URLhaus Database

You are currently viewing the URLhaus database entry for http://imcvietnam.vn/cgi-bin/available_20175_uwL8ExwDGNz0hD/8203745033_2R4uyzZ5uSVi_space/XwKchG55_8Jaed7xJ2G/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	301580
URL:	http://imcvietnam.vn/cgi-bin/available_20175_uwL8ExwDGNz0hD/8203745033_2R4uyzZ5uSVi_space/XwKchG55_8Jaed7xJ2G/
URL Status:	Offline
Host:	imcvietnam.vn
Date added:	2020-01-29 16:32:13 UTC
Last online:	2020-04-09 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-01-29 16:34:04 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	2 months, 10 days, 16 hours, 53 minutes (down since 2020-04-09 09:27:41 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-31	arc 2020_01_31 745.doc	doc	f65825efef692a32e5d3e5f71fbaeec33a4383d4d8c6057664cc970d762c08f8	28.12%	Heodo
2020-01-31	LIST_886186.doc	doc	7b8b820eea5aaf7759404bcf53ca9979080ea061ab4523593b1f5e2e8db6f5cc	25.00%	Heodo
2020-01-31	list_2020_01_31_406574.doc	doc	91275159f80eeb0eff909660f56290704daffd027e4b5725ef33573c925488a4	20.31%	Heodo
2020-01-31	FILE 2020_01_31 086.doc	doc	0c645a5b75a5e0585a9c48656071c2ca5a9bf0304861e458f13a3e250b4374e1	20.63%	Heodo
2020-01-31	inf 0208.doc	doc	d5445cd45e4966135ff65a6af6341bf45c741ef1c6848ecb243ff018f6e82b49	20.31%	Heodo
2020-01-31	INF_20200131.doc	doc	94126672a1eae302832e65ad27da988191a1cfe19203434facd8fc6cda3605ad	20.00%	Heodo
2020-01-31	doc_20200131_EB69627.doc	doc	09c4e38f5ae89bb62c021442a2e76b9f572255957f80b6d5af3111d7d9623325	20.31%
2020-01-31	REP 20200131 4643.doc	doc	1927c895365ce9eb0b850ccab2180fd7d46e42b647113981b953bd353c6edad6	20.31%	Heodo
2020-01-31	rep_20200131_H7249.doc	doc	5e1a30103fd40640c8a5b91d5dadf5564896d808711410002020fa9f136b080e	20.63%	Heodo
2020-01-31	DAT QAT154421.doc	doc	2d75164ed9f2d5641975aa54381d0398bbf1e2e2179c2c3aa131412e96a9e6f4	20.63%	Heodo
2020-01-31	Inf 20200131 JVE3076.doc	doc	c8bd082a9174038d1dffc9a1fe5595314f3e2cd4a2657033f2e1efd3540a3df4	39.68%	Heodo
2020-01-31	INF-2020_01_31.doc	doc	dd7ae3bc161b941e8ee4831dd583f504907c07c32c1d64d330d1f08e2030707a	39.68%	Heodo
2020-01-31	ARC 6185.doc	doc	994ab85c2ed2004c1ac4b7eb7b3300ed9453ac6f02787c92e226c3cfb19cc939	38.10%	Heodo
2020-01-31	arc-20200131-18053.doc	doc	6fd53c9b4fa1bcdf1ef2a095d2af6db48d7d4034e1d5c9e32b23c12853ab6c10	35.48%	Heodo
2020-01-31	doc 20200131 83924.doc	doc	02d4150ccb8c0569ecd99cc1a860f5c711f1cd2ba567aa5728b830b9f1789f46	33.33%	Heodo
2020-01-31	File_2020_01_31_9469.doc	doc	8ac6cda8c7b4094b736c508bc231f782f410a72cecec097edb943014ce610585	33.87%
2020-01-30	Doc_2020_01_31_030.doc	doc	1d75ee01f877ad2ad951d51e2396cd0c0c6be72e1b2fc190b59b64b733ddfd5d	34.43%	Heodo
2020-01-30	MES-13265.doc	doc	710bca7eb8f1b38ff3ff591ffce42780c42d513d5db8e8edbed62b2a30a41145	33.87%
2020-01-30	Dat 20200130.doc	doc	6cbdcc0ba57b84c01a9533651f01585aee4755d88da9396ea266f936201496c6	29.03%	Heodo
2020-01-30	REP-IL10598.doc	doc	f44945bbcc1aa962b999c7a89a2689be2c5b15a68ad8f1265f86be249f0d7c46	25.40%	Heodo
2020-01-30	Mes 20200130 UY881328.doc	doc	1db0c100dfea192f88767bedda9beef583fcfb5c7797f32d7f93dcf045d3239c	25.40%	Heodo
2020-01-30	list-2020_01_30-FOT93044.doc	doc	ded73d524fe7544ecb69b5779a5bddbef01386b55ac338c83fb4d25d31745584	25.00%	Heodo
2020-01-30	Dat 20200130 ZK69908.doc	doc	cbfd00a796bdd447134f7dc1f38823e8e2eefb7075068cc197ec67c044ecfc24	24.19%	Heodo
2020-01-29	dat-6366.doc	doc	0c899fbd963450fdf0d3d487fd91c0ef00e8c4191115d99d58a6b75476b06254	22.58%	Heodo
2020-01-29	mes 2020_01_30.doc	doc	2c7a2ffff7a4a2fcb7a86235dafda3b02ce67330155e00a22408d6c14b2f5caf	40.32%
2020-01-29	inf_20200129.doc	doc	e49d66744b97eaa47dae870c0fdd5f6b3a52e1b2245e8567ffa6b8a344663fe8	34.92%	Heodo
2020-01-29	Doc.doc	doc	49e28f382793143c68d57be83f8e7252dea8674a30f06b9063dd9ccfc4f25e85	33.33%	Heodo
2020-01-29	mes_20200129_I353836.doc	doc	c0ebbfa695c1e2d054d32b340956dfffb4c155a4e420caaf593b0f1bbccbbd18	27.87%
2020-01-29	ARC_2020_01_29_AVY8568.doc	doc	17cf2a778a942e5b8f5513d641182791244a07cb9d1c20a92bbfd990178e2935	n/a	Heodo