URLhaus Database

You are currently viewing the URLhaus database entry for http://zhaniyasoft.ir/wp-content/esp/WSkJrEQH860bmPTC/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:539189
URL: http://zhaniyasoft.ir/wp-content/esp/WSkJrEQH860bmPTC/
URL Status:Offline
Host: zhaniyasoft.ir
Date added:2020-09-16 23:47:03 UTC
Last online:2020-10-07 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-16 23:48:06 UTC to abuse{at}hetzner[dot]com)
Takedown time:20 days, 12 hours, 25 minutes Bad (down since 2020-10-07 12:13:22 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-17list_2020_09_17_BTJ2960.docdoc 6fbf9519cc21d27d5ed3bd7deca723d96b5ac4fe7d75a1c7e85bda2154836932Virustotal results 30.00%Heodo
2020-09-17mes 2020_09_17 710.docdoc 96eeeb31a1f499dfd36fd8dd65250c5639ec0b33444d5b47b2c37f95a2914336n/aHeodo
2020-09-17Attachments-4546.docdoc bb2f1cf59cc83ef51ee2226d600d769353c4cc78b6a2b4774169a012d0bad537Virustotal results 29.31%Heodo
2020-09-17File 20200917 311.docdoc a254cad50bc7a3ab608053077664afeababeefb865f8e9ebea78ab5b8a517f31n/aHeodo
2020-09-17MES-2020_09_17-XNO331.docdoc cb8c0029dd5b12ee1b661e2fd49262dfb5235a9ea75801a2d8c96fff7c12a19fn/aHeodo
2020-09-17file 2020_09_17.docdoc 22f5f6c960c4008f562bf7d34f803b15610e0542c351a24a43d90c7d86a63df0Virustotal results 31.67%Heodo
2020-09-17File-HV06347.docdoc cee29d3ef9b4ff612c099b5ba2bff86f1686d840ca89bf30efec40f17b0c3c7dVirustotal results 32.20%Heodo
2020-09-17Mes 2020_09_17 ZF22140.docdoc 191edcdf85ed850f76abeab339aafc22314cc4e4002061641fbf1dbba903972aVirustotal results 33.90%Heodo
2020-09-17inf_43824.docdoc 577145a90888049667fe0faefce1bab143ec16a84550461a596ebc4cc7d30c5dVirustotal results 34.48%Heodo
2020-09-17Inf_20200917_730626.docdoc c3652249e9e608e835b19cf7bd3fe03b214ea34998484d522406937869abf78fn/aHeodo
2020-09-17list_2020_09_17_Y3099.docdoc 90977cee153334af0c84b8bfa29245fcc56734d5c0d84a6db5f3c51173e935c8Virustotal results 33.90%Heodo
2020-09-17file_20200917_V47660.docdoc fb5fff7878856cd2289cf8e0f9cc0f6f8ca84d0945a229a1d94dae877518f3a1n/aHeodo
2020-09-17ARC_2020_09_17_4635543.docdoc 496b9984d46488221b7d1e703c3e12ca2a8a516059fc2081ba346c248fccdfdbVirustotal results 34.48%Heodo
2020-09-17List_2020_09_17_C692922.docdoc 8b3bb9945a2eb820c15eadfea72c9594ca9d1ff936bd1c50f157a30681807ac7n/aHeodo
2020-09-17doc-H0635.docdoc ffde38669576e6e939cf5aebdc0aa2457369c24e2507121a865573e52d40defen/aHeodo
2020-09-17Mes.docdoc e28b9264ec1942c7107b3ccf9259d754b9892e28eb458349bcabc8946b0c15e1Virustotal results 30.51%Heodo
2020-09-17158_20200917_B046337.docdoc ee9bf2f3b61b6d28c5bc8efd4fc0ec22b9e726913c0827f421de885700c2abeen/aHeodo
2020-09-17DAT_0268.docdoc 77e625b5a915018d7888ea182996ab57a7930de204369b031ba96bf4e7e57348Virustotal results 30.51%Heodo
2020-09-17file-V93839.docdoc d08cbcd483277e32b1a8941c83b313a5dfd2c78d24378727e7abb7f8579def02Virustotal results 30.51%Heodo
2020-09-17REP IZ245.docdoc 3118ee78c4244f5483019acf3b5d428289f2079aadbf7da962963ea90dcfd966Virustotal results 30.51%Heodo
2020-09-17inf_20200917_Y68573.docdoc 115a640bbaeb2f1e723b968b7183fbf51a129d98e03399f3321547fc16e766aen/aHeodo
2020-09-17mes 20200917 5528513.docdoc 6ad7d6517b01019c7b440ffae67f0cb3a1234ad5ef679615f69741aac503b38aVirustotal results 37.29%Heodo
2020-09-17mes-175.docdoc 0dbad315cddc667cb29f30d02de18c3d5ff0547e0814c5170510ba1a11766b7aVirustotal results 37.29%Heodo
2020-09-17List-2020_09_17-BY7218.docdoc b3e8aa4e6563484dad4b6b339c0603f32a036f34e046ecf2f301c2ee412e5bccn/aHeodo
2020-09-17Rep_2020_09_17_44870.docdoc f2e99baaaedbd089392d2cf3fe482c71b0730b27875748932e3b9dad90a4728dVirustotal results 37.29%Heodo
2020-09-17FILE-2020_09_17-T18551.docdoc 530fccb7e7dd4a6fbb7cad9093452f103e951bcfb762d58889a98ce7a5bb785dVirustotal results 37.29%Heodo
2020-09-17UNTITLED-20200917-OSD94109.docdoc 35088b84f2026bcbde876c9c9188d18287ccaf07b304b1fa9910f476c7aa36a7Virustotal results 37.29%Heodo
2020-09-17File 20200917 ZN81428.docdoc 84c4bededfcf319c65e87c3d55ebeec4d882c316c89e9716e5c29b9cf37a1821Virustotal results 33.90%Heodo
2020-09-17MES.docdoc b65fc0d82786a15ce9e6a028e521d79621c24ceae0da0ec61aeb703ed6921e94Virustotal results 33.90%Heodo
2020-09-1759960502.docdoc 9d74d4c490b8d1894ba95fece089f3917ca557122da591a3176f6e8bb182a926Virustotal results 33.33%Heodo
2020-09-17File 2020_09_17.docdoc 68b722df7ebc8c17375e2a8490c5054b77530b12e82fbb5645bac262b6fbed82n/aHeodo
2020-09-17List_2020_09_17_FM6282.docdoc cb0e277830f887c3f59725a4c7388bb0a8053518414d95f6831f1e8f4672865dVirustotal results 32.20%Heodo
2020-09-17list Z5886.docdoc 4a302b44df11e4712e28d8e684fd9be280473a1f16ede2d69ee10c7aa97122a8Virustotal results 31.58%Heodo
2020-09-174172_2020_09_17_EBB60579.docdoc 3f4bf548088814d982137a7a86ee7ef03c92225d8190047c8f06d3a98440b63dVirustotal results 30.51%Heodo
2020-09-17LIST 0204.docdoc 993a838f26d59bf881c1748f0543e93e7a0a2408a38b30dcfae78a826dad9609Virustotal results 30.51%Heodo
2020-09-17208_2020_09_17_ONR070243.docdoc 0177e8b43a79a29ce762f763112f16f7d07e7cd0de070fae63e9123ad5196423n/aHeodo
2020-09-17dat 20200917 2971.docdoc 0ee3ee6d46932766c0b60ab6d06d8791a97c6cc37289e03f7d74543916ca8145Virustotal results 30.51%Heodo
2020-09-179200QJC_2925.docdoc 36520787124e23f3b9b90ee7cb3a803156b9e3926960cb92dd80a7e88f552b04Virustotal results 30.51%Heodo
2020-09-17INF-DL5423.docdoc 8e9f601f3aace10fc47195fceb165774f20e7a6f1060662eea3d4ecb95a848f0Virustotal results 30.51%Heodo
2020-09-17file 2020_09_17 TDP913959.docdoc c5b888495a9bfa112794f936114fe7d3ab9bbbb1fa68b41d1d25a67f6372efb5n/aHeodo
2020-09-16inf_S729293.docdoc e5d044da71b8df8b48034bf1959bc32cdb6f6b1667b13d7adf0b3a4535f0a0een/aHeodo