URLhaus Database

You are currently viewing the URLhaus database entry for http://nhuusr.nhu.edu.tw/css/available_72348_7pgF9pmr/open_forum/690851086_bgTw9Gwx/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	307038
URL:	http://nhuusr.nhu.edu.tw/css/available_72348_7pgF9pmr/open_forum/690851086_bgTw9Gwx/
URL Status:	Offline
Host:	nhuusr.nhu.edu.tw
Date added:	2020-02-03 18:03:08 UTC
Last online:	2020-02-05 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-02-03 18:04:04 UTC to hostmaster{at}twnic[dot]net[dot]tw)
Takedown time:	1 day, 22 hours, 31 minutes (down since 2020-02-05 16:35:47 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-05	Mes_28966.rtf	doc	1d71db32310de6088f008bda0c652b8a1715c3b98c549cfca90601bdc70c59a8	25.00%
2020-02-05	Mes_20200205_252715.rtf	doc	f6e0b5d91b15cc7860054d38d1b2cee458fe349ef370cbcb1064e91d8ad6d889	24.59%	Heodo
2020-02-05	Rep_20200205.docm	doc	e017e89646b0d091bc67504f4318ea078b5a279edd898f418ff735e40c432e28	25.00%	Heodo
2020-02-05	REP-2020_02_05-OXR223.docm	doc	4a45120dce1cd34a211f66e94d6a16a0e567d8aa85527c6fa830f99691cd1816	24.59%	Heodo
2020-02-05	List-2020_02_05-E648.docm	doc	4e82c0983f4287199416515585b3322785209242527d21f73fc1213fac0da816	25.00%	Heodo
2020-02-05	File_86725.docm	doc	bd69c2f2ba41eeccc2c9fb6372f3a09a5921e0adbc6eea30efca31833098f475	24.59%
2020-02-05	inf 2020_02_05 5608744.rtf	doc	07fe2fb2cf6e99bc0fee819b38bda8d4c0e8f7d18f8faa9775463041c71ba5fa	24.59%	Heodo
2020-02-05	arc 20200205 3831.doc	doc	49935d065197043a5954f5c0af2fde686f0dc8e83a648ca5377b249246310dde	36.07%	Heodo
2020-02-05	MES 20200205 V000.rtf	docx	3c0292963e5af1dfc8aa14b1b0408c3d3e0873fde4dd75962bd380b5aa67eb36	34.92%
2020-02-05	MES-6798.docm	docx	98a046c048e6dccb43c0c6c6ce35eda6d4792e013b3bb7abf69702d4736b8840	34.38%
2020-02-05	REP 20200205.rtf	docx	dcdcefae226e1eccadad30728bc5d5a86fcc042676c0e98078e62ccd82b564d2	33.87%	Heodo
2020-02-05	FILE-744091.rtf	docx	a25acb77ff59454781d30445e527d286c6b22fb2040cc8e0c0ae31e14c603e5e	30.65%
2020-02-05	List-I6439.rtf	docx	c88c5193f9ffea07709eeb7dbe053ec079f2a2d4f142fd26ca76ed7f55c6e6ab	30.16%	Heodo
2020-02-04	Doc_20200205.docm	docx	f189891eacbacefcd510376ad44060a48962b25cfabcdd82b7845acdb512bab8	30.65%
2020-02-04	Rep_2020_02_05_T3884.rtf	docx	27a5e313736abda63663aeb91c859e981de239191765240ed311c07e8f760014	32.26%
2020-02-04	INF_777.doc	doc	3e807f7cb48c71df4ce8ba0a0024238ec14712f1e68e7d0c959ab376f2fbd524	32.76%	Heodo
2020-02-04	LIST-20200204-V85182.docm	docx	cf00a0e13bdc326ecf08bd0238ee35c3600642133c7f84f69b0434aa63bfa291	32.81%	Heodo
2020-02-04	arc_2020_02_04_4801.rtf	docx	226e3d9397801a0c20fc12e65373887d6b8e32d5d47ea818a8b891be4513e330	33.87%	Heodo
2020-02-04	arc 794.docm	docx	b47eba67f3bdcaadc7e9116053d4a250ae71ce6031b8ae4c30bc22459a57ba0d	31.75%	Heodo
2020-02-04	List_2020_02_04.docm	docx	265e4a2697fbfecc43edb76419d9e4a8928492d01b548cd7d6804226d6b2a593	37.10%
2020-02-04	rep.rtf	docx	12edeef0065331ab3b8644b9c14a1267b266a96e33ad20e9055315c454b750a4	37.10%	Heodo
2020-02-04	ARC_20200204_323.rtf	docx	a22639097a957b8debdfb4ff182eb2b6a288368b09b8427853ed91346b687737	35.48%
2020-02-04	file_20200204_9293.rtf	docx	71504ffb2ac7323b2da494aabf013190544db3e4230b363b639d68878aaf77dc	36.51%	Heodo
2020-02-04	rep_2020_02_04_PDP05509.docm	docx	167323f590c8eea01e897581a3de8e00606c176ff6518fd3ac0a3d64dd2e7d9a	36.07%
2020-02-04	DAT-2020_02_04-ZF7568.docm	docx	4797cddac2f4b88206c147e98842f78fb081f26db474df81a02a7a05c59865be	n/a
2020-02-04	DAT R6280.docm	docx	66fbfabc52fac899652f0e490be589ec3d3c5d3cf233ca24171ab6d8ff55a50d	34.92%	Heodo
2020-02-04	INF 4357.docm	docx	7866c794e416ef1f3bdbf8d29370390f025c8846d1b4e5d61b2c0b74daa75508	34.92%
2020-02-04	inf_20200204_51898.docm	docx	29d71c405f029109b5b6a5eb51f5f957a706b5130105c3abd7e3e97cccc66c2d	36.67%	Heodo
2020-02-04	Doc 2020_02_04 896889.rtf	docx	002d694ef8bf683023d2285a4a16c1673c4ac35874c13d7cfd9c9dc9cee5854c	n/a
2020-02-04	arc-20200204-U935.doc	doc	028f4c2dbdc1cc4dcc34a7dd5f190ca34075756f22fefa208b992649fedf8c14	33.87%
2020-02-04	Rep_MO006504.doc	doc	3ef6b4e38605a462d132e649b2deb19948e340020356dc9b297b7bb27cddd985	n/a	Heodo
2020-02-04	List_20200204_KI469.doc	doc	06ef3b76fdfb2eccd0a672a1023ffeff68a0dea6d2a4da527eaa596842391fc1	38.10%	Heodo
2020-02-04	FILE_2020_02_04.doc	doc	0c5326e304b5b23196b990d4ba1000e7a34150acbfa3b3cd8aaa35a12f124e26	38.10%	Heodo
2020-02-04	arc 2020_02_04 WHJ1124.doc	doc	05ead2ea8d0ec1dfd4f5b491661af731b41e275c0471f7f733cd097b544413dd	38.10%	Heodo
2020-02-04	inf SAZ71413.doc	doc	501750ada1703f7865f401e573449f6204b469b099d9e1e9fdd8f51413c17639	n/a	Heodo
2020-02-04	REP 20200204 KM555.doc	doc	3d78b8943ee63fbf0eea864676e6cc25a64863d53c9252807f5cfd86ebe3c4fb	35.48%	Heodo
2020-02-04	INF_20200204_QD82886.doc	doc	ce8eb63345280d1325f0c238ee972e035dae857560a8092478c2d7029db2b81c	34.38%	Heodo
2020-02-04	mes_2020_02_04_186554.doc	doc	96ca41fe85593ec2adee71cbe9ddeae3c084689d3bd049ba0b3a548895583c11	33.87%	Heodo
2020-02-03	FILE 7578239.doc	doc	7a683061b05b3d070d8ce39cec4901d51e51c52e9593c13ce40d1ffbf9a7cd97	32.26%	Heodo
2020-02-03	Dat 2020_02_04 0731.doc	doc	63e3e85f403c106b4fafa44e02021f77eed338d965daf6c30eaeaa4c206bba12	32.26%
2020-02-03	doc-2020_02_04-P314152.doc	doc	638b50da8c574f4785910dca412d1afe1520c754d676c4f8838455d0de5d637c	32.26%
2020-02-03	arc-20200203-GER1043.doc	doc	0d7ea58a5c9c2e9c564452f61b6fdc2c2a590d27f718ff40d270537518afb93b	n/a	Heodo
2020-02-03	Mes-20200203.doc	doc	512b2b0415df7c51ee775773ba39d89e89c37b739b4d2479db8ac4b4af3d23fd	31.75%	Heodo
2020-02-03	Mes XJ964162.doc	doc	3d60a61d4322a42b51cb54e9a972edc6a630a3885f4095ff9803fac7f554dadf	31.75%	Heodo