URLhaus Database

You are currently viewing the URLhaus database entry for http://ashkansafaei.com/dup-installer/esp/KwdoQJJRr4wagnf/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:728776
URL: http://ashkansafaei.com/dup-installer/esp/KwdoQJJRr4wagnf/
URL Status:Offline
Host: ashkansafaei.com
Date added:2020-10-21 10:46:07 UTC
Last online:2020-10-22 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-21 10:46:11 UTC to abuse{at}fanavaidc[dot]com)
Takedown time:1 day, 6 hours, 15 minutes Poor (down since 2020-10-22 17:01:44 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-22INF-20201022-FX470.docdoc 9f91c3c1109d3edf8276cf3fd48cde191da77831bbafaef50fab8d2ec88d2d51Virustotal results 40.98%Heodo
2020-10-22file-2020_10_22-9853330.docdoc 02c69c0974296daf841d2b66c309e713f6b20bc899ba4e7df6f8632bdcd81ef5n/aHeodo
2020-10-22Rep-YOG719.docdoc de3d0a5afff7c80208ca8febc46e5d54b2ff55a0ef73fe9e8d174f2bc64849deVirustotal results 37.93%Heodo
2020-10-22list-20201022-5744.docdoc 00ad72bb1e58786803aaee6dfa9219f44508be27c7806c618bbd5928d4c3b647n/aHeodo
2020-10-22Arc.docdoc 41b98ae44f02218d483e91575b218e2695bd769beb1fb3bf346e64c6704db4f8Virustotal results 37.93%Heodo
2020-10-223473.docdoc f1e431fd81e02e7fcad767fa5c94f6e6a6091d759579dfbbb73ef2f3f8a2ccc9n/aHeodo
2020-10-22Mes_20201022_219968.docdoc e2b2399627f40dd364d961bfd6869f3b5feec404cee4269c78c65b253635b6a8n/aHeodo
2020-10-2201673H IPH147.docdoc c67df1720ca49472579f6d51dd602773181f6d4a20a3cb3743f0aa63b62a1901n/aHeodo
2020-10-22DAT-2020_10_22-F3413.docdoc 92d7d58cc0d699338982f72a98176aeca530fbab3d7aa016667e89186bb38fd6n/aHeodo
2020-10-22rep 2020_10_22 KVV446035.docdoc 014e852d65d32bb545e5d8df486acf4cb24901e87bbe0a9cc7e2d96890a91efcVirustotal results 35.19%Heodo
2020-10-22FILE 2020_10_22 HO061.docdoc 0f2bcf1cb715e9a6d68742144e1873d1b155918aad4f06fd6f1400c1652e6907n/aHeodo
2020-10-22File-R972703.docdoc 02c384bf4a6d500961e8d9df6f3e28c5dbabeb2f8a8b88980dee90e66642d141n/aHeodo
2020-10-22Inf_20201022_8789.docdoc 4bdeb7f1d2695cf2ca448bfa344a7ea3244f67d6a64d6f2da062aba2c1eefec8n/aHeodo
2020-10-22inf_5519.docdoc 01ff0e16a69fb1f02f3fc51b9910ecf23c3fa2345da49c19b8ecafe7d7c4c5a0n/aHeodo
2020-10-22205DH.docdoc 2de6dc69314e53839a63f18952ff87f879934dc871ce4118d81c036479a70d5dVirustotal results 46.30%Heodo
2020-10-22Untitled-8574977.docdoc 8982d65c66f1a925e76a653c8fcfeba4de1e3786f54f3f991edc5d8fcd508560n/aHeodo
2020-10-22Inf-20201022-4497586.docdoc 44b689851fcb9adcee67652217440f895e2fe8c0bc74820c5634e04640dec29fn/aHeodo
2020-10-22rep_ZU77820.docdoc 8a2f80866837174e4da1cb7a9aff1ad0f70f397222edb54c3031d4019061b91dn/aHeodo
2020-10-22arc_20201022_KM828077.docdoc 051445a7b1b9b0f6f20f835fe8986c838a361380fe4b78f774869d8a77b3a192n/aHeodo
2020-10-22dat-2020_10_22-8186122.docdoc dc236f6e63a7fce44caf63e67c8429c6dcd49cc9471b956e7b634f34fc95678fn/aHeodo
2020-10-22rep QJZ2769.docdoc 7aa11ae6ea89e8c71406781ad7fc5d3079dc2943d3bbb82615eb3df9644d4722n/aHeodo
2020-10-22Attachment_X15376.docdoc c53ffb4639e68722e714385b3296c8ad388a6f6004e2905dd2f7a86f3e2f59d0n/aHeodo
2020-10-22mes_OY06266.docdoc b48740ac3919ddfa5302fcd58e7884c4cd98992629d68a8b1ed03918a6941160n/aHeodo
2020-10-22FILE 20201022 31260.docdoc c138df3717eabe4e3b8f31305c146e55769867a71b4d5963c4938125fa584f2an/aHeodo
2020-10-22arc.docdoc cdbf8419848b3e25541c5b07f18e858bfbf617cb2243f88043155b945098a90an/aHeodo
2020-10-22Doc 20201022 SBU471.docdoc 9a5f7fc561d1559bbe98baf1125219a78c0a7b1eac2b2ddbed4d43a7e4b810b7Virustotal results 51.67%Heodo
2020-10-22FILE-2020_10_22.docdoc 8b05297c048f55387edd8b05e69d2a1240c7906afaebaf370edb5b8124f57043n/aHeodo
2020-10-22Mes 2020_10_22.docdoc 07cd3a4667390ca34555506ffd7ff772ac53776877eba700dd47cecb03cf42d7Virustotal results 52.94%Heodo
2020-10-22INF 20201022 2451.docdoc 4383bf7294fdb4566c7926a8f3c514bc052b8c345d1a69db6bc9b03f502537a8Virustotal results 51.61%Heodo
2020-10-22mes JL612995.docdoc 563326eee20b3251ff62a67fb84eb55b9ff922ccb553db1842e0bda2b2b4df4bVirustotal results 54.72%Heodo
2020-10-22file_FMM3915.docdoc 1866b19498cdc839b6b01746deccdbd4fb5ee2689ea7b5dd49d2af60d6b4d620n/aHeodo
2020-10-22Untitled_2020_10_22.docdoc 1789852f3ddb4d213c5808af892d7c5d8585b400ed67fa5e0ce8e35f4fc293e2n/aHeodo
2020-10-221372645 20201022 XCQ560.docdoc ccda7e2a1aa2d6ecff5cfbf3878c3146d9116ef8a288f4ad6e2763ea9f7c46bdVirustotal results 52.54%Heodo
2020-10-22Attachment-JUP664.docdoc e67a507d777e002eee507ccec06969302b4e54c01e686bb88b3368c97fd09fa6Virustotal results 49.15%Heodo
2020-10-22dat-20201022.docdoc c775ac213184bc72135d373b13a19c873cb4d3823f8c895ddd4c6158886c08fen/aHeodo
2020-10-22Untitled 2020_10_22 BKF714.docdoc b017b8fe117b6169dc386da817f59386321baf8ac06699f5306d2c659c38cc88Virustotal results 50.00%Heodo
2020-10-21Untitled_2020_10_22_8638631.docdoc 79923f0eb061a4a9ab9b4cd495ac19c821db61e54e38f752ada4e128e3c28c40n/aHeodo
2020-10-21Rep-20201022-JXF9876.docdoc 3708d8b3ef74933bf3bc87c45a60ac2f1e4055b0190ffe937756146e9a9ddbbdn/aHeodo
2020-10-21Doc-20201022-3093408.docdoc 917994ccbabf6d6480a31a433491e371a63fc34f4de8fb8fb53fa5dc8fad5bc4Virustotal results 44.26%Heodo
2020-10-21file BY156.docdoc 3a50c2c4c531d62cd92b9c799af0e0deda105f9690655f85e403d1a54cd14416Virustotal results 45.61%Heodo
2020-10-21arc 2020_10_22 2227071.docdoc 11c7dd1537f0a9fb591efd42ec9cfb3a2c4a3025c5e1dca1b5d865ed4c2901e4Virustotal results 43.55%Heodo
2020-10-21mes-20201022-2412.docdoc b0c85dd1a6b5d4bfce3d3c6e43835a5620a90ecd6c05b9ede24d42a7e5aa3f4cVirustotal results 42.62% Heodo
2020-10-21UNTITLED-R661659.docdoc aef5a4970fdebe3d03b26480ed0641733b326d81933701e1f24dda114c45f87bVirustotal results 44.44% Heodo
2020-10-21file_20201021_02115.docdoc 382b1a0f067ecc88abc364985124f68c71a5797947e7036e30539e67a7850666Virustotal results 43.40%Heodo
2020-10-21INF-7408829.docdoc 21082eef7d510f46f7ceb201a98ba645e1b08862d5b41b7877cdd59cf55388e0Virustotal results 41.94%Heodo
2020-10-21UNTITLED_20201021_QB76285.docdoc 924bb2a35b1428b72f47162fd8ed46a271a59c8bc1a34de9ac3bb4dcc7102eeeVirustotal results 45.28% Heodo
2020-10-21REP-2020_10_21-31124.docdoc 81db04b572cdadc14cb46b27ef12139a47d676a3f110edd88cfa1df31b03f5e1n/aHeodo
2020-10-21file CGE6375.docdoc 3faafdedcb7f8728f2193ff7669464d51be04943a9c2d2e3ba497ffb2df39591Virustotal results 45.00%Heodo
2020-10-21LIST-20201021-BB05955.docdoc ee0a2fe5c7b689bc059cf0849b40346779fa307da94bee18344cb200aa5f0315n/aHeodo
2020-10-21Mes 2020_10_21 LWO329840.docdoc 6de36a0ec9634543dd4b2bd99a9da772db767288f7616b6065906b913d08013dVirustotal results 37.10%Heodo
2020-10-21Rep.docdoc 2776ddec53bb1fb2deabfd3bcf61453c5f4f74c077b563b634fe985b43751befn/aHeodo
2020-10-21Dat_2020_10_21_3832.docdoc 9f892449d9dd2097e8a1fffc51fb03215b306bc4cd0d8a1399d936a0cf4477a2n/a Heodo
2020-10-21list_61447.docdoc 1c9f16cb8efe6d27052e6e20471366e7516176926ff0f7c04038156016be4b0dn/aHeodo
2020-10-21DAT_20201021.docdoc d19bc21cc04047bf053386dd8342af94ed7bb6a3db48984d15135a658893331dn/aHeodo
2020-10-21rep_20201021_756.docdoc 6c0ae95f51a00be8dfda2a6cb025bc98ffcabead12c246527001c4f3ba4097e2n/aHeodo
2020-10-21DAT-2020_10_21-1797850.docdoc fecbf907aa2bbebf1d4f27c2953688a215e1a1ce20945018e80302f212bfeacdn/aHeodo
2020-10-21FILE-WCA3113.docdoc 15be5be4afec63a2c86195f7b5733fa641998ca2e269c2059104ece44f9fc883n/aHeodo
2020-10-21mes-LZ989.docdoc 8697e6d0c8627cfe2860549ddb1ae28ca48ab2da445d41bde0c40a99d5bb5fd9n/aHeodo
2020-10-21Inf-2020_10_21-71734.docdoc dffa5e40bfd9c1e7a0eefc7429b9ddc721922033288fdee72b44885fb7f9b2c8Virustotal results 27.87%Heodo
2020-10-21P566-3302.docdoc 3b64c634ba24d9b3223043f7d2e24af6ff33662e62ffa517d6ba3b196c9cd10dn/aHeodo
2020-10-21Inf-2020_10_21-WS60770.docdoc 2ac275871b275fb371fe9e890d2eb274e9df4e169cbf2e00b49542473ecdca1bVirustotal results 29.03%Heodo
2020-10-21Dat_YJ48639.docdoc 646a6255703c69300050aa3e11c0b46de7e6cfb836af92f0490328ab5dd13a7cn/aHeodo
2020-10-21Attachments-2020_10_21-44955.docdoc 7b379e5dd60536e28d876fd99a019dbf070807482a1aa9e2f29ce9957914c93eVirustotal results 32.14%Heodo