URLhaus Database

You are currently viewing the URLhaus database entry for https://andam88.com/izvej/https:/sites/pqmwpiF2Xu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:501251
URL: https://andam88.com/izvej/https:/sites/pqmwpiF2Xu/
URL Status:Offline
Host: andam88.com
Date added:2020-09-14 18:50:07 UTC
Last online:2020-09-15 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-14 18:53:07 UTC to abuse{at}choopa[dot]com)
Takedown time:20 hours, 26 minutes Good (down since 2020-09-15 15:19:47 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-15Attachments 2020_09_15 MTT247.docdoc 2b5117e3cd60e9d288b603b9346b50dec1c2bb8f5a3a6f13f8685c22345ca611n/aHeodo
2020-09-15List 20200915 513782.docdoc 03b11f7eac5008ae400e88c67cbcb081f0a5015f90aa5a8fff57823630777e1en/aHeodo
2020-09-15REP-20200915-310507.docdoc 17c5546960d533b0df0defcf3c6a1db50d0ec10ebcdc9de157d9e40eb0c0d9f3Virustotal results 25.86%Heodo
2020-09-15doc 20200915 EHR292789.docdoc 92004fdfd845395f59b03e025722db7fbe54c0425e07e389df08769dc0b7a695Virustotal results 24.56%Heodo
2020-09-15inf 20200915.docdoc acaac70278d981fdd3e5245f869808ac9b929266ef262303d76bece1fc19a24bVirustotal results 25.00%Heodo
2020-09-150990221 K433677.docdoc e537247b6db69c61d5de278cc02f6adc2478bbbc8377a36aea4b0ed6d9a04b5fn/aHeodo
2020-09-15inf ZDQ029381.docdoc f4e332907276f80aa8c28be6bc453cbbddbbc3a0589f5e03ee258683f5923ea9n/aHeodo
2020-09-15Doc.docdoc c7a1a7d629013a7f0f6a6a801a69dfca5d7e0898feac6916edd865a24462648aVirustotal results 22.03%Heodo
2020-09-15UNTITLED_20200915_GBZ519.docdoc 94693b748d2c7f8f24294e873fa3275afb1f63ff5ac5a3ca047a88715adee7ffn/aHeodo
2020-09-15List_3024.docdoc 4851d648ac7b8d3c72e472d868957c4fe491e7e1022710871c147edc0d6d9a1fVirustotal results 22.03%Heodo
2020-09-15file-20200915-293.docdoc f821d9a95241b6f5d1bb45ba001828945417d3dc229bb05c6cb72f3bc0306c45Virustotal results 25.42%Heodo
2020-09-15Mes-2020_09_15-LT3693.docdoc 6880d2e79190370d40b0b27d9a18e34142fab5a99a6e94aac94e5e32c8cbfe84Virustotal results 27.12%Heodo
2020-09-15File 2266378.docdoc f163c66aa73b41b96ed8c04c9db32f3917a67fddb8f2d58ec0f0e51a7e127dfaVirustotal results 27.12%Heodo
2020-09-15DAT.docdoc 0cb05acf641f3f12f0d2f43a62786cdb1847eeafff45920ac8d2a2d155f0c12fVirustotal results 27.12% Heodo
2020-09-15dat-2020_09_15-WW02763.docdoc 912f814cd232a1ae07b0d25556e359a64527974b26e464d85c80827d3a56264bVirustotal results 26.67%Heodo
2020-09-15Mes_20200915_2559.docdoc e1d474385505f5c0b0a6b005067719debb1e80091ad7e78b035c2a8652835582Virustotal results 27.12%Heodo
2020-09-15dat.docdoc ca8d28ed383c1c8fd9ec5f80a3b8554ece5bc52ffad7b7fc3b29d8e1ba5b2188n/aHeodo
2020-09-15arc-2020_09_15-A9585.docdoc 445a016e7a9eddbc4e0ae84d64a5ed7c7785b21bdd3503c19cf4d67d75662157Virustotal results 23.73%Heodo
2020-09-15REP_2020_09_15_LJI4051.docdoc d022c59589a2ad650fad1bdac12c5e303dfa3fc7061019607c538bcc35222fcfVirustotal results 23.73%Heodo
2020-09-15FILE 2020_09_15 MHE2394.docdoc 2f746b7a5368ca37faafc8e3beeddde8fb170d6dfe5d9d997df3282c889b96a6n/aHeodo
2020-09-15Dat 2020_09_15 8412.docdoc a9690f5c26e45f7ea505e40cfebe5888a3535c137dee58140a63699579cadf72n/aHeodo
2020-09-15dat-2020_09_15-8754594.docdoc f0f532b83c512e60370f4f66cfdcb7e11d1e2dd7eff883fb220bb128a215947dVirustotal results 23.73%Heodo
2020-09-15List_58587.docdoc 9c6ef89802a2c9e031dca9a83e8094a37f4ca04cacdd689de8a5330e041278d4Virustotal results 23.73%Heodo
2020-09-15inf_2020_09_15_MS715487.docdoc 604234e8c583a987270d78ea9f7ca92adc1b14c50fddf9f484af4ea751c820bfn/aHeodo
2020-09-15REP 631.docdoc 117ff974263e5ba8d7be16655458ab34722982734adac8b03d62ba9c0f8b6078Virustotal results 22.81%Heodo
2020-09-15Arc 20200915 717.docdoc 97603ca95e62009013ca1c18ae1b3af10229ca8ac544ca5285be1bdce5b11240n/aHeodo
2020-09-15Dat_3018.docdoc 3efa7fdc4ca6834bb9660796ff8e44d4920b31e3cba358915cfc879f08cadbecn/aHeodo
2020-09-15inf-2020_09_15-E1201.docdoc b57cd867f900cacbe751c3a988f83fb4bb6fc1db9aeb4522bdf8c3f22d0234faVirustotal results 47.46%Heodo
2020-09-15DAT-20200915-QEI853.docdoc 6c6225685c94dc3731580b64ecab9c502b1a89defe6a0ac2c3d3ddb2726f9a65Virustotal results 47.46%Heodo
2020-09-15dat-2020_09_15-MRZ090813.docdoc cf00026bf61471406d94a2ed4f58ba5c40cd51ce11251ee4e9699e8705915253Virustotal results 49.12%Heodo
2020-09-15Attachment 2020_09_15 FBF8396.docdoc 5232782344d9fb61d8b9941128433de2425b6bff52e429db30b45eef8e6c1c9bn/aHeodo
2020-09-15Dat.docdoc e6886185d8fca1585bdc84a753479ddfa5c91e129422a964e2510238293b5192Virustotal results 45.76%Heodo
2020-09-15REP DSG642348.docdoc 5ce44d83a41eb185f956666c77f22aabf955616d25fac283a491f9451fe7ba52Virustotal results 45.76%Heodo
2020-09-15Arc 2020_09_15 31644.docdoc e203577dadb325bd364b0a6609b5aa2b4df457ba261810b3e5416950dff54c8fn/aHeodo
2020-09-15ARC-20200915-3419.docdoc 351db71f7f86ca34a34d77dd20dad996d2edb06567520169f89c2172a487af18Virustotal results 45.76%Heodo
2020-09-15Inf_20200915_L85988.docdoc f15af8515126fa73c26c783a07b7b8102603af53319a2148b073ceefed8de267Virustotal results 46.55%Heodo
2020-09-15mes 20200915 GK8701.docdoc 8656695ef3e73212f1da1f7c552c57c9f43e5b9e46fe1f3aec227b1700baf555Virustotal results 45.76%Heodo
2020-09-15FILE_2020_09_15_YP544.docdoc 0de486e758ab3a42b8cf8fac0544cd138cac337db3c2688bf2e714089db683adVirustotal results 45.00%Heodo
2020-09-15UNTITLED 20200915 GFB774.docdoc 0cfd48d659357dfe98c08ed94a2aea6daf06a9bf7c06c092d529055fb592c179Virustotal results 42.37%Heodo
2020-09-15LIST 2020_09_15.docdoc 0ed1706fd2b09a866e877b33b017b741c15069c36fe5180832d8db600693b0f6Virustotal results 42.37%Heodo
2020-09-15arc 20200915 IWZ8046.docdoc 1edb5c54fee229f7a710437d7356d55d4343437e46e849802c75ae6101162c47Virustotal results 42.37%Heodo
2020-09-15ARC_20200915_160.docdoc 0602459939d6a8fb1a4a6930c2dc8e1353770134e7df1852024fabfb17cd7985Virustotal results 38.98%Heodo
2020-09-15FILE 8520803.docdoc af77b6d2c8b4ac5dd458b68e927c7ff84ed97c517498254d74eec800e9699b1aVirustotal results 40.35%Heodo
2020-09-15Mes.docdoc 9ce006bb0e752354b2374803060115dedb3f8239567d4bfa6a2a027a74bd9b9bVirustotal results 38.98%Heodo
2020-09-15arc-5091.docdoc d36e581bed8944aef6af541b9190cd831cce7bca80d03de8a2017b9614bf0bd0Virustotal results 38.98%Heodo
2020-09-15dat-113.docdoc 553b1e42c9c159fb9b2f5f6c1c0bde19887f9e9ba813fc442c7a253179fbeaccVirustotal results 38.98%Heodo
2020-09-15list_2020_09_15_7412.docdoc 7f270bf002e459e860698dbefae6fed9ece80b03830e5fc6bb156d2c5cd8f65fVirustotal results 39.66%Heodo
2020-09-15Arc_2020_09_15_KWJ173.docdoc 8a39aeeae70b5b869cf70b80cf2c4a4149a216d99839bc70e705f62472eea851n/aHeodo
2020-09-15file_20200915_4333499.docdoc 0e56a212452f8382cc59f8ea56838b188802b56853a868f03a610e633095cda6Virustotal results 38.98%Heodo
2020-09-15List-20200915-1058.docdoc 95a565fbe3dd58781eef947d31d6de93257032734052f7402be980023742980bVirustotal results 38.98%Heodo
2020-09-14527CO_20200915_QCC635617.docdoc 3797086d291ee004f0fca9dab3efca616b89626f0f0f01ea2db082c63d67d68dn/aHeodo
2020-09-14INF 85302.docdoc 061cdd9bf95054729c409879d11d74c56ae0808ee7858234932993776586d315Virustotal results 37.29%Heodo
2020-09-14file_TN144.docdoc 659eee918658caf613efe868209fc51ff054b39f70d699c5474e5f6ad4684d76Virustotal results 37.29% Heodo
2020-09-14Mes 2020_09_15 0679.docdoc b842862b97e1bb3bf480e0edfa445124eb165f8b8c6208cdc3b40a25acd5c103Virustotal results 33.90%Heodo
2020-09-14Attachment 2020_09_15 551410.docdoc e5abd1707e24afbeb2ad49977ec61f6da45392df2a709979f8f17a4b6d187002Virustotal results 30.00%Heodo
2020-09-14D4244_33157.docdoc d99f28be1bd88f4eb8efcd54c021f9b248038aa19d71fe399be76813a24c2b25Virustotal results 31.03%Heodo
2020-09-14inf_20200915_83434.docdoc ee5bd3d048be89cda7b21ccc887b9a31bd338b0d97a8d34569b26619d759b3b7Virustotal results 27.59%Heodo
2020-09-14MES-5620.docdoc 5215ec882e86e8604927d2f9da1a9ac3d0f6cb8cb2cf4b53441df2a10602bcfan/aHeodo
2020-09-14DAT_2020_09_14_U260791.docdoc 02c4c42898f589ca4b8505a9b02bf394ca4d4e2ddc375083c8b40342875a5bdfn/aHeodo
2020-09-145372 20200914 SA1141.docdoc 06548426e927d2d19596c75a58b3dcd9cb31e0fe1090b0b24fa7d01870db5683Virustotal results 25.42%Heodo
2020-09-14doc_1417.docdoc 6eb7889d705322ae1a17f1b7bb05f17e5d428836248afe4463b8e43c29d8deb9Virustotal results 25.86%Heodo
2020-09-14list PIF038952.docdoc 6d05fd0835601d3f58f7c6d342cd98e5fe3a9f4a1c2ccbc91fa80fb44c61eec9Virustotal results 24.56%Heodo
2020-09-14inf_WLF5241.docdoc 200d48361b60fdaa3deb618c1dfed0c7d3d2a647dd8fe438e4bd4e3eeda459b7Virustotal results 25.86%Heodo
2020-09-14inf MX9138.docdoc f69d80723388387365060c795e3574955dfe37329979dfb222f64217e4077b63n/aHeodo
2020-09-14file_20200914_5830.docdoc 52c59c0139100b7ec0ba5d14dd4e8ed0c8885e213d84414e200e77446dceed0fVirustotal results 25.42%Heodo
2020-09-14MES TVA87668.docdoc de5ff2a86b9b97821a627ee23d91fecfc32dcb3d5db129604ca5c47f4feb102bVirustotal results 25.86%Heodo
2020-09-14Attachment-69134.docdoc d01054cbeb1b74004b1711e8cca1bb9c162c86117e09a0e4110ac90bd1848809Virustotal results 25.42%Heodo