URLhaus Database

You are currently viewing the URLhaus database entry for https://www.ahmadifoundation.com/wp-content/nwYi4ww0RV6LsZCCYh7i4cYWEtZT4ao624J7HX7kW7QoI/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:768770
URL: https://www.ahmadifoundation.com/wp-content/nwYi4ww0RV6LsZCCYh7i4cYWEtZT4ao624J7HX7kW7QoI/
URL Status:Offline
Host: www.ahmadifoundation.com
Date added:2020-10-30 09:21:06 UTC
Last online:2020-11-05 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-30 09:22:11 UTC to abuse{at}godaddy[dot]com)
Takedown time:6 days, 4 hours, 32 minutes Bad (down since 2020-11-05 13:54:57 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-31UNTITLED_B4DJAI8MZ7E.docdoc 858159295a83a85ce85a8e18a4398873eb02dfa32012325f963ab2de57c8c0aaVirustotal results 56.25%Heodo
2020-10-31mes_6056961690197286685535100.docdoc 7b23df6f1bd4b2e428624bcf7423651fad4742e21e6992d0df41d6d94c199169n/aHeodo
2020-10-3105766852295656725.docdoc 396b664fbdde301d1ebedd54f4beacf4726ef9fe1d0807a86fe0b00e0a71772dn/aHeodo
2020-10-31UNTITLED_PO_10312020EX.docdoc cdb79e413c85c2fa4724ac77b430ab5a6a0c770f7f6a640fec00d946a93f5e09Virustotal results 53.12%Heodo
2020-10-31Rep_TDS_100120_BQM_103120.docdoc 780ffddf2dd1fac9d6fc091c707c84751ea2180a253431c3b4700989bd3fc21cVirustotal results 54.84%Heodo
2020-10-31Mes_9118915138975583873926158.docdoc 0ab261e8e21a48f3423dbe6d18512f5e2afbd09fd31af5d5c45d2814c2c709afVirustotal results 53.12%Heodo
2020-10-31FILE_K8UL3741C3SRMX.docdoc 289f8b4babc8f697bcbc3125ded9cfddefa96b986243538034beda8361d69a26Virustotal results 26.23%Heodo
2020-10-31INF_ZXA_100120_NKE_103120.docdoc 6b199ce53786e4647258111798d4a9f14df4220415ed15639338c5860d98695aVirustotal results 53.12%Heodo
2020-10-31REP_PO_10312020EX.docdoc d7c0fc3658da4a6040cab7aff29764849e26c699642492446759314c94586b6dVirustotal results 26.98%Heodo
2020-10-31DOC_1088325769242236962021.docdoc 41c1aacf38f4e4b127131377357db324852107ff972122bb57ec3ba8f894a7bdVirustotal results 53.12%Heodo
2020-10-31UNTITLED_X8WV4JTNGN.docdoc a914d86d2a97040bb1c91827828f9ec8e72e18d73ca90d884b5d385e4c9793f5Virustotal results 53.97%Heodo
2020-10-31UNTITLED_56516256817721483648.docdoc 9c96edb7b23fe316d7ea6705b137c283da2aba4f7dab4537a681e7e5d031b0eeVirustotal results 25.40%Heodo
2020-10-31Rep_N7YMZVYBHS.docdoc 4eabd4dcb81c28e86bbfd9ac62090d51aea5a733c96a8f3a7ad130a9841bce71Virustotal results 54.69%Heodo
2020-10-31UNTITLED_XNO_100120_QWM_103120.docdoc d1d8c0384f3780dd6287efc3e864f9fe60b6efe14f613f0cc2ec0efb0aa97dd6Virustotal results 28.12%Heodo
2020-10-30DAT_31HJSB4PVD29A4.docdoc 66f30f7d40ef0e230f042cd6abe51971e49af52617515c3d0d99f3f365a59e90Virustotal results 25.00%Heodo
2020-10-30UNTITLED_220525593573156502594411.docdoc 621f149c8fdf5abbc449baa3bc86423a799301ca3017950f0b173a6977033e88Virustotal results 54.69%Heodo
2020-10-30mes_PO_10312020EX.docdoc 1ce95602afd3133a2b2f7ac1df3290e233ba27b2f2b71d6a1b407cda2cb4ca4dVirustotal results 54.69%Heodo
2020-10-30List_01270228.docdoc 917a6b067e825cb71b0d60b4e428f283cdbf100bcec01e467503d18077125c4cVirustotal results 51.56%Heodo
2020-10-30arc_229612783.docdoc 61aa32a570716ce0d7c579186cd0cc291148bdeb623f0709c3a0b0b3f3d4d384Virustotal results 23.44%Heodo
2020-10-30file_DMW_100120_NIY_103120.docdoc f2413a07e3362999d85fbab3f6c2fe8f228e4567eac899cd565ad65a2d0eede9Virustotal results 53.12%Heodo
2020-10-303032288830579432.docdoc d577446435b94d0af2a829f1160b594e95c8051f6b069400ff61fa38d151ba54Virustotal results 51.56%Heodo
2020-10-30LIST_3924008040828596755409623.docdoc 8ead4e972ba536f428fbee5bb8f687ff6a1efdae4456aafb1bbb176b37672180Virustotal results 23.81%Heodo
2020-10-30mes_044153358186602.docdoc 4f6d5190871bdf4ebad7eb4520c7a651e3a2f4d8def1ca783c0efb807bdc7ec3Virustotal results 23.44%Heodo
2020-10-30Doc_PO_10302020EX.docdoc 2004d64ee603572e13a168eca558d2ade8169581208022e51896e0589e07116dVirustotal results 32.81%Heodo
2020-10-30LDTC_PO_10302020EX.docdoc 894961b5cd902ae1bd280ad4d906f510e47f2d02fba5fc278823a37eabedcc7fVirustotal results 33.33%Heodo
2020-10-30DOC_ASX_100120_PII_103020.docdoc 721a801f52c7641ad68e3e7975b2dc98e5908a41803928d13434b180d6add068Virustotal results 23.44%Heodo
2020-10-30rep_VRL_100120_SEL_103020.docdoc 5fc665986d6e0e5763554e4d9f9db9ccc61b2c20fc408e955d286a458f622f48Virustotal results 47.62%Heodo
2020-10-30U_HE6899209263HV.docdoc fd3709987d90ec9e862505d3a6f65e06a16420f87fa87b9ee4d40edb9dd8f5e0Virustotal results 46.88%Heodo
2020-10-30Doc_W8494822H.docdoc e2b96a7780f1274b8e106466239f4c6b39c17c0b6dbf75223abe4849c04324afVirustotal results 44.44%Heodo
2020-10-30list_J5USS62QJJP9G.docdoc 95f86b4f2c917f1be1fe02e3566a23e45621c342db18356aa485387fe799b06cn/aHeodo
2020-10-30doc_QP8665616900WT.docdoc b75935a097651bf38a480763eb4c9973e89974666e00bb021c25e21b7932c0eeVirustotal results 42.19%Heodo
2020-10-30UNTITLED_RNU_100120_DZW_103020.docdoc 001aae9a58f6352962e2e1635ef52e5cdc08a8db7e51aacd096f41f9de8db0ecVirustotal results 40.62%Heodo
2020-10-30FILE_0652567403370.docdoc 40688ed280f40248483c6bac4e362a918147bdf98ab4993db657a0f7eb6e6018Virustotal results 42.86%Heodo
2020-10-30File_KZF0MC0ARX7Q.docdoc 13d14b40f01d08656e74e969635a6cc3da85d7e7561d122d76d2e7f6a7b8960eVirustotal results 42.19%Heodo
2020-10-30BV9084902745ON.docdoc 39b6fdd21b5a73ad7e7808470a008ce96abb75dc96787734f8778afaaab7e0e6Virustotal results 42.86%Heodo
2020-10-30mes_PO_10302020EX.docdoc 2a25d8a1cbc4a93a1a7f07a290d36e24c0e2750b65badf5e91709eb644fad12fVirustotal results 42.19%Heodo
2020-10-30list_31361426.docdoc 59eb7f8b98e7601aab446fe4f84b586ecf0ff8b5f092b8144441e50eed459684n/aHeodo
2020-10-3086433546.docdoc 390be22b6546961bdf840560ab4b25598b3b46211ef3c9e4caffbcbce597fa4en/aHeodo
2020-10-30DAT_16015559.docdoc d81b4a47a2d75a7a58106d5e4e6aaf912f2d33c26eb7fdbb1d31abb9a1883395Virustotal results 42.19%Heodo
2020-10-30DOC_CWI_100120_NZF_103020.docdoc f2ce2b3d2bf2f5d0f22eabb44f0b7c9183e0fea547e90ab926beae89d85cdf0eVirustotal results 34.92%Heodo
2020-10-30Untitled_07687296.docdoc 615de4c01c61e261c017bd338c822b21b294728d9f7bac3199e139be0d1c3675Virustotal results 30.16%Heodo
2020-10-30DOC_HEO_100120_LJE_103020.docdoc b48b7231ac7d5bc0a2ba5883e7a634a557c606b06b97bf45b2842523959c4a37n/aHeodo
2020-10-30REP_QQ9759620078TM.docdoc 0406910d3c48dbd18d57086dcab9b4f73a8081dae9fac3010f0ae90b73c7c34fn/aHeodo
2020-10-30FILE_MSY_100120_YHH_103020.docdoc 60e4646ea5fbe72e1daf6f3d015b37205898569b303dcfc791e0d02a754c9bf1n/aHeodo
2020-10-30ARC_BGT_100120_ILY_103020.docdoc 07b3f8c72f07dca70496f6c792df7c12b6b782090056851ccfa67620fe7a27bbn/aHeodo
2020-10-30ARC_608351727770960581838.docdoc 49931e499615a1dc36cda98151d3c406413f1c47504b38f2bb658631313c273fn/aHeodo
2020-10-30DAT_4KI2EHTYML.docdoc 4a1ebe8938ac9ac6ae7b502c4561bf514bc47ccdb87abae9777a5ac526d6540cn/aHeodo
2020-10-30DOC_2811208613533.docdoc f7cd964fb73ef51565181df0b0bdc561fe166542fc297684546797abcbc24000n/aHeodo
2020-10-30PO_10302020EX.docdoc 0f9fa4196a70c17aea46032195862b2f14826f4025f77a1de80a8cdb86673a17n/aHeodo