW02763.doc	doc	912f814cd232a1ae07b0d25556e359a64527974b26e464d85c80827d3a56264b	26.67%	Heodo
2020-09-15	Mes_20200915_2559.doc	doc	e1d474385505f5c0b0a6b005067719debb1e80091ad7e78b035c2a8652835582	27.12%	Heodo
2020-09-15	list-2020_09_15-QL832.doc	doc	6fc669fc25d476c3d7c2cf9ea003a9db92b87a070d75bf30546e5642c1437d9f	24.56%	Heodo
2020-09-15	List-2020_09_15.doc	doc	902e5816768b247deeb5d20ecffa933fbc7c1bdca49516c283b9ab39a0ba4041	24.14%	Heodo
2020-09-15	REP_2020_09_15_LJI4051.doc	doc	d022c59589a2ad650fad1bdac12c5e303dfa3fc7061019607c538bcc35222fcf	23.73%	Heodo
2020-09-15	001-20200915.doc	doc	b7372e339c51d62d859b4429089461d1add3b4122efa78eac13eeca3833df21e	n/a	Heodo
2020-09-15	FILE 2020_09_15 444.doc	doc	baa25136c70746911803ab432f2d12233f3bfef22e77d8b61e03467adf48123a	n/a	Heodo
2020-09-15	file 2109475.doc	doc	f316eecb674c54a4ec894a5a65237568bb94007f2ba66421a23ff37df4916fc6	n/a	Heodo
2020-09-15	FILE-OJ6582.doc	doc	a3384ba577af296b4baa8ce02d0b093741cb76e47914a6f2a21dc1fcaafa2ecc	n/a	Heodo
2020-09-15	LIST-20200915-7884.doc	doc	8b2013ca811304eb6da971681eb1329b0442436f50f2931ca034fb3671b63af6	23.73%	Heodo
2020-09-15	REP 631.doc	doc	117ff974263e5ba8d7be16655458ab34722982734adac8b03d62ba9c0f8b6078	24.14%	Heodo
2020-09-15	100_20200915_01790.doc	doc	477c395b9e8ff0dbc9e1be2bc00fc237cd22130edf50168630af4a01c2bfde34	n/a	Heodo
2020-09-15	FILE AGW83772.doc	doc	e93305d9e0353b2bee392690b34ff857e6888e3e7fba9e45955620ed30de57ad	23.73%	Heodo
2020-09-15	DAT-20200915-QEI853.doc	doc	6c6225685c94dc3731580b64ecab9c502b1a89defe6a0ac2c3d3ddb2726f9a65	47.46%	Heodo
2020-09-15	ARC 20200915 3036.doc	doc	43cc769c9e7ba0210e0a9c3b22707a1500245a04efb7e3d1faa76536bafba217	n/a	Heodo
2020-09-15	LIST-2020_09_15.doc	doc	cf00026bf61471406d94a2ed4f58ba5c40cd51ce11251ee4e9699e8705915253	49.12%	Heodo
2020-09-15	REP 2020_09_15 II50970.doc	doc	5af61c86d1ad6fb398e7834fac732b5ea97a00818295e8af9f427df058e64fbd	49.12%	Heodo
2020-09-15	arc 617.doc	doc	5232782344d9fb61d8b9941128433de2425b6bff52e429db30b45eef8e6c1c9b	47.37%	Heodo
2020-09-15	Dat.doc	doc	e6886185d8fca1585bdc84a753479ddfa5c91e129422a964e2510238293b5192	45.76%	Heodo
2020-09-15	REP DSG642348.doc	doc	5ce44d83a41eb185f956666c77f22aabf955616d25fac283a491f9451fe7ba52	45.76%	Heodo
2020-09-15	Arc 2020_09_15 31644.doc	doc	e203577dadb325bd364b0a6609b5aa2b4df457ba261810b3e5416950dff54c8f	45.76%	Heodo
2020-09-15	ARC-20200915-3419.doc	doc	351db71f7f86ca34a34d77dd20dad996d2edb06567520169f89c2172a487af18	n/a	Heodo
2020-09-15	arc_2020_09_15_36851.doc	doc	6284608a75bd2f21cce00c2c3453353c83b146947f173dc53013c0919178a4c7	46.55%	Heodo
2020-09-15	Inf_20200915_L85988.doc	doc	f15af8515126fa73c26c783a07b7b8102603af53319a2148b073ceefed8de267	46.55%	Heodo
2020-09-15	mes 20200915 GK8701.doc	doc	8656695ef3e73212f1da1f7c552c57c9f43e5b9e46fe1f3aec227b1700baf555	45.76%	Heodo
2020-09-15	doc_20200915_67915.doc	doc	ced3e5fdf4b4632f136fe21e7a32deedb1bada34b697b4daf4fecc7063ab961b	44.07%	Heodo
2020-09-15	file 20200915 MAR314.doc	doc	f17e30fcbb606a053ce0672cdff6f8b3402fb01346e7753abfd3add6f6fdfca4	42.37%	Heodo
2020-09-15	list 7802656.doc	doc	a5fe34f4f59c550793d6e628deeb7b0e77273be63dd3d68f950edcbbb2cc0d5c	43.33%	Heodo
2020-09-15	rep 61249.doc	doc	3d3ce21eb20a5c3ea022e9f6e9fd3a339ed2c4cb22c26bbc83e88d0cf7ab6cee	40.68%	Heodo
2020-09-15	Inf-2020_09_15-72029.doc	doc	2bced1a8302d817af06cc07010a27345146769b3d9ad0e86d246ca93e4dc8e69	38.98%	Heodo
2020-09-15	Mes.doc	doc	9ce006bb0e752354b2374803060115dedb3f8239567d4bfa6a2a027a74bd9b9b	38.98%	Heodo
2020-09-15	dat_20200915_AEV4089.doc	doc	d36e581bed8944aef6af541b9190cd831cce7bca80d03de8a2017b9614bf0bd0	38.98%	Heodo
2020-09-15	doc 20200915 6708.doc	doc	ca62501fd8a132340a63f97e4547ee1384a7744ab8c7e1afe4e69a008b2c3602	n/a	Heodo
2020-09-15	doc 2020_09_15.doc	doc	86fe6a2de23f84e3e8c7f33155c293f7eda6517b7f0fd88c47b4430fc98fd431	38.98%	Heodo
2020-09-15	MES-20200915-03361.doc	doc	c247ddf966fd2c2df2ffec2956e4798990741e8b0f7d121639bdd06fa98053de	n/a	Heodo
2020-09-14	ARC C4768.doc	doc	8fde50ac02ec113d4f245e1d02838e3c6b77fb272db5b21eca5afe012f663f8d	39.66%	Heodo
2020-09-14	Attachment-2020_09_15-175371.doc	doc	a37f74acd4e0dae148467f7004339fc3ddd54e34eb6bb7c3dca20a13edd09b41	n/a	Heodo
2020-09-14	Arc GW236201.doc	doc	353654c4a8d65e5878b00c7943ee5d2e19e6438c31bd949ad16452496ca627e0	37.93%	Heodo
2020-09-14	file_TN144.doc	doc	659eee918658caf613efe868209fc51ff054b39f70d699c5474e5f6ad4684d76	37.29%	Heodo
2020-09-14	Mes 2020_09_15 0679.doc	doc	b842862b97e1bb3bf480e0edfa445124eb165f8b8c6208cdc3b40a25acd5c103	33.90%	Heodo
2020-09-14	List-20200915-226422.doc	doc	a3a4f5d06a54aa6e83e1cbb72c3f5d88950eb21fbf597d45bfb817fad8282f4b	32.20%	Heodo
2020-09-14	UNTITLED_20200915_1932164.doc	doc	a0fbbf6d90db762b113e5a37d79d574800eecd5ee6ae058b260917eaa521d62b	n/a	Heodo
2020-09-14	inf_20200915_83434.doc	doc	ee5bd3d048be89cda7b21ccc887b9a31bd338b0d97a8d34569b26619d759b3b7	27.59%	Heodo
2020-09-14	dat-F1091.doc	doc	35999c8f653e6bbd10bf305fb984cc3497ffdf8b26af7b53f83dbf7e385f737f	n/a	Heodo
2020-09-14	file_LU75887.doc	doc	6c58e04ac46f5f16a638f4f54998b9f162745897f0f79940736c2b572235a2d5	25.42%	Heodo
2020-09-14	5372 20200914 SA1141.doc	doc	06548426e927d2d19596c75a58b3dcd9cb31e0fe1090b0b24fa7d01870db5683	25.42%	Heodo
2020-09-14	list PIF038952.doc	doc	6d05fd0835601d3f58f7c6d342cd98e5fe3a9f4a1c2ccbc91fa80fb44c61eec9	24.56%	Heodo
2020-09-14	List 20200914 FY559.doc	doc	fe0adfcbe96e41a03d65dd47514b5db3b216690ca8d3c1680a913e6927e27195	25.42%	Heodo
2020-09-14	DAT 20200914 1972.doc	doc	f15c1fb0ec48fcd1c8071b42da76037089d88aadb78c7fcd64ce6fa845c0e765	25.42%	Heodo
2020-09-14	UNTITLED-2020_09_14-8831968.doc	doc	c04d53318d6727682e77638d17a7d9563f9040c46a9a426576349dba7acec4dd	25.42%	Heodo
2020-09-14	MES TVA87668.doc	doc	de5ff2a86b9b97821a627ee23d91fecfc32dcb3d5db129604ca5c47f4feb102b	n/a	Heodo
2020-09-14	448961-20200914-14438.doc	doc	5171e0e602e27c4122239e9c7833c603beebb69bea148c5d29341990af469f55	25.86%	Heodo
2020-09-14	772XIC 2020_09_14.doc	doc	9071af554116b7e5e92cbd63922f2d577d1fd912ed4fd121ab0762aa8b2dd589	24.56%	Heodo
2020-09-14	File-20200914-303449.doc	doc	04c3ce2f282ed4ed9c831c5caff0edc29324dbd2eb39817fc6ed53683c5e0933	n/a	Heodo
2020-09-14	Doc_P0840.doc	doc	30c24452fe4cbae0d507fcd57055a6172174abbb6ecdec68304f244d67a152aa	n/a	Heodo
2020-09-14	Mes-DI24811.doc	doc	1b861fc89bf8e49013023f4458519f13803bfabb2b4eff3e63cb209f31406192	21.43%	Heodo
2020-09-14	list 742790.doc	doc	63ab439cb5788c279996c35d7e41341081f97dadb4b255653cb11194a9368465	20.34%	Heodo
2020-09-14	154_20200914_1275049.doc	doc	c0d7a02d33e12631b692222d46bf3ea21a3a4e6c0964e5508bdb25148af88689	20.34%	Worm.Ramnit
2020-09-14	File_2020_09_14_2257466.doc	doc	3dc5285bec0496d0a4993cc2a0d80e534010b345115320b8b96343b8ab9b10e3	20.34%	Heodo
2020-09-14	inf_852580.doc	doc	85b941aa2dfcdb8316fad92e43fdb207d52a3f4429b7bc59134fa759931284c8	20.69%	Heodo
2020-09-14	ARC.doc	doc	badc0629a46cda79757842da527965473e157005d05fe710070410d1128da0e5	n/a	Heodo