URLhaus Database

You are currently viewing the URLhaus database entry for http://nmgoodsvungtau.com/eyycq1/private_hc7h_W86AIqS52N0v6s/open_portal/iecv_87362307yu4t/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	415485
URL:	http://nmgoodsvungtau.com/eyycq1/private_hc7h_W86AIqS52N0v6s/open_portal/iecv_87362307yu4t/
URL Status:	Offline
Host:	nmgoodsvungtau.com
Date added:	2020-07-20 19:28:15 UTC
Last online:	2020-07-23 00:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-20 19:30:04 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	2 days, 4 hours, 39 minutes (down since 2020-07-23 00:09:33 UTC)
Tags:	doc emotet epoch1 heodo ZLoader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-22	doc_20200722_2160.rtf	doc	00f9030cbfb095139a4e8f6fc9e282149fb32fa202c75dd95063951b237bdcb3	38.98%
2020-07-22	MES 436357.docm	doc	476f47a1fbb75de056f6a02ab3dbb2087dc5c6c2519a029219f344fc90e16280	36.67%	Heodo
2020-07-22	Rep_2020_07_22_0201155.docm	doc	79cb28f01264a585e6d085eff860653eb72ec7b1976323c1f310ff7bdf0b1598	36.67%
2020-07-22	Arc_20200722.doc	doc	933c7f05b56492f880e1716a1240b0bf1679fb740c973b5adff2f3575ae2a3b8	31.03%
2020-07-22	File_617316.docm	doc	fb1530a751799859585501c02c6cce39addd2e4572d8df0149ae14735eb2f113	32.76%	Heodo
2020-07-22	Arc-X599997.rtf	doc	6babaa931bc26a787edf3d1d3118c0a45416f2e9deb01bc741decf522a2bda49	26.67%
2020-07-22	List-20200722-07365.docm	doc	8e68dd2720dc2775d2a42abaf76de80d689fdd34c0367de007c414def3d2d33b	28.33%	Heodo
2020-07-22	mes_M804.doc	doc	80f335e6ac6c351ae23e40d64dc9539009aaad764770364ce4d82cf144b89353	29.09%
2020-07-22	FILE_2020_07_22_1805579.doc	doc	bda45a277d1d57050ac2f680f22b728a35eb2aa5d67471ea2b55817d66a982c8	26.67%
2020-07-22	Rep-2020_07_22-127.rtf	doc	6f567c0477f01c7cb169abe9c9bbd5a18c39d7a68160438508adc626a2835d2d	27.59%
2020-07-22	mes-20200722-152.rtf	doc	d3d731e1c5ed00a3123112f5f1b4d029a74b742ddf0b5a2639209b85f2930b18	26.67%	Heodo
2020-07-22	File-20200722-QT965.doc	doc	4ef2c8006cf9685f61441f329dbce4b1cfab1f70eb6709bf48168b31c42eba0d	26.23%	Heodo
2020-07-22	Dat-6846.rtf	doc	bf08d9f7924956f144f0211f6ea48722fea5cbcd8dff6c661dddc5a221e13742	26.67%
2020-07-22	Inf-2020_07_22-011.docm	doc	656f9f7c087bc9a3d272d1aea2c369dcfa89d33e5fe59b61e4a57d7b181904d2	25.00%	Heodo
2020-07-22	INF_20200722_C0080.rtf	doc	8a4dd2564fb906334e1702628a5b52b6ab20497d1a5522332c4879a1eb778c7a	24.59%	Heodo
2020-07-22	doc_20200722_908746.doc	doc	586155893603026b83f2f51289bcb32825a2cbcf7f5b0bd9dad28b470d8453c0	25.42%
2020-07-22	Dat 2020_07_22 211246.docm	doc	ff885175138132335dd7f3a840c5cf89cec412345bb6bb8311853367827526d0	24.59%	Heodo
2020-07-22	inf 20200722 EGN63637.doc	doc	737f7e0557c9203033464070e06e23e7675c8325abd0083d1ebbdaca3f7eac2e	37.29%
2020-07-22	mes-UEH81343.rtf	doc	8aec85cd8e1f0f312d2a3442272e4634ea845690457c6a516b51378c868a1c34	34.43%	Heodo
2020-07-22	FILE 2020_07_22 3119.rtf	doc	eed180c709224d892fa8a82e0c51bf623d7057a65ca483d45e3d005984dc6588	32.79%	Heodo
2020-07-22	Rep 20200722 RIB524092.rtf	doc	7eb51f8c4719f0171a98650b63385c15908628fc4ef7838c410fc53c46a0b8a6	33.33%	Heodo
2020-07-22	MES-616.docm	doc	84ee9ec33d16ade130e8842b327ab3d4b8480fada3bb6fb25ad854dea738e9be	31.15%
2020-07-22	rep_2020_07_22.rtf	doc	365f2b2480d704ba0fa82cf5c25d92895a3518ed02ec36ff5f150cfe091b3574	29.31%	Heodo
2020-07-22	LIST_20200722.docm	doc	28e77291fea150f98e5ed9a57a4d4074ff204abc6e20218a7e67bb0e4b6e23f4	27.87%
2020-07-22	Dat 2020_07_22.docm	doc	c07649d058f6470af27cb972b0a9306496e2641bf959dd66206f3feff56b83c1	28.33%
2020-07-22	list-2020_07_22-085.doc	doc	04b189501cde3a8e14a2de3bb20b7313da30db8f0a7af0862cc14e400caebe06	26.67%
2020-07-22	List-2020_07_22-MWR1826.doc	doc	0c24abb426e9a3dac8679d113235fe206c6cf1010035c97791dd11b9132a567a	26.23%
2020-07-22	file 20200722 92574.rtf	doc	80cb12a6bbe9b2c3065f9007e9740b9f7d75dcf2bc68651848cb08f4ce619b39	26.23%	Heodo
2020-07-22	mes-2020_07_22-277814.docm	doc	ebdc8f40febf78564180a0f4a84f3ec60622fdb13e5a18b627ecd8f86f4e1b85	26.23%	Heodo
2020-07-22	INF_C0733.docm	doc	5ba62e60945b4eadc0eaa81b0f2b31ce3b6d8c785130a6000ce906dafef73afc	n/a
2020-07-22	file_20200722_690097.docm	doc	a726db669cad36b2fd25878a66e81894a830c83827693b16c8e8e44b832036c3	26.23%
2020-07-22	LIST-20200722-H45093.rtf	doc	ad71158fd2fa3ad570d1764feac2737214e1900c2ddcce1c9b7d1e347a53e357	26.67%	Heodo
2020-07-22	INF.doc	doc	d7b8fec9f533a9c31e7fe587b89552973d00bff30e4c7d8f7d4f2d93bc0eda1f	26.67%
2020-07-22	arc_2020_07_22_AF13113.docm	doc	e5e81d1d34512bdd8b9aab542cbd3b5ce38d6ab9d3e607684bcb4f0a691307d1	26.23%	Heodo
2020-07-22	FILE 2020_07_22.docm	doc	ffb87064fd80238bc3cc8cecd8d855f504e0e8ece871014875a625d3b0752eb2	26.23%
2020-07-22	REP-2020_07_22-8444.docm	doc	80521c4140fb416730b8ae61ecbff6869f7ec3833a13b87ce652285e69632c58	26.23%
2020-07-22	Arc 456918.docm	doc	435f4fc1e9a6888f671e834bbdce6aafc5928c7dcffbbbe728f18573b73da965	25.81%
2020-07-21	REP-2020_07_22-480913.docm	doc	3ef294ca4013371b69d6af647114806b71bb3dc07fd56f12c078703411d61b3d	25.81%
2020-07-21	file-70146.doc	doc	c1cc356eaf49711b7673b9c27f015163363a60417ad3b9b7e6883015b65d80d8	26.23%
2020-07-21	dat.rtf	doc	fcafb5e437845e9ae17fd02ebb6233cf43399f17ea4371629c71a80ab5f17444	25.81%
2020-07-21	Doc 808398.doc	doc	4ed6d7c9f2e9292974253fd9e5b4063a391c156768d50cf6a8deff4425a099b2	27.42%	Heodo
2020-07-21	List WY175.doc	doc	97d6a51f311c9af7f316be2f4d5ed00901bc5eb08c6daffb87fcf98ba3bd851e	27.87%
2020-07-21	MES_20200722_8407.doc	doc	a8eaeae150c0c2f63c21f90adf8634bbd7653092f06a273410a5c26df3f0e25f	26.67%	Heodo
2020-07-21	DAT.rtf	doc	7b6d030461fbd94c985e17703889f54e8012d5ba9af413f3009e010eb28fae17	27.12%
2020-07-21	arc_1710.docm	doc	6852b34db0c7a6150c1095a704236a1938b4ed46cd9d7bdfd412555ebf61890a	26.67%	Heodo
2020-07-21	MES 2020_07_22.doc	doc	db88b385b97b7038cd233960f7f99ce350a72a3eecf6bbbcb227645f111d4e7c	26.23%	Heodo
2020-07-21	Arc-2020_07_22.docm	doc	f9f454cca8e91299630413a10305ecfbce0ce0702ab5e73ee85c21fbdd49a0a1	26.23%	Heodo
2020-07-21	ARC 20200722 300.rtf	doc	8aa3e958943656f026b02437d4c84ed9268018560390b8ab0d9807c7b23c8b41	26.23%
2020-07-21	LIST-20200722-UXT002.rtf	doc	1a3131840aa881ca39803d20f5224e9339a2cc959ac92ab756f6ded8d81a1a90	26.23%
2020-07-21	Doc-AT752.doc	doc	bcc1834e956cf9ee218e2956ae6511170e810ad54d6738ed11f98620609a3e30	26.67%
2020-07-21	inf_270544.rtf	doc	253d4ce06935b6b78211d3f7b0ef787b74e019761199199ab5720333db23577a	25.81%
2020-07-21	list-2020_07_21-2449.doc	doc	d678baaadbc56de5d5136a2bae9b233710d4016b9d09094c907e6a1442f7fca7	31.15%
2020-07-21	DAT 2020_07_21 934650.rtf	doc	7fee029074a8081f338a871b45c13d2dcb5101a0aba03913b5038645850d88d7	29.03%
2020-07-21	Inf 9158751.doc	doc	0dbbb6599f01fe8f1817f54193e2969d69f49e504430db1e659cbc26706cfa2a	31.67%	Heodo
2020-07-21	LIST-20200721-WX91866.docm	doc	7203fa5731e4f60d782eb7248af9620384981a39282d70094f40946b1b7a60c8	30.65%
2020-07-21	list 20200721 IS78513.doc	doc	1054c41f6e0c85d12ee934edb47dc40dd79b6326e7c292477552590736c00fb9	28.33%
2020-07-21	Arc 2020_07_21 4472.docm	doc	262962b5fcfbc2fd14aa121ea6d5731ee54807c1d8f5cb14aedfa6437d1b764b	31.67%
2020-07-21	arc-912.rtf	doc	c969a0b83fe39c15dd74759e9c07b8d753908346f3d8dcb940fccee01f146e92	n/a
2020-07-21	rep 20200721 HTK759.rtf	doc	ade92c771f3d31b85f839181d2c222569b9271fef181b82414798016840e0b37	29.51%	Heodo
2020-07-21	LIST_20200721.docm	doc	519ac8bbe23cc0506580ac08c5bc589d9d5382e00ea81898846715cef7502d8d	29.03%
2020-07-21	rep-8093461.doc	doc	620ec5ba9b3488d2f0df3f27c7efbd786e501f76dc0cd1e11e70e9783968374e	30.00%
2020-07-21	REP-6006.doc	doc	5a9ed58c2c20ef3e41c1d6f3873a265e50184737ba7e5929aa448b1f0bf6a9d6	27.42%
2020-07-21	Dat-2020_07_21-531900.docm	doc	6fd1ff7ba7489d9c2e6536cb0d3fcb478c4864ed52f031914413e76590d25835	26.67%
2020-07-21	List.rtf	doc	23bf0066e26b5b6e2403af2810c57d5ee5c0e04cfb175df6c134826cdb68bce9	25.00%
2020-07-21	Dat 2020_07_21 VH2162.doc	doc	d5587b12a4f2e10f29d7fdccce2664458c54b7a2c6b4d546966be1f5b3145883	25.00%
2020-07-21	file 185706.doc	doc	f056f89b5a79b3878f8a263503d8aabc4a8bd21cfe12a8621dea3a9f1777efc4	31.67%
2020-07-21	FILE OVZ1981.rtf	doc	33e64096db5340fb26c5b5d6f9b1dd89674d3a77a96a25fafcb878d9929fc9da	31.15%	Heodo
2020-07-21	file-20200721-1639922.docm	doc	99c6c8f02c2fef792bc8a5a6406b0baa294156cb38b8df191f98cfb5a90547f5	30.51%
2020-07-20	ARC-RUQ661225.rtf	doc	211aa330e781af24810676e704804e6f939793cf7572674e42de54a4f7513735	29.03%
2020-07-20	doc_2020_07_21_ZDU2538.docm	doc	e00291bcd00edfbf9f8f55a1f34576b512404c036b744d0ce846397f8a83bb1f	29.03%	Heodo
2020-07-20	INF-20200721-3251.doc	doc	518def77204a86e55289809beda7c491b0f9ab290b10d7b4bae1c670a0f69c8d	29.51%	Heodo
2020-07-20	Rep RQ620.doc	doc	f83e32a15080c0f31451809377046083d52daef3354edecea6db6ccf4158a43a	30.00%	Heodo
2020-07-20	Inf-2020_07_21-7572.docm	doc	68f85e639cf07fc84c8204cec1bd82fd8985d854aa17d02c89b58b255b98ed48	29.51%
2020-07-20	inf_20200721_780924.rtf	doc	a6ca24bb5b1de30cd63ecceac1727ca4102ed289d65fa05c550c4485e6ca372b	29.03%
2020-07-20	DAT-20200721.doc	doc	c0696d196c346305861f4e358f48f216dcdde4251309abed3547504007cb858c	27.42%
2020-07-20	arc 20200721.rtf	doc	616dde6dc6e22e28f4149e26996578dde114b40f896cee3cb36165d52ff70857	29.03%
2020-07-20	File-2020_07_21-022505.rtf	doc	1269bdbbc40be92cc1f13918a692b34fdfeec466bd7d872863ecc405ff38f77f	27.42%	ZLoader
2020-07-20	Mes 20200721 099.doc	doc	4d5d4a16ec11a850141a0a77026153d2a409bb4602e624623ee007e79dfd9639	27.42%
2020-07-20	List-98629.docm	doc	3b93eda94becc07130cb0b7b3bd4f351444c2a0810a9bd983913a4a5d833b3a5	27.87%	Heodo
2020-07-20	DAT-20200721-041763.rtf	doc	00593b1d3ba64e5ca39e6c503ab0f33dcade0d3afb65c2a73f2d4696cf8a7bb0	27.42%	ZLoader
2020-07-20	Dat 263.docm	doc	d28f9dea8c5837be7474d3735799da462ae74c0a0f3e7279a3eb8a50ba6183ee	27.42%
2020-07-20	Mes.rtf	doc	10e15c8850925b8f03210b06fdc2e0e87bd7339bf6a185992346e2063cbe1e99	27.87%
2020-07-20	DAT_20200721_3856947.docm	doc	f4295c97af0389a32cb42495d1b102a8e8698e5f107c50034cee1d0ef8735a1a	27.42%
2020-07-20	File_20200721.doc	doc	b431233adfd3e63e12727df15f9fd91134c9e87b1e69f570a87bc8b04561b060	27.42%
2020-07-20	Doc_48916.doc	doc	d06b767d98bec7fa338114b2e77b1db8b1a8962819fda91258575e6cc7910b31	27.42%
2020-07-20	Doc_YQG902.rtf	doc	aebb6c605f43479215ae38d93b7e2d6edc07769fa39cd79450d94a3fc2a50bb1	28.81%
2020-07-20	rep 151362.rtf	doc	a1064f658ecf514ba982b19196bb1ea0b7f1e85661c20777b3e93093510db141	n/a	ZLoader
2020-07-20	Mes-2020_07_20-FHN194587.doc	doc	dc83903be08352444bfd3116d33bda30da619c60371f037e0bd56f82a2a768fb	27.42%	Heodo
2020-07-20	Mes 20200720 69891.rtf	doc	ed29b479d20901bb285c8146d9a69a73a34eadaa4f6c86aca69aeefe96f4fe0f	27.42%
2020-07-20	arc 2020_07_20.docm	doc	cbe8fa6812edba1a4e2b1fe7c30f6cbf05f21e5935e95ecbdda6d3f5d3b6de9e	26.23%
2020-07-20	inf_20200720_3843673.doc	doc	d15b22e83039303eb5d1e6301196c50e06877bfd99caa5ab3fb87f1d7d91fc0b	n/a	ZLoader