URLhaus Database

You are currently viewing the URLhaus database entry for http://exxonabnie.ir/orbi-slow-glero/gGkUV5JkrMKN1kGyELyVka973qrXnWF/// which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:939318
URL: http://exxonabnie.ir/orbi-slow-glero/gGkUV5JkrMKN1kGyELyVka973qrXnWF///
URL Status:Offline
Host: exxonabnie.ir
Date added:2020-12-22 18:27:05 UTC
Last online:2021-06-12 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-12-22 18:28:07 UTC to abuse{at}dnswebhost[dot]com)
Takedown time:5 months, 21 days, 15 hours, 56 minutes Bad (down since 2021-06-12 10:24:29 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-03-08HWS91V.docdoc 3fbfd6e982d209b8a17b661954954d34ed049c93ae235bd736f558199b81aa94Virustotal results 73.02%Heodo
2020-12-23BXA7454Q7.docdoc a59e3318597fa65b37e597175045690d391ef038c7e58869d71ba50ab499cc64n/aHeodo
2020-12-23AYPDBYTX8E.docdoc 77476e25aa9034df5f54eb93a92ea7144c57945b92eed68b1956044666957d33n/aHeodo
2020-12-23EJ5DNTN0MM27FPDC.docdoc 93901d975d0df11ab32c4eaf841b43684882ce002e1222696c629076b1b81792Virustotal results 41.94%Heodo
2020-12-23GKPGUK2.docdoc e269c87f3edd655d2fa4f379bac4ddee2c652386ccd598daf260157b1b9c033cVirustotal results 41.27%Heodo
2020-12-23E2CUR5APT8.docdoc 2bed788f0ae4910b2b76b0d6a72af5f76811598705f59de52684ab9f99ca1fa3Virustotal results 41.27%Heodo
2020-12-23OJJBG4JJH3BRNN2.docdoc 47207dfadb642d35013dc02b38b9dbf49b10333f7447728b8471863fc9ca568fVirustotal results 39.68%Heodo
2020-12-23NWQXV91TF40A.docdoc b1094f6feb1a423a3b72309f5d023edd3d9509d5444912064029530fe0e8842cn/aHeodo
2020-12-23RE35QUYSPR5BKVAH.docdoc 9e353b38f1dd65bbd6f1e50dc63ddc1350f17b8e382a9fe24328cf1f1609b181n/aHeodo
2020-12-23FNSUNDP9J4.docdoc b534c439ac7a89c6af82331ebd70e5b5ce5e13a2e871bb7ab122b00004605e97Virustotal results 36.51%Heodo
2020-12-23R1IDJL4MDLO00.docdoc 74ca579457b696e80799f7acb8b3caa43a1a05be7c10a42fdfa94b1013490c07n/aHeodo
2020-12-23GTEW02OJ7U8EB.docdoc 68e9fac6a7996f04c150777aec9f02864a62b4c0d59675625c1801a231461a0bVirustotal results 25.40%Heodo
2020-12-23V2J03P.docdoc 525689f16129765cbfcab859edd5d99fbbec461ea04160605819b2f4b6150042Virustotal results 27.87%Heodo
2020-12-23Y67UK8Q1.docdoc 810ffc95c449b426c6bfc03c98c5e10cfbecbfff7858f10cd9c1c5ec29e2216en/aHeodo
2020-12-23HOYG29FRV7.docdoc 4eba0fea9764ce2f90ad0ab87a752c374f7f33295336278b98cea9f8cf47255fVirustotal results 31.75%Heodo
2020-12-23F9WWAP161QQ01.docdoc 32485683a42778008538745c1475cd3abc5d9ec4f8cbb3210100d448b9eec74en/aHeodo
2020-12-23X1WQ2LDBC.docdoc 6983d0de072547b29fe27502cd474096e7831a387d6980280fd1519c1cd86025n/aHeodo
2020-12-23T4166WMF.docdoc 1f0dd0263393040d067ed555d604d764634263e4eb014755feb5d319af9db68dn/aHeodo
2020-12-23SBIXMUUE3C3GQS.docdoc 64df2f4241becefb0876d62be5908b4d62620e2aeb97828cb2819d952d106f11n/aHeodo
2020-12-23ZQ5WMC.docdoc e56e47b889fb43e8b9f183ee7abca3a349cede2826008e189de20df4b7bb481cn/aHeodo
2020-12-23JRIE0G.docdoc 158e3c1a9e0f1942aec57f44ff4569d2a576bad56846a77053f5b4f726c14258n/a Heodo
2020-12-230G1WZ9ZA7PESRTK.docdoc eeeac0e4068f95a8d51d268eb14efdb0158a4a538bd414fde6f64911091f8211Virustotal results 25.81%Heodo
2020-12-238Y0J1K6ZS9S75.docdoc 1a0263e1f86a9148e3b7434c12cc232b3a3c92df63c0aa48641c627e87949106Virustotal results 26.98%Heodo
2020-12-23NCHG2WT0HPJHNLG9.docdoc 521ef9721a64f893dc83cf84caab9a76ce0b537e5605d20126c954d3489d89e9n/aHeodo
2020-12-23ULWH3HTL3GR1.docdoc b1903f421885c0c1f5f9750dcdc985ec86a256298113e4c14360578feece4165n/aHeodo
2020-12-23JAOCVLUMI1.docdoc d4b572062438c3b6331322be310ee0209e104c180931c63dab258983c69f6dadn/aHeodo
2020-12-2378QNMGOZ78QP1GFQ.docdoc 9d2ad424f8d1a39e1cf83b8d64131bc94d8b8ecf787b626e1118e348fc967f10n/aHeodo
2020-12-22E96Z13RTZIMX8P.docdoc 000b049debe1595e96d46d2cb910795e269d9d3f1b3210bfa45901356b3b3b3aVirustotal results 25.81%Heodo
2020-12-22S0F7VCX1ZU.docdoc 32dbb92d892c9f50e99fc70db5b9f3efe0721a6464984a3f84e6592cda81684cVirustotal results 24.59%Heodo
2020-12-226S9MAKX4.docdoc 05c57f48c8b1958bf16f64a292f9aa05a43f6185d02c54a0d8cf03b2fbc56ab5Virustotal results 25.40%Heodo
2020-12-22ARI4IRGSI45Z6K.docdoc b88940065daeda56e1e49c0db60c1e275b39e435f83b785742242104d173a57an/aHeodo
2020-12-22V5WG1LY2LR0C2B.docdoc 46935fc92d4e420a9f07c05550f0eb53c8ccff96b0f5fac35b1c8e716ed81ff5Virustotal results 22.95%Heodo
2020-12-22JJVVHI.docdoc 6db84ec96bdba956f2a1aaf37771903b47d79d69fc01b53e33ba039b8e7669adn/aHeodo
2020-12-22TPXRQOF9Z3WZEN.docdoc e2e85f53c26daaa6cc7e1fe602e51f272ac256cc0c23725350d37b4a5a888520n/aHeodo
2020-12-22N16U8SB5H.docdoc 6420b73153baa8bc93494e5f2cac6f1248c102e7bfccb497d71bc67791603ca3Virustotal results 20.97%Heodo
2020-12-221WA4ZIOAH468UM.docdoc ca5ed41e13462908c3e7441204044d8519693a667e88e9ffff1cc566247f915fVirustotal results 20.63%Heodo
2020-12-22S2L35B0J7JQAZ.docdoc 77b8248db026c5f3e993c6791b25c26813cacf0f6d1f9daa56d1f570b324bdcfVirustotal results 20.63%Heodo
2020-12-222JGNTJSXSD2.docdoc ac4a11a17747f0db974bbb343bdf32d636c82bc667c3223c23567faab4377eccVirustotal results 22.58%Heodo
2020-12-22HR1QIWA04G.docdoc 71e63f415d972d70d04517fe8933ea88c7727004cc732b7cee5b223dc0ac4a62n/aHeodo
2020-12-22K79LYTL0H.docdoc 98ac350c9b7c510b5ebc70b57008f105b7c25a1db9f0b50390dae799a242f9b1n/aHeodo
2020-12-22Y1TFLHEUT3QTJ.docdoc 38c88edd4794af1b22aa61cf3280125279349dbe7040742abea9ad97b8bbccd5n/aHeodo
2020-12-22ERGNP86YQSBWS.docdoc 1d5cf0fff53e0485bae46b34b71fc4b886376d458e91b8eb88a04296f36f9aadVirustotal results 19.35%Heodo
2020-12-22IIQJ52GPBT.docdoc 755b0648467884ea407cb2be70ee59bdff597edec6e149816e553134e25aaf54n/aHeodo
2020-12-22M7VYKD6RTWU.docdoc de3fdb0bc2ccdff9476b876a3296cac1568293ab714ff3ef72e020df11bf809fVirustotal results 19.05%Heodo
2020-12-22C500SCZ.docdoc a5bdf83f7a7007f23b721bd73c5219830d2685673835bcb9a2af37e47ad2603dVirustotal results 19.35%Heodo
2020-12-22IQUXFVMD9FJ4L14.docdoc e5614cfb775d155e08d37cb94f971696d9f60791a83ac671d7e6929438337933n/aHeodo
2020-12-22TI6C6Q5.docdoc 8d0a380012f874d975499d45632b01438dc0e7a4d6bdf4791c400e375b02acb4Virustotal results 19.67%Heodo
2020-12-22CNM44UN.docdoc 424f10f02cae65598b467c5ffdc4eebcc769ffb56ff1dc7e47f50eb7fd31c368n/aHeodo