URLhaus Database

You are currently viewing the URLhaus database entry for https://ahmadifoundation.com/wp-content/VbikDMHH91qaVvjurNtrPpR7QI7Oa3RmTCJkh/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:753482
URL: https://ahmadifoundation.com/wp-content/VbikDMHH91qaVvjurNtrPpR7QI7Oa3RmTCJkh/
URL Status:Offline
Host: ahmadifoundation.com
Date added:2020-10-26 21:48:09 UTC
Last online:2020-11-05 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-26 21:50:26 UTC to abuse{at}godaddy[dot]com)
Takedown time:9 days, 16 hours, 53 minutes Bad (down since 2020-11-05 14:43:38 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-28inf_1277110565227.docdoc b1de6df6c2b5ac15a030ee3b606165a808dd7fb78a4d22a267e304c2edad0fc1Virustotal results 29.03%Heodo
2020-10-28Untitled_BGX_100120_SSS_102820.docdoc 86cdca7c9ac7ecd5defa0fb8c374cd773aad5df00d6678e7f5addc0268a097e3Virustotal results 28.57%Heodo
2020-10-28GTY_49324974.docdoc b10f4a4b46a88d8bd137cb2d76eb827b89f16acd953490d55b6161aa0e99b7aaVirustotal results 28.85%Heodo
2020-10-28List_9XYG9DQG717M1SY.docdoc 087c51a90ce1975819e515fd65ce7583219cb9a7eecfe2c20191cf2d1196eac9Virustotal results 29.03%Heodo
2020-10-28Z3BJAZII.docdoc f605f4309f21e3797ba0f7b9440dbd45fb913a363be8a0e774040e92e05418fdVirustotal results 35.48%Heodo
2020-10-28file_AMT_100120_FQK_102820.docdoc a74bd9bb59caf16dcb34bc909644f9b39712ff04e230af2fd8f4838af00e85f8Virustotal results 36.07%Heodo
2020-10-28UNTITLED_489270614557469.docdoc 553f438bc1486ee99b764c15bf3caa7e8fc1b49c48ace061dbd07220a7e56eb7Virustotal results 30.16%Heodo
2020-10-28list_88624186.docdoc a04a9caeaaab58a3e7ba0ca98fe001e59df299a8f34f3c86994128170c74b5ffVirustotal results 30.65%Heodo
2020-10-28ZWJ_100120_WKI_102820.docdoc 1371c2d34a1e3ad727d60804b08ef021e7568a841acc95ce5cf1773149657ea7Virustotal results 29.03%Heodo
2020-10-28File_JB3276332075ZL.docdoc 3120df1e06f01820a9e9aaf64e33f5ff4b4e39647ef7552f6f98535a9c17e68dVirustotal results 31.48%Heodo
2020-10-28List_XZ9374449334YB.docdoc 3a183e3b2c742a3307c322a6e8e75c3741b4b35e456bacd95fead4ceb74fcf12Virustotal results 31.25%Heodo
2020-10-28INF_BVEXY0KPVWA.docdoc f3caca68ae462481d5bac777996fa838a0dce95c7eb782713404fa5e3712a2abVirustotal results 28.30%Heodo
2020-10-28LIST_68655310.docdoc e774de558ab588e2aefc6661f8ddf20b6a02ef8a6e2c4504a0b03e27d9c19df3Virustotal results 27.78%Heodo
2020-10-28ARC_JKV_100120_BNW_102820.docdoc a9dab3a7ee17c4e9ebd90271c21ba1f27a69094147e4f37b14e8b584ef3bf74cVirustotal results 27.78%Heodo
2020-10-28Inf_IP7406097926XN.docdoc bc8fc695c99b9f0fca7e18ca67adb66451f6b6b408ba6767bd86db835466f292Virustotal results 24.19%Heodo
2020-10-28List_WQ2206327958FY.docdoc 43159cae0059060554e0c283a577d48c0b825e44856b3afcf24ac2f6ef831334Virustotal results 28.30%Heodo
2020-10-28arc_NE0540827760TS.docdoc 09a4d7f3bbc95dc5b795441093b4f44943d384f0b9087a71ddaf1b55eda16ec6Virustotal results 26.67%Heodo
2020-10-2805229472.docdoc 42437dded751c17d78164701713e5a181726b5fa47472556a1eaede5aac86c17n/aHeodo
2020-10-28Arc_JYW_100120_FHV_102820.docdoc 2474770e88e989b790cd585fe0e234558dc6ce20bc8ddaf5a4e1f5c0733bc09dVirustotal results 22.22%Heodo
2020-10-28REP_CQO_100120_EQF_102820.docdoc 4e5d8413edd514941f72294d90df25c1f1ea77bc15de00e104dd0a9242c1085bVirustotal results 25.93%Heodo
2020-10-28List_34849617.docdoc 4d2065b87b5e9b6d1f4bc0bb53b3244c9d61eb3fd8c95d64757935758065ff29Virustotal results 28.30%Heodo
2020-10-28UNTITLED_PO_10282020EX.docdoc 5b5139dd7a1ffc7d31ef829c6f23afb23a459dc8aa0a8f900970875ecd254e39n/aHeodo
2020-10-27REP_S64LG1HGFZCK16H.docdoc 9efa8997bf4ffcc29b996b1a0dd651e92bacb8e79143a0c008cf1eb4a8b41cbdVirustotal results 24.53%Heodo
2020-10-27file_XJ7HQGKHPR.docdoc bab42b7ee6d4b385f15274f7900f7f2a4d5d68d7f527d20b0bfac926752f9b3an/aHeodo
2020-10-27FILE_OOZPHEE9SKG4X75B.docdoc 7179df59ef9df561ef65cd5b7036f02fa09b49c0abd229b6a5c4ea270c49d318Virustotal results 19.05%Heodo
2020-10-27INF_40658740.docdoc 0543f2a79034d979e274c82c77ba11ec29704960d1f21ce51dbb3d9982ba832en/aHeodo
2020-10-27Attachment_G5U1LYF8D8.docdoc cf37bc70aa99bf4d8ac44a3ded10f1d82deac713ad88ca9aa9f6f550ccf52f2cn/aHeodo
2020-10-27DOC_03482455.docdoc d2beeaf853221bea427e4b8e203deac4d7352b9c7f220804331709fc18bf0899Virustotal results 19.67%Heodo
2020-10-27List_OB7YC8WKWWSD3T66.docdoc 7d30568082d982dc387555d54ac483b20abaa0a5b97e653ad6f5374bd8ed3d45n/aHeodo
2020-10-27DOC_PO_10282020EX.docdoc a260910db0747bfef736fe491c9762f6651e7031b77914ab19fad50c63ef70fbVirustotal results 22.22%Heodo
2020-10-27INF_298810199535364664731.docdoc adaa6cfe6f38da277ca461fdc4d6c81d643d1c91babe46515180b90cd041fc15Virustotal results 19.67%Heodo
2020-10-27FILE_06927356.docdoc c2f4e4bcb5877f6df3f12405fb82993d59d41dc9728a65f971f7ee3817e8088bVirustotal results 21.82%Heodo
2020-10-27REP_49668762.docdoc 18d5538b99af884d1bb696f03df08bb7ab04370724b050f1dd643690430da470Virustotal results 21.15% Heodo
2020-10-27Inf_HKS_100120_YXX_102720.docdoc c648fbdb326aab7ad03eb32dbe84421e283c66f1f7d21f8cf8a392332669b8faVirustotal results 44.44%Heodo
2020-10-27REP_10646082.docdoc 31b23d9a8a18a659b89c36b6b116aa8f28579df18ff6d5f81e557ed41c1cc271Virustotal results 47.46% Heodo
2020-10-27DOC_399731502.docdoc ac38635cf95cd57e39ddffbf34b5723f519de18d171802bfef7ad76a439a59d6Virustotal results 44.44% Heodo
2020-10-27FILE_22762048810.docdoc f7496ff4899b8d1febae957c9f03aaaf262609fb62b4588471fd7b15dc107d1eVirustotal results 47.46%Heodo
2020-10-27DOC_IL4842970394YV.docdoc 69c66278b808dbebfd0dbcd3869f502a33b285251e49e1fa7f9fb6fc7deff266Virustotal results 50.00%Heodo
2020-10-27dat_MGZ_100120_LRK_102720.docdoc 36f438d9f983ff13b0d9cd592093dc78f38fb115c966eefa01db80b01bbda192Virustotal results 44.44%Heodo
2020-10-27mes_PO_10272020EX.docdoc 3a6999a4a9e86c13cc7384d88715d7e2ba2f571b311c29c076b654a9d15aeb1fVirustotal results 46.55%Heodo
2020-10-2700157509.docdoc e0d8252260d1c59a8cb22f97dce540a7f5272ed1052a3edbc71b265e175151aeVirustotal results 45.00%Heodo
2020-10-27mes_1I7TR3N.docdoc 1058744de415e325716999c39aa1a4e970532d196f5aca783d1628feacc20626Virustotal results 45.16%Heodo
2020-10-27FILE_55271639.docdoc e2e08b8d13ee2f3b74b54ec4de5892a941e2a274e8c0117d86a7dda62c0dcdd8Virustotal results 45.16%Heodo
2020-10-27arc_KMW_100120_QMP_102720.docdoc 0d324b35e9e1354566e22c431eb9ee5f36c4ade28ed5acf57bbda93ff7c8c1edn/aHeodo
2020-10-27REP_BFRLTDL9C5ZP95J.docdoc 09244c423c3262527e5deda11a9ade5df8ec453d879c5fb6e6cb2afd3121ffccn/aHeodo
2020-10-27Attachment_79306539.docdoc 1a085300939d5afedf7de966fc70593f8abdaefad80639cc2153cb93450e1014Virustotal results 40.74%Heodo
2020-10-27MES_362582820981581341257.docdoc a0ef9fcda78c9700644ecd5b7f1088a2d3d69402f143c6d597d163ec8ec8f956Virustotal results 43.55%Heodo
2020-10-27Attachments_PP6599707511JS.docdoc e9ed0e2383e743b2c64d4c7a9dfa27ef8352ca6b03cbc8b606f72368c42c0196Virustotal results 41.27%Heodo
2020-10-27inf_XB6539355828KU.docdoc 6fa6e20d7ec107f63284a312ab290e80286e32c497a623e5002f111ce34dee75n/aHeodo
2020-10-27ARC_84971165.docdoc 0ffd78abcbef3c3c9db246bde76dbdb1adfd04048d57b817b5a0036324136d97n/aHeodo
2020-10-27CDL_100120_NEL_102720.docdoc 39b408479c9b71f2255dbb68b69c160ba53dde08fdcf127f2ca2598fefa640ebVirustotal results 36.67%Heodo
2020-10-27mes_NCE_100120_DQB_102720.docdoc 7c1d4014d5f038bcae31a98765f1206deb293bdca40c8776d00f3ff5c1831e84n/aHeodo
2020-10-27PO0643484004LY.docdoc 901b7928cfb286b90c7bd949481eeb663937cedfe0dc36b49fd069dd437717c3n/aHeodo
2020-10-27Attachments_5HNWV7QX24IROB.docdoc fc6174141ba2cab4d8889d6e2597578251658388b14ee0c3dc62aaaf6a379df0n/aHeodo
2020-10-27arc_OG6ARSY0GB.docdoc 71c73b1d88d50e2982f5f633cf03be4da68db518fcf131f2f22787aa0cd54650Virustotal results 34.48%Heodo
2020-10-27ARC_18722228.docdoc 63b071aca88485607c94bfbc6f4afaf604a04cf316431cc9375016c853cb363an/aHeodo
2020-10-27Dat_04094661.docdoc 56c2cef0eede6803ac93b690989ddfe5728039f73ee3f2667128ff8812054a6an/aHeodo
2020-10-27OU9803187336WN.docdoc 738cae5e8c5b127eceb61ae86ded059ef5abab3d6c02649cb756cdbaa3470764Virustotal results 35.00%Heodo
2020-10-27Dat_XVP_100120_KCK_102720.docdoc d0b2630b796df661789e540ba6ca88de07b43f58bebf9f911c9985b4c4cdd0a0Virustotal results 34.43%Heodo
2020-10-27Inf_PO_10272020EX.docdoc 0806b4f4bc6745b9b67d121826f3f542a390abaea7666810393645f17136d396Virustotal results 33.33%Heodo
2020-10-27FILE_YR3961885623XI.docdoc 6ae44c02d854d6043ad1e9746bf823e5a573326cd4e5f4612126b65196fdc615Virustotal results 34.55%Heodo
2020-10-27W_BC7I0PB.docdoc 4130fe60dbde122aacced0f6f232a6b559d7eda06ed96bf5980d4a9d88151f94Virustotal results 35.85%Heodo
2020-10-27FVQ_3EHWIT62AXA.docdoc 7d2f13626cd91555d5f9cbdef3a3c17f832e03fc8dc38afb61822dfa3aa37649Virustotal results 31.75%Heodo
2020-10-27Mes_IWU_100120_GUW_102720.docdoc 2c1771765e8e21c4067b414eff7986d87694fe6fcddb8f1d708213de0ae9f827Virustotal results 32.26%Heodo
2020-10-27INF_33588605.docdoc 4d1c9d926e790dcba4a18230f0ef11f5550dccea472300ac8d5cedb064e6e573Virustotal results 38.46%Heodo
2020-10-27LIST_IPD_100120_CMB_102720.docdoc e39636db1ca1665b04dc3b74b7598403e6152847cc90bb4472aa13bc93e70b62n/aHeodo
2020-10-27FILE_8868082467739573471.docdoc 4d55ddffa3d513e115000683cfa2fb1e2b738298d58e3b6dfaa8f66feb1351dcn/aHeodo
2020-10-27file_R6Q3HFWLDE7PX.docdoc d1de453bc087ac81f05655499cedbd7dcd688a6130ec110a1d743fe8939336b0Virustotal results 35.19%Heodo
2020-10-27Inf_EV2683194969YC.docdoc 3d3018783ee56f8fe4b38d613ee7b96aa6424bdf12d3bd7c3dc618c6bb38dcdan/aHeodo
2020-10-27UNTITLED_AE1175540003ZJ.docdoc 7691240314f7a2c8bb746a2d3177cd6854f21ffe7ce02228138b0c64a3346915Virustotal results 32.26%Heodo
2020-10-27rep_3792826853495819626348941.docdoc 24766703c0713e30ba3b3667a3e220f3d909b86f5566ca06a66f97a7f181715cVirustotal results 33.33%Heodo
2020-10-27XMK_100120_UBW_102720.docdoc e70092c224aca77fa290ebc4b46f7d3c49f3cb38294f8707b75bcffd1601fce4n/aHeodo
2020-10-27FILE_BR2443211296YP.docdoc 3f2106dcc33f45af5c7a6c178004672bf20d7a8166190570887e9f5c02c774efn/aHeodo
2020-10-27REP_PO_10272020EX.docdoc 0bce545acd6f37453246cb2ce9c6ef9e85b7c6c02676fed1a2bfd42934be9c03Virustotal results 40.74%Heodo
2020-10-27PAM_100120_JMW_102720.docdoc d8a7b96945c681d9842b604e3ed507134aebfdea87bf2151fb72edbf2fcb9d6dn/aHeodo
2020-10-2748961613916.docdoc 73d86e2272fd2354897cf0ffea6273f56a56597f4a57587b435ac22f672208d0Virustotal results 40.00%Heodo
2020-10-27BAL_38424122.docdoc 402bcaa8f052d8cf5d7ebef47283ea79c68151fa78bfad0611e97530423d3b73Virustotal results 41.27%Heodo
2020-10-27REP_TXM_100120_UIY_102720.docdoc de751e95178762a5c0bbc3384a4b95002c87865e545df412b1334b52564fbb59Virustotal results 41.51%Heodo
2020-10-27BAL_PO_10272020EX.docdoc 6f039a653dd4edef8c16347acc26f36a9b283bdeb9c8fb6ce48faabd9f67f5e2Virustotal results 43.14%Heodo
2020-10-27FILE_C7MP3KC2WCRGDXG.docdoc 59b0501c2684432b625387c70e6ba5db3ebd84b77d24b11c744db3b3c48d3561Virustotal results 38.89%Heodo
2020-10-27DOC_YGV_100120_FDM_102720.docdoc bf04be287615bd3af69a5f056b49c8022660833f42e354c39c808061f1b2b7fcVirustotal results 38.89%Heodo
2020-10-27RR2603724759AU.docdoc 76afe2552588f38f318120b1778e8d66eff5ccef7e49ea2fa3c650aa573149aeVirustotal results 39.62%Heodo
2020-10-27QPO_38606012212349329.docdoc e8caccd0e30b68aa3a338537f9164503821ec1089daf287db3acf97ec74e59f3Virustotal results 38.10%Heodo
2020-10-27FILE_I0SYE0QFXJU548.docdoc 175f70e42ab1da776d956a78b3813c139a60bc27bcc82d52b292184499905fb4Virustotal results 38.46%Heodo
2020-10-27INV_LVZ_100120_HJH_102720.docdoc ebfca25ac5a8d600e73ba0523100c430e2b6072247e42a91c12ba2e1d718c4f4Virustotal results 39.62%Heodo
2020-10-27DOC_VZN_100120_XTT_102720.docdoc 9c6f43dcc3bd1778ac7082fcd98251f2ebbc67b02f5d6e41ab97c2e8924a4e17Virustotal results 38.89%Heodo
2020-10-27Z0CX5GLVF.docdoc 98bdd88b97a27caa11e39dd7dee4d2e510ba8b38e1e7e13e5efb7ca2fd538679Virustotal results 39.62%Heodo
2020-10-27INV_81290085.docdoc 284ca49487afcbd5dc06144fd8a4b4ebaf8abc174a9c0c609a5073f4925ec19eVirustotal results 39.62%Heodo
2020-10-27BAL_PO_10272020EX.docdoc 9a5ff2d10eb6a49a82083f2f52e3daba519399794197d526ab76a68dd6849e69Virustotal results 39.62%Heodo
2020-10-2735662244.docdoc 0779c9b1561c39e278910257e807a233b3545da40dd442a26906c0ffa6e199fbVirustotal results 50.85%Heodo
2020-10-27DOC_HF2944479586PX.docdoc ada5eecfbbe470ecc1b1c434323530f141ac930ee6febd5c6e578dda073ccbecVirustotal results 38.89%Heodo
2020-10-27BAL_MQ9521425823HM.docdoc ed7748045b321a2e819fdb922995edf21e8b02996994aaebf64df519509d669eVirustotal results 37.74%Heodo
2020-10-26FILE_IY4881713203OZ.docdoc cb03912b61593521af131c3ce32772bf24f99a30cda9985f1f8581ba6be8c285Virustotal results 39.62%Heodo
2020-10-26BAL_97859863289870957107.docdoc abfcd6342895929d5baf093e13140d0b37f8e97da0253480aa94ba5e78bcd1e1Virustotal results 37.04%Heodo
2020-10-26REP_8267235006089447433993.docdoc c8ec858c06478f6261eadea96e71a453f5176eb9b07c801ad5d84bde75ccda10Virustotal results 37.04% Heodo
2020-10-26PO_10272020EX.docdoc 1876ecab19ee6802dac2e8774dfd625dcb2d4e00fb61f446caeabd26db1405a4Virustotal results 37.04%Heodo
2020-10-26INV_75937121167.docdoc a98778c044d5a8ea62b40e8a5146d8e49dad781ad7c87d3c4d8a0931a1232ee7Virustotal results 42.00%Heodo
2020-10-26R_25565062.docdoc 395aa1cb5a6a567708e1a0d53eb1c21eeaf8973a53bf52baa2bbfb968525c351n/aHeodo
2020-10-26BAL_PO_10272020EX.docdoc cc341e2451041bcd6d9dedc66abe480900021abc803788e2d56b701edee7e044n/aHeodo