URLhaus Database

You are currently viewing the URLhaus database entry for http://almaart.ir/wp-content/swift/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:728225
URL: http://almaart.ir/wp-content/swift/
URL Status:Offline
Host: almaart.ir
Date added:2020-10-21 08:43:03 UTC
Last online:2020-11-16 23:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2020-10-21 08:44:07 UTC to abuse{at}hetzner[dot]com)
Takedown time:26 days, 14 hours, 37 minutes Bad (down since 2020-11-16 23:21:30 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-228MJDXZ1F38O76J.docdoc 838408d31e494e72b257feeec73407a2f778e6ecc47754ae16af0290515dc9fdn/aHeodo
2020-10-22LRZ_100120_KQE_102220.docdoc 238792d4ba0b88404023737e62f4d3768816f979249a65ede0d4ef2cd227f9ban/aHeodo
2020-10-22BAL_GX2567603349ZN.docdoc dc0ef0bf48199eb407cb13b8506149dd5ecb392ee2682edc318b58f5d1dac769Virustotal results 43.33%Heodo
2020-10-2231411060.docdoc 7b692333b18e3df34f52be035c850f4a84d4550477e4d61fd9a3ea999f1004ebVirustotal results 42.62%Heodo
2020-10-22W_C5UZ6FH1COWIB8F.docdoc c9eac6b72f9a7b1750b750639e977312f982799bf1e82ba3c19a8f3c1be46f7bVirustotal results 41.94%Heodo
2020-10-22REP_LC1037558672SO.docdoc 001639b7cc59c0a2584aa6a318a5f5b65adab079e516f81c1053efbd1feac7ccn/aHeodo
2020-10-22QYNTZGR.docdoc c86a957c2fb4eff5d3732be35d7fbd4e05bfd4260dd043df35d27cd6421452dcVirustotal results 41.94%Heodo
2020-10-22BAL_312378122.docdoc c4d6c72ac1f2925c2af592fd65e1bbdfd5327d959321403faf797ec85d658a6fn/aHeodo
2020-10-22INV_UFE_100120_RGZ_102220.docdoc 0b9036fd0fb6b0170883b15323d34e278388c2ee3e9639f5341c44b7cc9f3403Virustotal results 38.89%Heodo
2020-10-2297229301.docdoc cda2a4d05c53cff76ef32a29480efec51818dc2f26b02999980a33f1051d732bVirustotal results 40.32%Heodo
2020-10-2265177968.docdoc eb5559bf1fedae620572950c55a896bf8fcd9a7e7eecf48dae9b468c9f79043fVirustotal results 38.89%Heodo
2020-10-22FILE_093699124445999357865190.docdoc 1b36e24bc21e77ea0265e4ace63c3a01d81857c004778ef463016dcf700eef5bVirustotal results 39.29%Heodo
2020-10-22DOC_807934010851176521450.docdoc a6540f229c21ccaf245ddbce5fea77f216483b5dbd6ca26ed2fa92997426d6bcVirustotal results 41.67%Heodo
2020-10-2292081419.docdoc 27a2f3fc365f4d0624325a33456e529aa149ccc2488338c41ebe8971c1bead0aVirustotal results 57.41%Heodo
2020-10-22I_FJ8J9GV.docdoc 2e45410e293f870df9a2729fd8d3e0aabac8b6aa79365b502a849f90ccb67b67Virustotal results 45.16%Heodo
2020-10-2229460407.docdoc 8a2460eefaab1e7c970a1836dfc66aacd55610790f20f1074e9b30d4eeb71890Virustotal results 48.28%Heodo
2020-10-22FILE_IKX_100120_HVU_102220.docdoc 23433b6ffc030c13d0f346dfb92144b3b2e92a4b5ae3c6e1d4d16e7a3e8ce48bVirustotal results 46.67%Heodo
2020-10-2268456445.docdoc 220e3645890122715ff1e995b86a7d014cfce7e53b2576e862d9c686c7fcf553Virustotal results 46.77%Heodo
2020-10-22DOC_7680364581709007798.docdoc ae5168eab14a38621615d44a35ff6af0052fabf8af421ef2c66f783169b808e8Virustotal results 45.76%Heodo
2020-10-22DOC_64422881.docdoc 7eaf0df9dd2a33ee958384a9472366f58f1c0a204360efea6a7f8b0d298560d0Virustotal results 44.23%Heodo
2020-10-2226538897.docdoc 6bc2d7d48d9f0085333ac13895043ae58da0bf60848ae38c3733a470ab313643Virustotal results 45.16%Heodo
2020-10-22XH5782415212ZY.docdoc 4224abe48af46cd9b10241d21624b0705482576c13400089ddc0e0b9f9ca0714Virustotal results 45.16%Heodo
2020-10-22FILE_25628586.docdoc fc523dab17f69be0ab6b14d0c02e81b083dd380e76e40267fbd6b1a56128c6ccVirustotal results 45.16%Heodo
2020-10-22BAL_34093158.docdoc f97779f33418db6073bc8513c4f3a2e489d37785d0c05f446aacb1a564900e77Virustotal results 45.16%Heodo
2020-10-22BAL_24733051594363.docdoc 4f927bd188b87a47398f9e9fe9bc9d4ba4d56d813e1c3183c1b5818a82696076n/aHeodo
2020-10-22REP_PO_10222020EX.docdoc e342a83dbf0571e76314698c335781b854f2aa0069942dfe0163c3936b71fc63Virustotal results 44.07%Heodo
2020-10-22PSD_PO_10222020EX.docdoc 0962178a6edd34473ee5ac0f0dcd4ebd1ab30286664db2bbe2782ddbc4f7477dn/aHeodo
2020-10-22D_LDW_100120_KJM_102220.docdoc a831fd83cedec11f7394898f70d92d520fbdf5e562fc5299cf83e36ebacd3ffcn/aHeodo
2020-10-22K_0524867823137.docdoc 7ed5bd3871a470e5241772056e455c8274e3c5408f094d038a37c37eb251b4c5n/aHeodo
2020-10-22364928495166082895608.docdoc ed5ed9c256dc24f5aeffc1b9b0e7dba316c5c13a1966b7243770318805567ec9n/aHeodo
2020-10-22ZS_JYC_100120_ZXF_102220.docdoc 922e702ad2045c14b3adf3b4718aaa0fcbe669f9bde3ba42e4fd05404c78747cn/aHeodo
2020-10-22TR7597640566DY.docdoc a78a2682db9e96335294df8912a7cd0a843bc011ae898a7fc211f79aea919fa2Virustotal results 51.61%Heodo
2020-10-22REP_LD0031337544RP.docdoc f00791295a21f7fea2b5a3fc6f14be08b6182388080f8e0666bc87ef8201a362Virustotal results 50.00%Heodo
2020-10-22659812420046759.docdoc da03a9b55b6989c3afc8a859785e254418322eb601e9fcf2ce58da55d9bc7d0bVirustotal results 49.06%Heodo
2020-10-22REP_61182358.docdoc ef3eda0a0ce827c44632df7b430f082bf54965ce02293734e942776bbfd2b1fcn/aHeodo
2020-10-22FILE_1HDZZ485.docdoc 486ec0b6be1825886bf09579218543b12ad5ee75da313f4aefe0f9ad0b027f89Virustotal results 48.00%Heodo
2020-10-22DOC_IE2406141700PR.docdoc 775be0a86b7a5d27adf04eb982cbd8f223f06ae88dc5f6a33a26774d707f7bcbVirustotal results 48.21%Heodo
2020-10-22H_5249301168.docdoc ff7bc571e097d09b02234d6bef98da4468da5c7dfc197e2cb20f1a00eb85f61eVirustotal results 45.90%Heodo
2020-10-22C_778338169419492730575321.docdoc 2622c411514e2ebeb404ff72a11abb8b36da194d0f09dcc95869802a01cf4a20Virustotal results 45.76%Heodo
2020-10-22LMI_PO_10222020EX.docdoc 9fe7e239b00579f78275ddcdb282bf2b112dad4d3a0bbc7f183e800244486bb9Virustotal results 48.00%Heodo
2020-10-22INV_PO_10222020EX.docdoc a1430eef6f6acc51cfc4215bd06407ebfc4f5ac126d9f05c27b3cf359dbb816eVirustotal results 46.55%Heodo
2020-10-22NGX_100120_VFB_102220.docdoc 0b25fca35bd60d2257616a1c1adbf89fefba07969c5a0fc3aa22d3f43ad7c2f4Virustotal results 45.00%Heodo
2020-10-22DOC_LDI_100120_ZBX_102220.docdoc 2ea760060d8e71ffce91d15fe31085ec999ed299d9d13e35dcd0544f8d361b59Virustotal results 43.55%Heodo
2020-10-2220712916.docdoc 9e346d2d5fb28544f1e3ef2c3219b91524626f60f602d04c87ae335086e6da44Virustotal results 41.82%Heodo
2020-10-22BAL_71522112.docdoc 2da1ed7b630f4a606c6c65a41dc9c852015d64174113023eff5a63c64f5eac0dVirustotal results 40.68%Heodo
2020-10-2133870239.docdoc 0ff220d90538db68f12796da43439ff4b8cfa6fe238bf19c8da81c8463f2c4ebVirustotal results 40.00%Heodo
2020-10-21E_PO_10212020EX.docdoc 890535144da2084ee8e9431e6521be9719100cc5bec7679a4d7bdce3763a692cVirustotal results 41.51%Heodo
2020-10-21KT_PO_10212020EX.docdoc b730b36a22a6d6da4bf394e59e3bdb0a0bc32a3adc8fea6f568a58b926a7fdc4n/aHeodo
2020-10-21PO_10212020EX.docdoc 00121862d5519145af1bd9333cebd569ac5843527b581dedcb4505cbd9488c0cVirustotal results 39.62%Heodo
2020-10-21W_CON_100120_VWT_102120.docdoc 45624f05bc4fd26e7a1d0263d25d177e1296ffbc6c459542f3e64709f517f1ddVirustotal results 40.74%Heodo
2020-10-21A5OCZ38DZOY4.docdoc 9ccbbb119271b882bcd53559aa7e60487f0a7ce757b9b4fb1b51b691142dd35eVirustotal results 39.62%Heodo
2020-10-21W_83473334839.docdoc 7acda67964abfefe6dfc1755e75b418e82bae70cd18d73fb0686b0c1910a6320Virustotal results 33.90%Heodo
2020-10-21FILE_224139683641547287688.docdoc 3540a44b54c0f969644d36919294d3a1fefe6bca8742cad1468c56c0c04656ccVirustotal results 30.00%Heodo
2020-10-21N_FQJ_100120_ZWR_102120.docdoc 5633dcdd6cb771b75b85211ece3df0d9190a2e7c2c0b24ebe6a33b8584b8470cn/aHeodo
2020-10-21S_36976156.docdoc 531d1d064f737970146db0b913689fea7de8eaa7553297f5a3691ca633da5380n/aHeodo
2020-10-21FILE_PO_10212020EX.docdoc 638d2c28c891f1eb997a450dbdc2f6f1a83b000d7b617d3000cf2b937275de99Virustotal results 21.67%Heodo
2020-10-21QOO_100120_OPB_102120.docdoc d2a68a5159ea637fa9428d39a0d9469c6c2db0b16b2de2593070c17a0ad49520n/aHeodo
2020-10-21DOC_2AFWGY0ONMNY20.docdoc fddd48d21efdc1d86734b611c1183bfe17b584b835bdb85655c3f9b17cf3e8afn/aHeodo
2020-10-21BAL_48405200212.docdoc 8afe1388f2757e768a8714f2f6543de0464e092f33de3b865b11fa6fcdf38cbfVirustotal results 30.00%Heodo
2020-10-21BAL_GOE_100120_EJO_102120.docdoc 52caf1a070aa97f41dee32688e691efd22f50efe87a8f77d4a36a28281c19136Virustotal results 30.65%Heodo
2020-10-21WS9956843056QH.docdoc fc956fdcb712699a094490c10177653c5df72d2913d775aeb75d9c676f04e31bn/aHeodo
2020-10-21FJ2503454632EF.docdoc ce72abdb386adab53d71d068388c21107144e7d9c1acfa2f898d0ce6d7b2acefn/aHeodo
2020-10-21BAL_C3QNW6D.docdoc 7fd4239f8f25bb0287746f554cbdffc534ced3346467f2a882722772a9d44d34n/aHeodo
2020-10-21DOC_B6M2R21LQMZ.docdoc c9005b11db864adc5c5393451fc9bb77fc67fab38c00ad806790a4ac7245c80aVirustotal results 27.42%Heodo
2020-10-21DOC_JDP_100120_JKD_102120.docdoc 5e140e968dc7d972b9799ab18a96cc056bf78fe1d5340c72ba9bd4486ed71d60Virustotal results 32.08%Heodo
2020-10-21BAL_PO_10212020EX.docdoc 552e98ed18af24b89d6cd937f335ee85312e919ad186a6e0d1bb5839fdc96167n/aHeodo
2020-10-21FILE_NI7081439131HV.docdoc 58c9ea112ea67d4311a63c0cf87b4a97745c1e0f28e1a8a013047349d7d5bae4n/aHeodo
2020-10-21MJO8OPRR4DVI7G0F.docdoc 1865098fcd518717e48cae856ca1cb02c85a12a37eac4934fe3ec1a7ac2040acVirustotal results 30.77%Heodo
2020-10-21LF9AAB7VX.docdoc 71c25e3712abdd3d405b0a43f2819fb51d16dd9bf3c5fd5c9ecd04b028240533Virustotal results 47.54%Heodo