URLhaus Database

You are currently viewing the URLhaus database entry for http://azaanfoundation.com/cgi-bin/paclm/cr0pss/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:607594
URL: http://azaanfoundation.com/cgi-bin/paclm/cr0pss/
URL Status:Offline
Host: azaanfoundation.com
Date added:2020-09-23 22:57:06 UTC
Last online:2020-10-05 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU002959340 created on 2020-09-23 22:58:06 UTC)
Takedown time:11 days, 16 hours, 41 minutes Bad (down since 2020-10-05 15:39:24 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-28PO_09252020EX.docdoc 27bf5ad7764e5ef8104034400bfeeb8a01a9e0cc41a24d483f8f822eadc1cb77n/a 
2020-09-25INV_PO_09252020EX.docdoc 20302d21724f8e22376e7b606194ce88d5b3f6af237621deecbf15e7ea7ca32cn/a Heodo
2020-09-25REP_PO_09252020EX.docdoc 8a73bdca97395b9f659104c200734008fe685faff6734fc31ce0cd575090f1b2Virustotal results 35.48%Heodo
2020-09-2513646160.docdoc 16caa36f21f51e55b03a66ef15c29a8f7054a5fad88ff372ca0bba06dc40a971Virustotal results 27.87% Heodo
2020-09-25VVJ_090120_KLI_092520.docdoc af8ff28fb4ea041b8cbe3e93a2c9984e483b0fbda6945bc0172d0946d5c1cb7dVirustotal results 22.58% Heodo
2020-09-25Q_PO_09252020EX.docdoc 802f04236dcc8416e167f809dda60e5623b54d39bd04e74dd1f1db148afca2d3n/aHeodo
2020-09-24PO_09252020EX.docdoc 47e84b40c894119dda8c1abf4033b74ccdea7712d9ee871dde8360c87e7951baVirustotal results 20.97%Heodo
2020-09-24XI_LL1557822985NS.docdoc 7732eb513243e6e3a764a526f3e87061885357e7adc6901e3ff647b039b4bda0Virustotal results 30.65%Heodo
2020-09-24FILE_14801394.docdoc 7b6806b4e83dde2a32e4d3f04439478a2a28eff8c723179a141152aa89c0c8fcVirustotal results 31.15%Heodo
2020-09-24E_CO5TGNKD.docdoc c8e1fe8c16784222fdc737735ed29812a5f1721e61b75f3386fa6ea802c9b525Virustotal results 21.31%Heodo
2020-09-24XE9083731451QJ.docdoc d0d83818424904de50c76c45ef3c2bde9e3d7a9527fa2ad35524721ab65f0f2bVirustotal results 23.33%Heodo
2020-09-2472CNXE9K7CW.docdoc 7e1935fab86166df5d6770468bf12c57a50720c0b7ba90e21accf2ca8493ce15n/aHeodo
2020-09-24FILE_47082212.docdoc 3f84ac47fd385bddae0dd0a222cbc04e5dcc35aecd25d8d02f94f719237af3acVirustotal results 29.03%Heodo
2020-09-24BAL_ZET_090120_XLB_092520.docdoc 96d9b3d02df7aea418bb5629677cc35f0eaee5ea68e2373e23a730378f5f5297Virustotal results 29.51%Heodo
2020-09-24XWF_090120_TOQ_092520.docdoc 2a3395e9459dc5f0fc72621c2299e98b4226e6b99cf6069d89004e3d430a219dn/aHeodo
2020-09-24A_KNL_090120_KYO_092420.docdoc 715f9dc1efa5fca591ca9ec3b12ea2cbfb023fdeb8f0964988c191a7be6166c8Virustotal results 29.51%Heodo
2020-09-24PO_09242020EX.docdoc e8920178a654a05f4d58c417ab5df624d778f70deb69ef450e79c6511c72e55bVirustotal results 21.31%Heodo
2020-09-24R_RB1509603638ZX.docdoc ea20a59b71ee8c21c84eece43e58023ef1be9265e0198df81b95d6af3b4d38e9Virustotal results 29.03%Heodo
2020-09-24Y_7385224353.docdoc 85c3fbc17a0daacdb938f7ea4b8dfa14ae9a099d59de1e9fef807b569c999acbVirustotal results 19.35%Heodo
2020-09-24X_LCE_090120_JYJ_092420.docdoc f558184120407b98a2f1473322ca913b07ff58cd20d06ae924a355e11821dc9bVirustotal results 29.03%Heodo
2020-09-24M7Q95DK.docdoc 35ef0a522e2f7f98db76cd53d203d6389d65b2c0337b598482f1ca0fcfe5953dVirustotal results 29.03%Heodo
2020-09-24OLZMGXGN6NV9CETL.docdoc 2a383eeb24d148e1343c8ac61522fdc8b79c8fe8c0f5f1079009ca43cfed93bfVirustotal results 22.95%Heodo
2020-09-24DOC_IS8924296964NW.docdoc df802c906676713581817048e135afe20200029ac5ff1c840ba82b5bbcda75caVirustotal results 22.58%Heodo
2020-09-2452746636958486.docdoc 7f2909dbaff2ca4d076322b968a100de8c38b257858149d44dc8976189d2571fn/aHeodo
2020-09-24BAL_12571954.docdoc 7e78d353bf29cfd042c3741647fea216a70d735df0b286f87383bc7732e6ff23n/aHeodo
2020-09-24PO_09242020EX.docdoc 37b5d86751a2c999901df382ddadc7aa72d891a4e24ef527e02266ffab2efa41n/aHeodo
2020-09-24JFX_090120_XLX_092420.docdoc 460d4f1fa3c90d50ae0a56c6c4c26bfcd3d3d22829baef98b7ea3e9b451974feVirustotal results 33.87%Heodo
2020-09-24L_LI4356876027NB.docdoc debb18b92589db797e485cc3bcada3f200d8446dac60e160f90a397dfd1a27ben/a Heodo
2020-09-24DOC_620404222663010.docdoc 0ce47002a6074a859caf912c52447785977b4694c431ba468c48fc21843eba5dVirustotal results 29.03%Heodo
2020-09-24TRWC_E6KLZ6ACCQPSB7UB.docdoc 896f6e1b9eb9656cfc68db252241fc7087192661175a0604505742223f0ef016Virustotal results 29.03%Heodo
2020-09-24INV_PO_09242020EX.docdoc 5183b37abc435d642a0551a84b8f121dd54f060ef53fbd6ffb0397532ebec148n/a Heodo
2020-09-24INV_PO_09242020EX.docdoc 8b209e2d294b8c5b50bd83d9fd9184268ce21313f7d5876d74c7e10f48ac946eVirustotal results 20.97%Heodo
2020-09-2484110806.docdoc e2dffd7e2a3663a738dac21fd590dec2cce14df9ccf7aebcc5944258a827bc04n/aHeodo
2020-09-24V_24697030.docdoc e03588b5c327278e634c775b1f13c311c8aa3494cddd7aff114eab54dcae3c5en/aHeodo
2020-09-24PO_09242020EX.docdoc c157afe5eb9208b3fe20c864292c3f7a3c1eb02486f1a6b31fd8ef0349a9f3faVirustotal results 35.48%Heodo
2020-09-24DOC_TJ1JTET.docdoc a48a197539aed2368c68f377ee4e1a8886412cabd39050e98b3fab282c089d39Virustotal results 37.10%Heodo
2020-09-24NW_91672166.docdoc 460c0444a86100a7f337a9393b066f52417741dda4889c1d41781fb32f917cc8Virustotal results 33.87%Heodo
2020-09-24SVN_090120_CTX_092420.docdoc 8f054924ac0e3a72b2725a18206bf1e2faaa327460d2e7199b1152126241d054Virustotal results 35.48%Heodo
2020-09-2411540052.docdoc 3e64351afeaa45724ba4e119f792781b8f1e311623e056e6c7f2f27f2ee9cc5an/aHeodo
2020-09-24FILE_QU7HOLRTFYG4VHMJ.docdoc fba080b64f42891f1ddec30a5a83c9881e8b8dc2e577226eb1575654caddc56fVirustotal results 35.48%Heodo
2020-09-24IZY_819246820335551720341.docdoc 80bbc6addbc3d97abecb341c4441b7963d70a2a863d25cf0d35137632a841fa4n/aHeodo
2020-09-24B_68898149.docdoc 098e0c52d47feef3ad6ad20535919541c76799f4bddd67233049509a0ae8656dVirustotal results 30.65%Heodo
2020-09-24FILE_6YSGWJH5K26MS.docdoc 63a21ca1981314f43015cca1b3f053dfde7f225e00d9efa0e76816c438ab00ceVirustotal results 29.31%Heodo
2020-09-24REP_56631991.docdoc dd71f46f9effed338d5abf88b9b02d44434366d833bb55051cdec45c5b090916Virustotal results 29.51%Heodo
2020-09-24DOC_CYC_090120_NSG_092420.docdoc 3caf40ca5ad83988dcc46183de98c772464dd0447db89cb8ad5cbae02587039fVirustotal results 30.00%Heodo
2020-09-24FILE_EQ8169096923YW.docdoc a9654b509a80552021269008e33074d85ee269b8a579a23ef93bcc5aba20227cn/aHeodo
2020-09-23B_VO1W8DODL4RR.docdoc a5cefc7eb57545e36ce9f959ac252dd0901cbac2b6d83bae4a92daaef93f383an/aHeodo
2020-09-23REP_N8Y1LET4YYF9D6U.docdoc 1c5a69e8a8d964a5898cedf16872a9903fcf2ec9f08ce3ecd9510f8d4453c4b9n/aHeodo
2020-09-23TM0255677635QZ.docdoc 928e299ed0670b544432d1c87854ef00421ee91e55581b623158ef13adabf501Virustotal results 27.42%Heodo