URLhaus Database

You are currently viewing the URLhaus database entry for http://zagros-shahrekord.ir/condiddle/NTOH9EGOPCFDQX/Gb2FWC0z2wrMKSwY/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:698746
URL: http://zagros-shahrekord.ir/condiddle/NTOH9EGOPCFDQX/Gb2FWC0z2wrMKSwY/
URL Status:Offline
Host: zagros-shahrekord.ir
Date added:2020-10-15 22:55:15 UTC
Last online:2020-11-07 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-15 22:56:09 UTC to abuse{at}radcom[dot]co)
Takedown time:22 days, 11 hours, 3 minutes Bad (down since 2020-11-07 09:59:32 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-17file 2020_10_17 OSB98229.docdoc 294c6f87d8514072c30988bd55dd643c5c018b9f9ae05b9db1a97d034b31e092Virustotal results 55.00%Heodo
2020-10-1729166 N9145.docdoc fd4a45974318a540bf249d7aa768f6d4ec1bb268bb05e5028935db34aff711f4n/aHeodo
2020-10-17Attachment 2020_10_17 64842.docdoc 0f4e937ecf4435c0d84956b70e83ca82c0cd15fe9184709e7616c8cc60512590n/aHeodo
2020-10-17FILE-392671.docdoc ba1aeafd7f85b7fe6d27c96a0fc87b47c20150c8adb74124716adeb6ef26a98bn/aHeodo
2020-10-17MES-20201017-87894.docdoc adbad3c068d4497ae8a6a18056cfc39fb152c2085f694dcace8e772cc1867f22n/aHeodo
2020-10-17rep-2020_10_17-0009.docdoc 7e8f0d3a035cc6aaf58e4f892900fd85148d09fb03b8b258eaca0db120d1c628n/aHeodo
2020-10-17File_20201017_OM04877.docdoc 308b5a0affafedcef7431861d7785ddf4db3314cf5e18d5fdbc4c0168cc63ea7n/aHeodo
2020-10-17DAT-004.docdoc 203a54f8692f6554ad685a3d9e94ec1f3482366c3c455312540f744cbda4f479Virustotal results 53.23%Heodo
2020-10-1753689 2020_10_17 605.docdoc 78f2969b92269cd9a3e1cc7003b0949f47421d551c323dbeafa94ad0a836bf34n/aHeodo
2020-10-17REP 33563.docdoc fca525a70cdbc09d5adb7e320849a4e9958f5edb129e2accce15281a340edf54n/aHeodo
2020-10-17Dat_20201017_UU1208.docdoc ac172c6a7fb2f8004f019c9dd8d7400f660d58187ed3adcf2502c5effc15271bVirustotal results 51.61%Heodo
2020-10-17FILE_2020_10_17_I08551.docdoc 73a83fd3188295433015762cab772d1fc554aad7da08da7e0373ba66a0a9ba38n/aHeodo
2020-10-17MES C261.docdoc 65fe5c36c465cfa1cc58f54aca29a2da9e56f3fa0b499ff8ae0b654338db114bn/aHeodo
2020-10-16mes 20201017 6399573.docdoc f248106a010a23404bc680541ff725431478f2a3a368efc846d4bee707af6c22Virustotal results 51.61%Heodo
2020-10-16UNTITLED-2020_10_17-940599.docdoc 528b63ef8c44d0a5b08974fb6ad9efa60e0021ce6993d25b30ef1b90c00df222Virustotal results 50.82%Heodo
2020-10-16Dat-20201017-DP12785.docdoc 5ee53916c491a77206e7a09eb75c02983fae90474ddcb7d0099a47113b4675acVirustotal results 50.85%Heodo
2020-10-16Dat_20201017_595422.docdoc c5480c5bcd7c9b06e744ebfca49ef98e45da1200c5e3762d6b47d9825189f3eaVirustotal results 51.61%Heodo
2020-10-16inf-2020_10_17-ZZ159823.docdoc cecc7a6d54b23fac9722185d9674512f5b51840e9909978de84128d07172791bVirustotal results 51.61%Heodo
2020-10-16rep-20201017.docdoc ee2a584f20b8fae9caa25baa3476b1dae0aac0d511a2a2584dde95eeb42c4d06Virustotal results 52.46%Heodo
2020-10-16Attachments-F103266.docdoc d0b24fe52a88df1055812d9b2a79e7acee0b02add126d467c4054a93771b2ba5Virustotal results 51.61%Heodo
2020-10-16REP-20201017-REO0670.docdoc 7440c2b0a8f5a75b09af167e9259a5fb5f7f449e9c496ccfad8f5675abcca4acVirustotal results 50.82%Heodo
2020-10-16ARC 20201016 949.docdoc 14fb23d425064edf96ba4acb656479002d69054eccbae3688760eda138dbb67cVirustotal results 51.61%Heodo
2020-10-16Attachments 2020_10_16 NFA238.docdoc ec0b8068eb55934e5173fd8006c8cff634922830e46673abcd0c0a2e2e6d3b4fn/aHeodo
2020-10-16DAT_2020_10_16_XQU523.docdoc e78b57e96d5a3632c93a56a0bbc199107c194dae316c84dd64473a513a3b6745n/aHeodo
2020-10-16mes 2020_10_16 0671.docdoc 946f2932db99a282d3ebdec264e3de1b8c260b12f95769381d8bc99433b66b93Virustotal results 50.82%Heodo
2020-10-16dat.docdoc ff2225f50847fbfdff2af9e81b67fc82dc5a26f7c4a78edbe36d775f1c153c22Virustotal results 46.67%Heodo
2020-10-16INF_20201016.docdoc b4c0e8d0e75a368f062085d1359814e8f1735154278231aa2b701d875f0f6cfan/aHeodo
2020-10-16doc 20201016 8373.docdoc d256ae49121d11c0494770e833b518932a302d465f80430b058c8d0584438c4eVirustotal results 48.39%Heodo
2020-10-16Rep P982900.docdoc 94a0a04aea0ad4241b0d8f3aa2bd2d01d289c6be4188d30ad71ae7fe65473ffcVirustotal results 48.39%Heodo
2020-10-16Mes-1574.docdoc b2d8f711c8c33e4a8812e05875095c445ca95ad54ba0cc33ca3474867b98c7e3n/aHeodo
2020-10-16MES 2020_10_16.docdoc 411727e51c4712ff788de42e2407b0dc89a76b7a9ba1c5dfc3095bd82e957841n/aHeodo
2020-10-16Attachment_722.docdoc b0dc33ec9c51ff12655022a2f4373f2a8bdb2a36f3588419005822023f2de725n/aHeodo
2020-10-16file-45044.docdoc b458f12a6949fee524edefc720811a94bcdae2ba4403be20f0b1df513f4c7ac9Virustotal results 45.90%Heodo
2020-10-16doc_20201016_T37278.docdoc 0b2cba2268ae5c5aecf57b1733a8bb815b6ac5b458d68970cf408a8548fd07abVirustotal results 46.67%Heodo
2020-10-16RYK38248_20201016_Y119.docdoc 22816f557839e99361a46330e9667c483f229ab847b12c3e676743d4b4b410ffn/aHeodo
2020-10-16List-QC76460.docdoc 902f211815c618d5fa4d6b9626122d47dd7076349d7924dae9d9e034a9416b13n/aHeodo
2020-10-16mes_07128.docdoc d382b252799d94951c351f38f54c1154fed8293f5018c4441b345e556f5fc26fVirustotal results 43.55%Heodo
2020-10-16Doc_20201016_JKE965113.docdoc 5479abb8e4379d71b1c4e5cc766966bc9e053aaacdc704bd346e23c4945be3c5n/aHeodo
2020-10-16ARC-830.docdoc 0d8a6d854e14a57fed7fb1f39c731fcc825c411e22410ba84b0f771f327df08fn/aHeodo
2020-10-16inf_20201016_520.docdoc c71a347dc1b4b4f771859fa46e9bbc78f503861b6af6501a3a1106c154df7830n/aHeodo
2020-10-16ZF98462.docdoc 4726971e191eb1357a218df3bb448de308f7ea68942b55589bfb54b5bdc2e6ben/aHeodo
2020-10-16dat 20201016 30524.docdoc 49e9e1c41573f216db35f7845a6420a41ecd83685078c896d0abc76812d199d0n/aHeodo
2020-10-16INF-CK8923.docdoc 0ef4619de5dcce5e63b32e29c2c6d996546c456c648048b5b5e064970f8bff59n/aHeodo
2020-10-16Doc-3054.docdoc 5a7c0727bce9bda88cfda9cdf642a0d8e636d781c70576f32c983a9f48190bbbn/aHeodo
2020-10-16dat-20201016-U482267.docdoc e070330805e94d235412c1d54a2c6a015bc8732679f996cc34fc03b0f9ae1bceVirustotal results 30.65%Heodo
2020-10-16INF.docdoc dace69c91ff0ea1f883d47c081345a59fd5c76491b9031bc992d1059bcf9bae1n/aHeodo
2020-10-16file 20201016 DVJ8408.docdoc bbb7624d95e01bc02d79430556247cd0111cf701a4d9a51adee33a487c2c30e9n/aHeodo
2020-10-16Attachment 20201016 24203.docdoc 6a089a7df35eeb01c1847b3ea416d218facf9f0a2165aff4b4fbd265b64d20abn/aHeodo
2020-10-16Arc_M77166.docdoc 422ae15c3d269de834714e59a70f5eece8995dfe4197b56641efc28118c3f750Virustotal results 32.26%Heodo
2020-10-1691753 20201016 B187.docdoc 3fcf14a1cfd11e35ec4bccd649ab9e8a238b0f59a045b60ee2bfba0455645727n/aHeodo
2020-10-16BCF8829 9782097.docdoc 96d047eb0f7928f384931d63aeab253a0a7cc2d686b97ec75cc7987d312cfc4en/aHeodo
2020-10-16rep-2020_10_16-M212.docdoc ad29fba32bbfa20e1769369f3a121ce461433fc55e719db4c522855e858262a1n/aHeodo
2020-10-16REP 2020_10_16 EV0198.docdoc a6091d359b405ea83e58000e282b0bd40824c64d36b4546077d786ff19124be1n/aHeodo
2020-10-16Attachments 2020_10_16 OJY17036.docdoc 643b123f7b3a0482098e2bd2b3df2061f3960ba6cdf75946a75a2ab78a836aedn/aHeodo
2020-10-16ARC_20201016_77125.docdoc f9d5124fa2f49422eaacc95990935571a667118bbdebac076de0f178e54e9ce3n/aHeodo
2020-10-16LIST 2020_10_16 F11013.docdoc 594458a8901ca25ac09d46ae9f0fc9a0ecd336da9af62a1a4f46940b80bad38bVirustotal results 46.77%Heodo
2020-10-16Attachments_2020_10_16_7734880.docdoc c85e897e957fa44b137c35917ea9886343ba4b8d4fbc13668515d382ed874555n/aHeodo
2020-10-16Doc_2434.docdoc aabb9ea2a83771f9921f5d074e4cf99314607d95cb6f4b069f4ffbca8b18a8f8n/aHeodo
2020-10-16Mes_XH37262.docdoc 996992e84d7b7738fc92c7128d94ee35099ffb68e829cb534597b46b854ce1beVirustotal results 40.98%Heodo
2020-10-16doc_2020_10_16_N125768.docdoc 9347c2db740afe55d4fcd6c9346d63d399d3456bdfa1f8413ade5b083f64f0eeVirustotal results 40.98%Heodo
2020-10-16mes_2020_10_16_RVE158.docdoc e1fa8ab1bc95406a6ca6938a72337e0b9206e90dcd5517bdcf36c487c5a92bd0Virustotal results 41.94%Heodo
2020-10-16INF-20201016-B2255.docdoc 40c27425399b1c51747bd4ecb6dbea00c530fdfc940f89bebc487d1cc2b810adVirustotal results 41.94%Heodo
2020-10-16Dat_20201016_NTM4801.docdoc 713ac4f03c7fe5fadbe01634828fa46a784a546c3604fa531d1b14efe197f7bdVirustotal results 40.32%Heodo
2020-10-16list DNK302.docdoc f937a97bd6491ef93fb7aaf9ba74ab45293543764c0c47415bc01da8b23e9a70Virustotal results 41.67%Heodo
2020-10-15Untitled 2020_10_16 9199152.docdoc d1fea8b66cd1bf042820cc0c454cdbc6863c24dc54b90afec02b4b0c51394734Virustotal results 39.34%Heodo
2020-10-15Rep_2020_10_16_S6191.docdoc 4be03f6e2d9d995b0c327a02bb5c0dd41b90691a3da98e256f2defb4695ef311Virustotal results 42.62%Heodo
2020-10-15mes-20201016-63201.docdoc e9bb85a4542b6d954e0643d3a11e297ddd82611c26f5b20de5e92bbc0ca77418Virustotal results 38.71%Heodo