URLhaus Database

You are currently viewing the URLhaus database entry for http://exxonabnie.ir/orbi-slow-glero/gGkUV5JkrMKN1kGyELyVka973qrXnWF/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:938724
URL: http://exxonabnie.ir/orbi-slow-glero/gGkUV5JkrMKN1kGyELyVka973qrXnWF/
URL Status:Offline
Host: exxonabnie.ir
Date added:2020-12-22 16:10:06 UTC
Last online:2021-06-12 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-12-22 16:12:02 UTC to abuse{at}dnswebhost[dot]com)
Takedown time:5 months, 21 days, 18 hours, 1 minutes Bad (down since 2021-06-12 10:13:51 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-03-08HWS91V.docdoc 3fbfd6e982d209b8a17b661954954d34ed049c93ae235bd736f558199b81aa94Virustotal results 73.02%Heodo
2020-12-23GS5JMESV4F7JCA4G.docdoc 56355a08b488d103b9a4d6226e1cf2cac8bfdc7381febb47feec6b0eff3ac332Virustotal results 41.27%Heodo
2020-12-23QT7CJOIPM8W.docdoc 4a6d02a3adc59903ee067a5abc702d78fb31c61deb56b7360fade2ec85195569n/aHeodo
2020-12-23UC1PA3ISYSGBLE4.docdoc dad7761c55d0c4eb6fbd18182bab52f99242f7107fdf629b056cb6965ba073ceVirustotal results 39.68%Heodo
2020-12-233H9SB39W.docdoc e269c87f3edd655d2fa4f379bac4ddee2c652386ccd598daf260157b1b9c033cn/aHeodo
2020-12-23NWQXV91TF40A.docdoc b1094f6feb1a423a3b72309f5d023edd3d9509d5444912064029530fe0e8842cVirustotal results 39.68%Heodo
2020-12-23T6HAZJF6SK0.docdoc 098fd9226fa629b47b6a137b89e9f3f85f74266c494382a6678d910af2cf8130n/aHeodo
2020-12-237841CAGPJL1.docdoc 9e353b38f1dd65bbd6f1e50dc63ddc1350f17b8e382a9fe24328cf1f1609b181Virustotal results 38.71%Heodo
2020-12-23WWAI9VS334HV38.docdoc e1624ae5f5ab385ff8468ca483e628d08be7ee14d23f030d3682a3f97d360c5cVirustotal results 36.07%Heodo
2020-12-23VA383D1.docdoc fd76c945ff05629b1e31b55378f97c543c8dce7496389385dae3fd4b8acfd12dVirustotal results 31.75%Heodo
2020-12-23GTEW02OJ7U8EB.docdoc 68e9fac6a7996f04c150777aec9f02864a62b4c0d59675625c1801a231461a0bVirustotal results 25.40%Heodo
2020-12-238SFTAGT.docdoc 525689f16129765cbfcab859edd5d99fbbec461ea04160605819b2f4b6150042Virustotal results 27.87%Heodo
2020-12-23AJDDYA5K19PE6F87.docdoc cd26f4220386d91ffb1a0233ece99c207f4335aab6a4c6227d64756f16500ef7n/aHeodo
2020-12-23QHRG7LKXSME7P.docdoc e9c79c389f9e0132834f2da34cf19158e44330446302146e5636b0516d65ed51n/aHeodo
2020-12-23F9WWAP161QQ01.docdoc 32485683a42778008538745c1475cd3abc5d9ec4f8cbb3210100d448b9eec74en/aHeodo
2020-12-23I0HYALYT.docdoc 168fe6ffe9e78f01a7f784833ba9306ef1edad3ccea334df35937424ef0220bcn/aHeodo
2020-12-23SAMQPUDFLKTC.docdoc ba96b09e7eeac72b4363f7b0749f36b0f3b68ecb4b3c40462d0f9d426b4cb483n/aHeodo
2020-12-23N4OYEHT8.docdoc 9377cbdbd93e4aed19bd96c21d35c83fa1a0927df233e481ce3f7eebe2c0b0dbVirustotal results 27.87%Heodo
2020-12-23ZQ5WMC.docdoc e56e47b889fb43e8b9f183ee7abca3a349cede2826008e189de20df4b7bb481cn/aHeodo
2020-12-232DZ03S56K6H.docdoc 9a8b914d6bb8ae09a04b32fc897fdb9a9ffc073975b436b031ac837b7eeefb0bn/aHeodo
2020-12-230G1WZ9ZA7PESRTK.docdoc eeeac0e4068f95a8d51d268eb14efdb0158a4a538bd414fde6f64911091f8211Virustotal results 25.81%Heodo
2020-12-23WSS8FA2PXTIJPE1.docdoc 1a0263e1f86a9148e3b7434c12cc232b3a3c92df63c0aa48641c627e87949106Virustotal results 26.98%Heodo
2020-12-23NCHG2WT0HPJHNLG9.docdoc 521ef9721a64f893dc83cf84caab9a76ce0b537e5605d20126c954d3489d89e9n/aHeodo
2020-12-23XQ9PSXQU5ZZXJ.docdoc b1903f421885c0c1f5f9750dcdc985ec86a256298113e4c14360578feece4165Virustotal results 26.98%Heodo
2020-12-23ZB4X52.docdoc b6a4c5fd2aa2119a83b7372ac02aa65feae5a7d083a93656c4a437dd865a447fVirustotal results 22.22%Heodo
2020-12-23VAGKJ0GVTIBSCXYF.docdoc 64e04bddf27b3d535ea895f4dc08267a98a4c401edadc68e3caf7f6f850c4f64Virustotal results 25.40%Heodo
2020-12-22YAPIPGZFU.docdoc 5c4cab29ee87b07eb6a57ccad782631b9281fa4db8f0a1b12d2672584426ccceVirustotal results 25.40%Heodo
2020-12-22TZ0ES1AVZJMDT.docdoc 32dbb92d892c9f50e99fc70db5b9f3efe0721a6464984a3f84e6592cda81684cn/aHeodo
2020-12-226S9MAKX4.docdoc 05c57f48c8b1958bf16f64a292f9aa05a43f6185d02c54a0d8cf03b2fbc56ab5Virustotal results 25.40%Heodo
2020-12-22ARI4IRGSI45Z6K.docdoc b88940065daeda56e1e49c0db60c1e275b39e435f83b785742242104d173a57aVirustotal results 22.22%Heodo
2020-12-22V5WG1LY2LR0C2B.docdoc 46935fc92d4e420a9f07c05550f0eb53c8ccff96b0f5fac35b1c8e716ed81ff5n/aHeodo
2020-12-22LY1A8TW.docdoc bdfab9675a34c6da34487f2c70f297960002e6c3c2a8e6fdc60ae7edbe67101en/aHeodo
2020-12-22TPXRQOF9Z3WZEN.docdoc e2e85f53c26daaa6cc7e1fe602e51f272ac256cc0c23725350d37b4a5a888520n/aHeodo
2020-12-222Q7PMMJWU.docdoc f03c5a8d271acc63d9646bb77c30ddbb5fae5ad755449342e6c34b5ca71a6980Virustotal results 20.63%Heodo
2020-12-22E440PQVX.docdoc 3a7e77468332deeec16a5228c4b955efb118e0b0d576e638a7a71ac7be04a5fcVirustotal results 20.97%Heodo
2020-12-22E1XRAASU.docdoc 09539a4c4da9f2859e64cc2653090ed420b3788068156a3dd76a38c60dea7f35Virustotal results 20.97%Heodo
2020-12-222JGNTJSXSD2.docdoc ac4a11a17747f0db974bbb343bdf32d636c82bc667c3223c23567faab4377eccVirustotal results 22.58%Heodo
2020-12-22O2P2JMT.docdoc 0e0a8e32415a80ba95b8af747d13f3b6312498145d1677df7641ba3c9cf8e9b6n/aHeodo
2020-12-22SEIVQOH.docdoc 672fd53363516e84ed426b99e3465bc33a40e08ecad177bad2c69349b92c7828Virustotal results 20.63%Heodo
2020-12-22NUXOOE1RK.docdoc e992706fe1c263e83911d8cd96067ecadffda1437a6516db6097fae0d542f0een/aHeodo
2020-12-226JM5TUIE34IIQ.docdoc f7c7d960892c6eceda47d8b21609311323d84eee43e2d6fe065c9c770204941bn/aHeodo
2020-12-22ENETD6.docdoc 3e85ec8cb82ca5f5fe148bbee44739d915ff8413a23e4deb32326b4b57b68d8bn/aHeodo
2020-12-220AO05G3.docdoc 628715602170e6fa97dadd0ea965652619994ef5eadd84bda8c45db0db3ef0f3Virustotal results 18.33%Heodo
2020-12-22BUI5BJJJSWWZD.docdoc 4b89dfb2fe2832ee2b48fda59db6b7394a32e427c0363058b6d9caa2eb21d3b6Virustotal results 19.05%Heodo
2020-12-22IQUXFVMD9FJ4L14.docdoc e5614cfb775d155e08d37cb94f971696d9f60791a83ac671d7e6929438337933n/aHeodo
2020-12-22TI6C6Q5.docdoc 8d0a380012f874d975499d45632b01438dc0e7a4d6bdf4791c400e375b02acb4Virustotal results 19.67%Heodo
2020-12-22I9CLZJ088BA.docdoc 3cf79aa67b9b74d228fd5e8d25633f13d2282edaa63d6ebc02bc95d05ed4ef45n/aHeodo
2020-12-22505M97YU.docdoc 7bf5d728fcd19d3df1127a4d8648cd870c5d123ce9ea4b10eca54cbcd18e10afVirustotal results 43.55%Heodo
2020-12-22MURNUYTR5DGBW2F.docdoc 513747f9adbaef9a6fd640e8b8a083530ee0d8036b547d02d2465dd760e94d4cVirustotal results 42.86%Heodo
2020-12-22BSK64C0SMRGT3.docdoc 6191dcfff06f36e7ae3ffab9272718d60482913bac94ce985ce8a5eaca930e26Virustotal results 43.55%Heodo
2020-12-22MBRBO2MHLWP8.docdoc 40a6e4fc5788a8fe8d3ae1e732c5f4ac0ac13a1bff111aa979d857b4a82ddfaen/aHeodo
2020-12-22VTP0I8CD.docdoc 0529eb660d413f7804da233612e8bd55fae073a9f2af58b046f7f8a24a5a99ben/aHeodo
2020-12-22RUE9Y4U324L4.docdoc b8cc32746b0e596c501c9e24146246158e2e302204e29bf3b7c59fd727208c48n/aHeodo