URLhaus Database

You are currently viewing the URLhaus database entry for http://avinatajhiz.com/cgi-bin/7kzxFqsT9kqbwawGB9grYBUrY6U85far10J3QJb3j/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:938403
URL: http://avinatajhiz.com/cgi-bin/7kzxFqsT9kqbwawGB9grYBUrY6U85far10J3QJb3j/
URL Status:Offline
Host: avinatajhiz.com
Date added:2020-12-22 14:04:05 UTC
Last online:2021-01-01 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-12-22 14:32:02 UTC to ripe-abuse{at}0-1[dot]ir)
Takedown time:9 days, 20 hours, 6 minutes Bad (down since 2021-01-01 10:38:40 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-12-308VEC6TTVBZ.docdoc 768f3c029cc79ae21d7c732487da93f0e8c7d19a83737f9ce7e107e3adc9054cVirustotal results 68.25%Heodo
2020-12-23TSOJWPGZNK08Y2.docdoc ebfadd85753d033e248aedd9f9c5772331aff8dc35049d0842e8c423d64ea08cVirustotal results 20.97%Heodo
2020-12-23L4U5ASHSZ8.docdoc f0a4ee510f94aaef257225740c62c4a65b2da3ced23ca6b1513b9fbe11fd3cd8Virustotal results 20.97%Heodo
2020-12-23ILVFSHMJVE.docdoc 93901d975d0df11ab32c4eaf841b43684882ce002e1222696c629076b1b81792Virustotal results 41.94%Heodo
2020-12-2300LRBQD0VYH99S.docdoc cf2b33d88046f8e39c8299718c9132fc22247ef02bfe6ae6d404b0ca1c7c6119Virustotal results 38.71%Heodo
2020-12-234O3RHPFJGXG.docdoc 70cd2d38d41ecad15addac25c6e09641cce2f946161ecf261e639a09576ecb8bn/aHeodo
2020-12-23KM4NNOB4FALNB.docdoc e1624ae5f5ab385ff8468ca483e628d08be7ee14d23f030d3682a3f97d360c5cVirustotal results 36.07%Heodo
2020-12-231YJ1Z28EY.docdoc fd76c945ff05629b1e31b55378f97c543c8dce7496389385dae3fd4b8acfd12dVirustotal results 31.75%Heodo
2020-12-23NYNA2D.docdoc 2cb1d46e5ca1af22841c4a613b16ee60be1c474065ae89053cc02c6d3740101bVirustotal results 32.26%Heodo
2020-12-23YRWOM6BPVA6JRGN.docdoc 0351492c5d95a607178dc17826f59c46ee6ed33afaec7f54ad50d4e3935112cbVirustotal results 28.57%Heodo
2020-12-23DJ7C5MWB.docdoc 810ffc95c449b426c6bfc03c98c5e10cfbecbfff7858f10cd9c1c5ec29e2216en/aHeodo
2020-12-23M1TFEEQUUGZ3EQ.docdoc e9c79c389f9e0132834f2da34cf19158e44330446302146e5636b0516d65ed51n/aHeodo
2020-12-23R0EHF8.docdoc 32485683a42778008538745c1475cd3abc5d9ec4f8cbb3210100d448b9eec74en/aHeodo
2020-12-23C6J0DW18CR4BV.docdoc ba96b09e7eeac72b4363f7b0749f36b0f3b68ecb4b3c40462d0f9d426b4cb483n/aHeodo
2020-12-23FGCSUAYASBI2.docdoc 64df2f4241becefb0876d62be5908b4d62620e2aeb97828cb2819d952d106f11n/aHeodo
2020-12-23OJYIX54WTTGOKJ.docdoc ec49319ad4b8ab163292c8a1332640a715616436de18d6b1124f4cc51b3cb4c4Virustotal results 26.98%Heodo
2020-12-23KLWZJX.docdoc 1a0263e1f86a9148e3b7434c12cc232b3a3c92df63c0aa48641c627e87949106Virustotal results 26.98%Heodo
2020-12-23LEW8VXT.docdoc c693baac5d3227d362a0fe99ad187c18cde1f45a404c94c881d424023303a744Virustotal results 27.42%Heodo
2020-12-23ML9TZRY3.docdoc d4b572062438c3b6331322be310ee0209e104c180931c63dab258983c69f6dadn/aHeodo
2020-12-235238PLK5PDMA5.docdoc 996270116a72e21db7ce889a1caf3633d3f42aa2f51aadcec31112c5a590fff2Virustotal results 25.40%Heodo
2020-12-22FNOVTH.docdoc 5c4cab29ee87b07eb6a57ccad782631b9281fa4db8f0a1b12d2672584426ccceVirustotal results 25.40%Heodo
2020-12-22PK0K76.docdoc 54a40564f1605df3d177f233fb61ed59c38f1c8adea1284aab637fed81289a4dn/aHeodo
2020-12-22XNCVK3LA1.docdoc 893d0822b033e0d5ea0484d9a61ce0354833603684cfb54e8e493f2740641784Virustotal results 21.31%Heodo
2020-12-22FDSUBX.docdoc 6db84ec96bdba956f2a1aaf37771903b47d79d69fc01b53e33ba039b8e7669adVirustotal results 21.31%Heodo
2020-12-22PZPPZC912.docdoc bdfab9675a34c6da34487f2c70f297960002e6c3c2a8e6fdc60ae7edbe67101en/aHeodo
2020-12-223DEGP4.docdoc 70325bb19664b06520c37b48c9b0deaa5232904551fa5d01a82ac5a6e735a626Virustotal results 22.22%Heodo
2020-12-223M9NLO22NTC.docdoc 3341a695c836613d9bba02fa005f2413c407d48a7fd940180b6d4c38788fa592Virustotal results 20.63%Heodo
2020-12-220P8RDYNQ4.docdoc ea9e0d2591e09cdea3ac66cbd5410ca96f9bbb033f240fd580c71854292003b9Virustotal results 20.00%Heodo
2020-12-229RHQ5SWGY9IMXHVU.docdoc 29d2dd0591e75e000a0c6b8b889a9a1cafe79ce1f5b6a3468d55e31d7a820490Virustotal results 20.63%Heodo
2020-12-22YZGYBEI.docdoc 9f7aad87f317746b7406ba4aca0dd08523157fee59f582eb3e1022e92fad7f73Virustotal results 20.63%Heodo
2020-12-227MZZX61K5AU0LOAJ.docdoc 964002e25b6ff27acd3902a75ecc4293ba67968a23055e94748a0ba2c31c8d78Virustotal results 21.05%Heodo
2020-12-22577KPMC04W3P8W8.docdoc c56452bc0ff9abfcda3df47210eba4e178e55a49d0673f42c9d192ce0234ca64n/aHeodo
2020-12-22LRNAEVD92O7SK8EI.docdoc 8d0a380012f874d975499d45632b01438dc0e7a4d6bdf4791c400e375b02acb4Virustotal results 19.67%Heodo
2020-12-22NNCYYQC8YHNHAFB.docdoc 3cf79aa67b9b74d228fd5e8d25633f13d2282edaa63d6ebc02bc95d05ed4ef45n/aHeodo
2020-12-22064WYD4IZJZVBH.docdoc d86732f28284b8dbef93bd8eeee3150fa2696a1ccc22d520bd82a2a53c58c32bVirustotal results 42.86%Heodo
2020-12-22T10FE3OEZ.docdoc 7f7cfdf40853bbfed2268dc75e4981abae04045ef5571e0de2bb61f69578991dn/aHeodo
2020-12-22QODY9DWAOGYM7NC2.docdoc 40a6e4fc5788a8fe8d3ae1e732c5f4ac0ac13a1bff111aa979d857b4a82ddfaeVirustotal results 43.55%Heodo
2020-12-22B2D3AIXLR.docdoc 5961f5f44cedfac8a1de3568cdad7e244f181b87395cdcc5f31e7d102457cdc0Virustotal results 42.86%Heodo
2020-12-22FOJQQ7DGC.docdoc 92b408890f4b772ab366c61779c487cd322720950d2e521d6eac74aea873a24fn/aHeodo
2020-12-22Y8S3ZSZE3ZK.docdoc c8ac23a5b83b2d66b18d0eb20ab24fda394d9f565db0aa64893890eea9461b0an/aHeodo
2020-12-22BITRP8EP.docdoc 884af4ef4c4cce6b4b6d059a23ddacf8aeb92b68fbb4dcedfbaae3352f1fc5cdn/aHeodo