URLhaus Database

You are currently viewing the URLhaus database entry for https://herzkadeh.ir/old/hKhl/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:764451
URL: https://herzkadeh.ir/old/hKhl/
URL Status:Offline
Host: herzkadeh.ir
Date added:2020-10-29 09:10:06 UTC
Last online:2021-01-26 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-29 09:12:04 UTC to ripe-abuse{at}0-1[dot]ir)
Takedown time:2 months, 29 days, 1 hours, 57 minutes Bad (down since 2021-01-26 11:09:17 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-31ARC_PO_10312020EX.docdoc 858159295a83a85ce85a8e18a4398873eb02dfa32012325f963ab2de57c8c0aaVirustotal results 56.25%Heodo
2020-10-31R_EDE_100120_JLI_103120.docdoc e75cb7602be15e3a44e77aacc557cb5ebaa487b2be7b8fce7f59a4e2c18e8794Virustotal results 57.81%Heodo
2020-10-31DOC_FA0203129480EV.docdoc cdb79e413c85c2fa4724ac77b430ab5a6a0c770f7f6a640fec00d946a93f5e09Virustotal results 53.12%Heodo
2020-10-31MES_YEK_100120_OHT_103120.docdoc 780ffddf2dd1fac9d6fc091c707c84751ea2180a253431c3b4700989bd3fc21cVirustotal results 54.84%Heodo
2020-10-31dat_35494195.docdoc 0ab261e8e21a48f3423dbe6d18512f5e2afbd09fd31af5d5c45d2814c2c709afVirustotal results 53.12%Heodo
2020-10-31doc_28192737.docdoc 289f8b4babc8f697bcbc3125ded9cfddefa96b986243538034beda8361d69a26Virustotal results 26.23%Heodo
2020-10-318927538171785.docdoc 0ff00e35cca1451486afc9af5f9ec922a120201c1ad664d440e5511c370bef3cVirustotal results 27.42%Heodo
2020-10-31LIST_NBK_100120_IVW_103120.docdoc 6b199ce53786e4647258111798d4a9f14df4220415ed15639338c5860d98695aVirustotal results 53.12%Heodo
2020-10-31C_24225240118484704921.docdoc b104e5360f8f17268449e97ba36749b921cf7cdd797fdb8a28ffe20d8d9c59e4Virustotal results 54.69%Heodo
2020-10-31MES_ATI_100120_HKB_103120.docdoc 12ef90a776bc1f4ae05962313e6b3711ec5211f8ba450527585d2da80c2d03b5Virustotal results 51.61%Heodo
2020-10-31G_643501154851592.docdoc 41c1aacf38f4e4b127131377357db324852107ff972122bb57ec3ba8f894a7bdVirustotal results 53.12%Heodo
2020-10-31ARC_CXE_100120_MTQ_103120.docdoc 60e4646ea5fbe72e1daf6f3d015b37205898569b303dcfc791e0d02a754c9bf1Virustotal results 53.97%Heodo
2020-10-31arc_IAB5NHHGGZM.docdoc 4946591b7b99f626dafd98d333aa5c669ce9d3772e5ff1dc85e5d1cec281db99Virustotal results 26.98%Heodo
2020-10-31doc_PO_10312020EX.docdoc 26b30e58ed2342d042367ba0487873439d5c9c28920ddd000bb94b3eac79d94dVirustotal results 54.69%Heodo
2020-10-30Attachment_RQ7450307658DE.docdoc 9918cf9fc52a9d19fe483b17d847fc7fa23d4fe150c5df91abb94e61e932cf1cVirustotal results 53.12%Heodo
2020-10-30997462374173078090.docdoc 6a8e52f8792ecae215c55e1f73b2895cc0b304ee39db3908356b71ac38722b0cVirustotal results 55.56%Heodo
2020-10-30Arc_76Y7YE89.docdoc 49931e499615a1dc36cda98151d3c406413f1c47504b38f2bb658631313c273fVirustotal results 54.69%Heodo
2020-10-30Attachment_16952548.docdoc 61aa32a570716ce0d7c579186cd0cc291148bdeb623f0709c3a0b0b3f3d4d384Virustotal results 23.44%Heodo
2020-10-30File_01951121.docdoc e7208f8038adb200865a58fe3b9a71ec7389e5f3a21c4003790393a479917adfVirustotal results 53.12%Heodo
2020-10-30PQEDEE2MISUKJ6.docdoc 20a348277c58a86bab1a218fd2dc97ea61811eeca81bbab000bf5f0afa562b36Virustotal results 51.61%Heodo
2020-10-3064062773.docdoc 78bd1c6e03aab90ba0350183bb9aba52148938c5c4384fb2695473c6540e139aVirustotal results 23.44%Heodo
2020-10-30dat_PO_10312020EX.docdoc fee7c3d92d847b227a0310837bdd5bd774db43c7793d9e83c31405a79a35b9cbVirustotal results 33.33%Heodo
2020-10-30Dat_RX1787199335VF.docdoc 0df4e83145becd16b2074bb93563596b613e43856bbd653b98a316f5d92ab817Virustotal results 23.44%Heodo
2020-10-30arc_PO_10302020EX.docdoc 75ca20340c21dbd94ba3ec4c8eeb14f3a78e68a955701cbdc754c29163674a3aVirustotal results 33.87%Heodo
2020-10-30LIST_PO_10302020EX.docdoc 6263b8ea9431ac48bf402098737c84a9cf49c01488319875132ef15ef7d5c6e7Virustotal results 34.38%Heodo
2020-10-30File_SB4108897518PE.docdoc 6270902fc810af901f9685bb0b3251f8cf96445514e9bd288b51d51156701665Virustotal results 25.40%Heodo
2020-10-30mes_765979468544324401.docdoc 5fc665986d6e0e5763554e4d9f9db9ccc61b2c20fc408e955d286a458f622f48Virustotal results 47.62%Heodo
2020-10-30Rep_746685685.docdoc b0f3557b0ac948f3137f3cc926504dbe28038ea00d282c81a33fd46b93af1c25n/aHeodo
2020-10-30Untitled_90374673.docdoc e2b96a7780f1274b8e106466239f4c6b39c17c0b6dbf75223abe4849c04324afVirustotal results 44.44%Heodo
2020-10-30UNTITLED_MZL_100120_RIP_103020.docdoc 95f86b4f2c917f1be1fe02e3566a23e45621c342db18356aa485387fe799b06cn/aHeodo
2020-10-30Doc_OFE_100120_JCV_103020.docdoc 251276d83391acaa6629840a7607dd14966d1be54c7e8037b947e5875d412620Virustotal results 42.19%Heodo
2020-10-30ARC_PO_10302020EX.docdoc 001aae9a58f6352962e2e1635ef52e5cdc08a8db7e51aacd096f41f9de8db0ecVirustotal results 42.86%Heodo
2020-10-30arc_9420374563796710049.docdoc 33478c951541dfc62cd1b974afa9e6be46b51b140a5228aa4f34f417a17b8a64Virustotal results 42.86%Heodo
2020-10-30inf_UYG_100120_YLZ_103020.docdoc 7c159d17e809a78bad3e024cda533ebab493cc8519755e2946af59e11eac9ebeVirustotal results 42.19%Heodo
2020-10-30mes_PO_10302020EX.docdoc a3c09116b3564a812d894ab750990565e22b18b97a47c138b3b271f1e7e5f666Virustotal results 42.19%Heodo
2020-10-30DOC_PO_10302020EX.docdoc 59eb7f8b98e7601aab446fe4f84b586ecf0ff8b5f092b8144441e50eed459684Virustotal results 43.55%Heodo
2020-10-30Dat_PO_10302020EX.docdoc 327e30c02dc57bd8f9793000a44e75fb252b493b8d289d2d96d9e6e167f1626aVirustotal results 43.64%Heodo
2020-10-30rep_K6UMKSLHS781V9AD.docdoc 5333597a0d69ed5391e4f32418f25067aae4169db8982d327bef75b5fa518b8aVirustotal results 40.62%Heodo
2020-10-3019596474.docdoc b86e09a5bdebde57bd67e1fa11ddbd3381e5972d091fdc61b68e34226fabf084Virustotal results 23.81%Heodo
2020-10-30file_86036068971285713967832.docdoc c21fd3f4bfb11db1fc709bca4079eb7f97b6001e5695a430566b61e5e630053dVirustotal results 29.69%Heodo
2020-10-30list_PO_10302020EX.docdoc 72cbfce2d1bb68f6583a651975d64056490779254d19bbf18636a754d88688c3n/aHeodo
2020-10-3032586776.docdoc 0406910d3c48dbd18d57086dcab9b4f73a8081dae9fac3010f0ae90b73c7c34fn/aHeodo
2020-10-30inf_YHD_100120_PKY_103020.docdoc 665ca5b6b8e24008d94bd73e8fc3862a558d2074f35ab952eb016e2ecfb2c125Virustotal results 26.56%Heodo
2020-10-30Attachments_09835040.docdoc 07b3f8c72f07dca70496f6c792df7c12b6b782090056851ccfa67620fe7a27bbn/aHeodo
2020-10-30Inf_RM1073984892BC.docdoc 22a4eae8735782a3f12e3f7ee5b6d0839cd7c4a8b91dce6ce27e2414b2e5f817n/aHeodo
2020-10-30T_MLQ_100120_QTG_103020.docdoc f2413a07e3362999d85fbab3f6c2fe8f228e4567eac899cd565ad65a2d0eede9n/aHeodo
2020-10-30LIST_DM643KOFYK13FHL.docdoc e37545649e9e7c9250af64a93a2fa3e37fd90ab7f9c16e96b4469290f309b52bn/aHeodo
2020-10-30file_20327716.docdoc 8cfdaf7b364045782c53fe4094501d577114deba01267ff8e074d14d7d27833bn/aHeodo
2020-10-30DAT_52180592624394.docdoc 1e363452c2a67d40f01390488a99f68ce6fab805b45eab93ee2db2469bf1b05fn/aHeodo
2020-10-30Rep_ENZ806TH0C.docdoc f4983c5881da987bb4dcca9069e0134657dbd559cf50165c0f35c3f1c4595948Virustotal results 40.62%Heodo
2020-10-30Dat_PO_10302020EX.docdoc 9ae7942321b9360d2c19a2199e6f2e21a3436b97787133280c3d267a00bd6b6fn/aHeodo
2020-10-30inf_1639347010731161275.docdoc 7936fd61383857a4def1dbe2e3c320a04038eaeb4eac1d4c313a7dcf3dcd3cdfn/aHeodo
2020-10-30Attachments_PO_10302020EX.docdoc 3619ca27723e87006b7061bd608e1e02d5087392ec513cfe82ecec069074fbd7Virustotal results 41.27%Heodo
2020-10-30File_RSD7EQXHWU6GHBL.docdoc f16118ebe3dbd05212ed3e350e3d509e02c403cacf34497532c50e1be09b7e16Virustotal results 39.68%Heodo
2020-10-30Attachment_PO_10302020EX.docdoc 248dc97004f5088a900ec8be3559432f63cfe88eb7d2935c5161846dc778d1fan/aHeodo
2020-10-30MES_PO_10302020EX.docdoc 7bfa1640c072951be3fb17704054b151541525eaa8a22606d94fc2d037a6a663n/aHeodo
2020-10-30List_PO_10302020EX.docdoc 8cb962ad1798941eefe7a5f826ea5bebc726304af0337e53e6e34d59a7715795n/aHeodo
2020-10-30Inf_8XI8B9HLLQNRZTB.docdoc d938809af2f315ccb3059ebdb60f135d1a78267221ebe954f6ece48ad1c4851an/aHeodo
2020-10-30DAT_MHG6T95S.docdoc 0b7f26dc76b83127cdf687f818e652f050a9b3726aa76bc30947f94e4e25ffd4Virustotal results 39.34%Heodo
2020-10-30doc_PO_10302020EX.docdoc e4c4aa874feb371209199ddd6b159ed4a677b94568dfe6b09351807263dbef9bn/aHeodo
2020-10-30arc_158020152391766037806.docdoc b2f80aa2efc9abdf137f78f830f2366b29e5bba74409138f8db1ed6163e25819n/aHeodo
2020-10-30B_NM0582424129GA.docdoc 08ccf72998255b13e254a272fd34c02fa515b00674da72aa51f9409c529bd80cVirustotal results 29.69%Heodo
2020-10-30Rep_RMP_100120_BRC_103020.docdoc b03fc3f4764fbae8a92c677b03cc79e416905f290bcd7c6a5659410315245c90Virustotal results 31.25%Heodo
2020-10-30ARC_434584154.docdoc 7ae6e150fde20638c5cc89c0b4c088593eb3879f0f6567e9c4cc14069b9ae204n/aHeodo
2020-10-30JIKB_PO_10302020EX.docdoc 87582434c0b62f10bd24d5f8fe2636dcef3e0046373b8e05dadb27942be901f0n/aHeodo
2020-10-30DOC_PO_10302020EX.docdoc 1e2927648e6c1e230ea519611dc8ffc414549f3da0fbe74854b2b2431a5731aeVirustotal results 29.69%Heodo
2020-10-30UNTITLED_PO_10302020EX.docdoc 9cdf4102c45c7f549ee4e0290a07d4f7783c6371b1a8fe35a6f1f04d56cd6857Virustotal results 28.12%Heodo
2020-10-29ARC_NN1627432249QY.docdoc 57a23ee50bad094280feb716af4f6917dcf92157f899a609736ead07c82e6432Virustotal results 26.56%Heodo
2020-10-29Mes_PO_10302020EX.docdoc 5de82db9541a97ffb820c52c562ee2c3b84430e1cffb0c8a98f70908d2a78c9dn/aHeodo
2020-10-29272272755349454978053.docdoc f4d2f6dbbb53d79cccef95feda58515350e863a1f1522bf60c830c0230754866n/aHeodo
2020-10-29Arc_84ZHTCWQAOCDD5KG.docdoc af5f164e4a01dce68ffde542decdb164b6873582d81bb169b4982624cfac5ce3Virustotal results 26.56%Heodo
2020-10-29FILE_B1YECNVV90C02I.docdoc 9f944d45d5e7d40e9f1fce8f48c7fae48a14b56666b6c149b9a2f028567d2019n/aHeodo
2020-10-29rep_424235628116553674928.docdoc 30afb0ba6cad7d0adca2d6200ecc891e79a8901808aa35a78dc2e03b6b1b3fean/aHeodo
2020-10-29DOC_ST8XUNR.docdoc e5ee1bc6b5f6544f1d789848862c6469f2f32c20627bb4e410a1bc21f0005817Virustotal results 34.38% 
2020-10-29file_59841563645309908845405.docdoc c864f510cfcaca5ca5acb2a8ef66706e173195d47f0bc0956f1757e9f74325d1Virustotal results 32.26%Heodo
2020-10-29Attachment_9637389554749851.docdoc c3ceef3dcd36af85ab9eb1dfbe12d3855abfa16fdf70a040f1198d7d266be08eVirustotal results 33.33%Heodo
2020-10-29Arc_PO_10292020EX.docdoc 0b5277c050ee4714b138f9c9a8f1b1b0a3193f3cadb6d61a5037172d4bd11c54Virustotal results 31.75% 
2020-10-29RFF_PO_10292020EX.docdoc 060a5c65a7cc6ecfa1290f84d608e94a147a447e1dd75ceedd3490ab079b6e74Virustotal results 31.25%Heodo
2020-10-29Inf_275678304737821.docdoc 93d4fd3812d69eaa9afd23d9a5294b9c4544c60967cb63af240524552d0c10e1Virustotal results 31.75%Heodo
2020-10-29file_01640904.docdoc 16d27526d0453d93110c60d19d8a4680f2ae783858a4ec2093a235fcb819556dVirustotal results 31.75% Heodo
2020-10-29LIST_26611612.docdoc 2ded110822e0153fbd8d8c157f8f6ca47440730ee4fa093e193eb720789b83a6n/aHeodo
2020-10-29Dat_FJB_100120_WKY_102920.docdoc 32eb83b21811e1d39d4c68e15a5ff6a2b640161c0960cdfd4dea92a72f368a2eVirustotal results 31.25%Heodo
2020-10-29TBL_NU9583216950TO.docdoc 1cfbaf38e833a8dcab12a6f7a0c42e5b5033bc4f188f022607c0e3853f92a6eeVirustotal results 31.75%Heodo
2020-10-29Inf_O4ZGQGUZJ.docdoc 5e49a64852901bd8057faf79a29c4014763a93bd4f8a0c448a58ab101da4fac7Virustotal results 29.69%Heodo
2020-10-29FILE_1P78FSV79ZCSWQP.docdoc 51657b8a72e7e81349ee2744529184125522759769f93b02aebc3a2d33fddc2bn/aHeodo
2020-10-29Dat_RJR_100120_BYZ_102920.docdoc ccc94ba056101ead7adab466b9b4780b16a85dff204b246ae7094f9bbe79fdacVirustotal results 27.42%Heodo
2020-10-29K_31638634.docdoc f1360579a25ea174943b561c1e8e174e0145373505152d928c6e1dbeaeae60ddn/aHeodo
2020-10-29doc_96940037.docdoc 75df04fe2bbfe95af6c2ff3ad6beb372645597b0350f6cc16f995a09e27da829Virustotal results 26.98%Heodo
2020-10-29INF_TZF_100120_CSH_102920.docdoc ada659ce4b1ad92d31ab929e58b311b622eae5d91ae6f1073ca20bac351e42f4Virustotal results 28.12%Heodo
2020-10-29INF_JHE_100120_YYR_102920.docdoc cd3fe863b543b7cff0caa09fe57459ed428b05158a34dd748438f0f7a671fabbVirustotal results 27.87%Heodo
2020-10-29doc_PO_10292020EX.docdoc 774059c5c371964d14cb4894f7a1699d2bb5b3ce2bcb1544bd9a6ef92e845547n/aHeodo
2020-10-29LIST_RFT_100120_ZNT_102920.docdoc 9fe969fee626debd81e116bda0f8fba99a6adf05e1a8265e3e9d93df703da84bVirustotal results 26.56%Heodo
2020-10-29FILE_PO_10292020EX.docdoc fd810765d8200ee0c56b220f79375a5a76d36bde37b25512c664f45c7d130181n/aHeodo
2020-10-29Inf_SW9335698556QF.docdoc 4fdf2563b45602028009105b6b5f30ab0dbd3ceb11857e9861b91afff59f247bn/aHeodo
2020-10-29Mes_974TXDMG7.docdoc c77bdf30a9a94eafd3718a954bd79a8e9ad3b32761d6c45ae1b79245df7599bfn/aHeodo
2020-10-29rep_35662476.docdoc 93ef9ecf091dd0a2f463f8b10a73d301ad965547315b43fcd5c1a4995c513525Virustotal results 20.31%Heodo
2020-10-29M_PO_10292020EX.docdoc 8e33cf2204f19a828e1018b6ab9c762d52deb1ecd43a920491561fefd654086fVirustotal results 20.31%Heodo
2020-10-29WTN_100120_QMD_102920.docdoc 854dd0441e71fcb4f3237e94d7a738e26a8f320c3e5becd6b94aedcf7237eb09Virustotal results 20.31%Heodo
2020-10-29INF_CKB_100120_XEM_102920.docdoc 1ea025a1cd83c476f9edbb66bc98ca4af04a27f5b5d3d9eebcceb71386f0a2c9n/aHeodo
2020-10-29List_V90FASLYTQ.docdoc 2427ee3cc0798fcee02c718a1fb58d735d9cf3b0ebd9bb10c14cb9326bb5e489Virustotal results 20.31%Heodo
2020-10-29Mes_14135701.docdoc 1e63648100763f7fe5822fa5fedd5b5b9c87d1bca425b6745c236e3bff92bd0cVirustotal results 21.31%Heodo
2020-10-29DAT_VYA_100120_MWW_102920.docdoc a943a1b78c2ddb8ea536ad08b2eaaec624c324079322f272f1e1a319b5603a28Virustotal results 20.63%Heodo
2020-10-29FILE_24784153.docdoc 38df7a8d7d8ddeec4905b01777148222f208d5030b7a44665b5fdafb5bd9ff19Virustotal results 40.32%Heodo
2020-10-29DAT_FKE3V2P.docdoc a94691d74d543c82cfb7a293d0de416bec72dbaa2a2776d2ffa9b176b28cc12an/aHeodo