URLhaus Database

You are currently viewing the URLhaus database entry for https://mashhadkabinet.ir/wp-admin/attachments/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	725706
URL:	https://mashhadkabinet.ir/wp-admin/attachments/
URL Status:	Offline
Host:	mashhadkabinet.ir
Date added:	2020-10-20 21:46:08 UTC
Last online:	2020-10-21 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-10-20 21:48:05 UTC to abuse{at}hetzner[dot]com)
Takedown time:	20 hours, 23 minutes (down since 2020-10-21 18:11:08 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-21	GDT_CCT_100120_ZYB_102120.doc	doc	202d0af84b5b68cf2a54ce8f9afa3befc8f994b934e380cbc1dab9dfdbd11bcc	30.65%	Heodo
2020-10-21	2IOAAOFR.doc	doc	29cb3ec3beb6ca2f741754847b581ceff558616ae86bd67e8487abced4417160	n/a	Heodo
2020-10-21	DOC_CRJ_100120_MSS_102120.doc	doc	7949b4d0968d00fc2389b53de17b02be73ad571b4c985f95e0105cd6b39bbc33	26.23%	Heodo
2020-10-21	X_10035426.doc	doc	f168ef97aa8cb399a6f327fb6a301f7ae5e115c7ed1ad5c8b59819663bebd7e2	n/a	Heodo
2020-10-21	H_41673716.doc	doc	35888d0adafd3483ecb0eb4ed74e6d662c462fb957261c83b02f6b21c48731eb	22.03%	Heodo
2020-10-21	RFT_100120_GOO_102120.doc	doc	27a0f68aaff44c4e5adb18dd89c4cb3b92fa305b84cd9bdfd76c9a5d8dbf58f1	24.53%	Heodo
2020-10-21	WJ9822087656FU.doc	doc	abd94a7b58ada746b22d9d6a4ef2b3847deda4d5569325459951c0c7f3b2a355	33.96%	Heodo
2020-10-21	KOEK_PO_10212020EX.doc	doc	cdf08877df82aef07518f10414f3dc1ec0bca6a662ee6191b7c76105bb51a0b1	31.15%	Heodo
2020-10-21	DOC_VH5621479478FO.doc	doc	fc956fdcb712699a094490c10177653c5df72d2913d775aeb75d9c676f04e31b	n/a	Heodo
2020-10-21	C_MQV_100120_KRS_102120.doc	doc	f762fa2e19b39567f9550fec095e6bf1f7655fee2bfa11190f293736f74f57b5	n/a	Heodo
2020-10-21	27726731.doc	doc	e5775f86f29169ccf949e3eaab8795640598966ef0b75b159805360e853182d3	29.03%	Heodo
2020-10-21	REP_55001133.doc	doc	f93730c27fbb9a6c6cc64e5f4d9127854a0c11d165e699569dd0828ebee3ec4b	n/a	Heodo
2020-10-21	BAL_CYS_100120_XPV_102120.doc	doc	4a8ef7b61c8dea7745464f96999dcc37abec856e23e55bc6eaa7ef374a6c1878	32.08%	Heodo
2020-10-21	FILE_031900540.doc	doc	ca0fddb21291a2fc5f13391576cdc877b2748934257b1294142481e3a734cd47	n/a	Heodo
2020-10-21	KA9154444042VI.doc	doc	a3b816362471dd5502a7f46f5dc0bdab4ecfff681f06c9aab0d9e227ec535fae	n/a	Heodo
2020-10-21	SRYO_MA8GOLEVH20AM8.doc	doc	a2ff9d64e27e7cf089d0bfa4d9bae935db0cc9881bf6767dd311ccf653fe64b6	n/a	Heodo
2020-10-21	FILE_G5BP5WUGYM.doc	doc	442199396365c09418756cb80ff20ce46129c4a0cc2cfc6dabf5e8bb2cc42437	n/a	Heodo
2020-10-21	A_DYZ_100120_ZEX_102120.doc	doc	28d5bdccce4b904f522a8aeda9f16fd87ea3831634ef34c5a660e3ae21a0229f	50.82%	Heodo
2020-10-21	INV_90995364158770233.doc	doc	44ba6008506a7673feb84fe893ea958153dae8b82def146db7f497d3537bfbce	50.00%	Heodo
2020-10-21	INV_DK9162036283AV.doc	doc	3f28d23c6650e22fa69d824efc5153fd46fecbbdbd236ae7b4ee15bae4ef556d	49.06%	Heodo
2020-10-21	FILE_CP2602213082EE.doc	doc	70a369ce3943f743ffc7740c3c003a5f00705abf0505641d7d193d5cf79b8dc5	50.00%	Heodo
2020-10-21	BFK_100120_XCK_102120.doc	doc	e564dc4f4b2a32c2781479babdb648f9236aabef71d80dcc74011f449a873c7a	49.06%	Heodo
2020-10-21	DOC_UX4W2HJ082KXURZ.doc	doc	39a7385578321db9d477ff19e7087b03d3c57076ceca16fc2af049c087f72343	38.98%	Heodo
2020-10-21	FMFX_ITD_100120_OHJ_102120.doc	doc	4d674a6143e1a896967213d335f2d95bdcee16aa83b718071ad004c674e458c5	48.33%	Heodo
2020-10-21	INV_TKH_100120_DHW_102120.doc	doc	db6c107a7034688cf9fd3a069d7941ee4b8f606b102e3cb24e1dcab621a87304	n/a	Heodo
2020-10-21	INV_19062704904410350.doc	doc	fe1e5c66a4990cc515e5925db68def9f29f1893d9c6d3fa6b47e05f5c5f618dd	46.55%	Heodo
2020-10-21	13234009.doc	doc	d755c5281821fb9a1af024b9c6bd977a7da4c3aabe8999703525ece1767fdd13	50.00%	Heodo
2020-10-21	KE292M9.doc	doc	d0337f9e3f826764678ff11fd7e2b49a84db21bd33615cd0cc63e6654c502d9a	46.55%	Heodo
2020-10-21	H_WL6693821918GA.doc	doc	a6bddd637e4236272a008fab76c75939a56c92161692387612bde0123e8b26e1	n/a	Heodo
2020-10-21	SBX_100120_LMI_102120.doc	doc	8ea38c51f8926ffa9ee61be53fc7ee3e4f968f2c7683bbc3b9320d14a2443067	42.31%	Heodo
2020-10-21	RB5249977793SJ.doc	doc	614bbd10017422522d46a734ed08de066834e449d5802b036b0231a39b0c043c	49.06%	Heodo
2020-10-21	BAL_H28VLWBEVAF662.doc	doc	8db61b871aac2949105b26c1ca2a22579e3b3d6e99aab20279c3bbea5dc87b8b	43.55%	Heodo
2020-10-21	W_69944653.doc	doc	2465db836fb8ce33c72ba9c55528a00a290b770a2bb977ecaed539b453c1211b	40.38%	Heodo
2020-10-21	UO_JSO_100120_MIE_102120.doc	doc	7b59e4314d2b1bbefd045815d54be5bd19315bcd13e3de6816a36bfd0930e032	39.62%	Heodo
2020-10-21	REP_NZU_100120_GGF_102120.doc	doc	e3b58bc04eecbb1fb55ace8390236594852afd2f07faf2b8bb7c84dec2fb1da1	n/a	Heodo
2020-10-21	BAL_CHV_100120_UGI_102120.doc	doc	cd0c0ee5979ebfa7ed73a40ee1f879f2b65cc57ed38619fc4f7e186c15e54128	38.89%	Heodo
2020-10-20	FILE_49351708.doc	doc	a65e7b5a4d99582f1ec1c608eea4d21fd29d1c23bed2b8dd8ec8062f23d90e40	39.34%	Heodo
2020-10-20	D_69093365.doc	doc	8cadf5fc31643a1acc9b991d110e039e7e0520e94783c61d9caf5ccb2481915e	44.64%	Heodo