URLhaus Database

You are currently viewing the URLhaus database entry for http://thelavanyabanquet.com/cgi-bin/Documentation/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:440815
URL: http://thelavanyabanquet.com/cgi-bin/Documentation/
URL Status:Offline
Host: thelavanyabanquet.com
Date added:2020-08-25 08:35:21 UTC
Last online:2020-10-10 06:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?):mail Yes (Ticket DCU002891032 created on 2020-08-25 08:36:05 UTC)
Takedown time:1 month, 15 days, 21 hours, 59 minutes Bad (down since 2020-10-10 06:35:23 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-21BAL_7130834287704.docdoc 3cfc36e14d513b86b9968ae7ed08732fdb2e8d7a358eedd09141f10e96d9244en/a Heodo
2020-09-19BAL_7130834287704.docdoc bca13497a991349f2601a9121eced5a2f878fad8a5ba0e4088c74c12272f4830n/a Heodo
2020-09-16BAL_7130834287704.docdoc ff5b2bbdd5cff880b975a9844d39d143f2f12d2e3e85964e546d24a2c7a28301n/a Heodo
2020-09-15BAL_7130834287704.docdoc 4513f7d1430bb9b12264a00c05b6dda45ebb80733903962435ccb4f843345640n/a Heodo
2020-09-15BAL_7130834287704.docdoc c18335c0e3bb22f2fd955792cf383c78789fe7f155de91ec870416f704493a7en/a Heodo
2020-09-14BAL_7130834287704.docdoc 4139ab8a7e069497cc9d9d148ea0b0540210e5ffdad7932f595e20c9d9b54048n/a Heodo
2020-09-14BAL_7130834287704.docdoc 10987b28b176b682f885e79ed0ffa4e860f39f0a6282d5acaa67031b492a468bn/a Heodo
2020-09-14BAL_7130834287704.docdoc 346ae323bec55b7de59c1743e53f5b5c68a2c931db5cd7dae39f536318da465en/a Heodo
2020-09-14BAL_7130834287704.docdoc ab5866aac0727cece09c9728e370a66c1777f412a2e07eda158bd11fe5f402efVirustotal results 18.64% Heodo
2020-09-06BAL_7130834287704.docdoc 82c38d142efc1301b06c78a27f2a3cda8038be02528098fb44fc5ca733b9e267n/a Heodo
2020-09-05BAL_7130834287704.docdoc 5f3bec0d0053c9015f7ad0a223d2aae47fadb983f00f9254ac4be37f315310ffn/a Heodo
2020-09-04BAL_7130834287704.docdoc b7df646fdf1e60d8f3bf0c025a5c3e8a426c250ead710a261061ab81f9aa371an/a Heodo
2020-08-27BAL_7130834287704.docdoc ae61ee0eb471f7aa920b48426710e39448ddab3cf31cde02a22f00a6a7f457b8Virustotal results 29.82%Heodo
2020-08-27FILE_N4V8IZB5QNSR.docdoc abf0bc27d555c075d94aca0ac0eb6824f009e704fa575b66203e46e30e32ff8dVirustotal results 28.81%Heodo
2020-08-27REP_11612517.docdoc d23f34d11bb21115f15188e114d069117f4d7590fbf3b342fe12b3d5241dd858Virustotal results 28.81%Heodo
2020-08-27A_51248512.docdoc 4b21ed50ed79a420217fa1a72731b1a30d251a06141cd56f00a0fdd17ee11493Virustotal results 29.82%Heodo
2020-08-27BAL_2484933377026647.docdoc 91eee6c53cef6973fbd184df00499fd451d2c44b837ff7011cd99368298633a2Virustotal results 29.31%Heodo
2020-08-27DOC_8726143297764211.docdoc b13b6fb044972063fee5a633ab2c88e75a1e7201427b25f21be5ba73dbac82afVirustotal results 55.00%Heodo
2020-08-27O_WWCPHR7UZTE1EXEH.docdoc 418cc4b29a2f7c05861556be1785c3b31dc530a4042c65c36253adb162a34d7bVirustotal results 54.24%Heodo
2020-08-27KY_082478529919.docdoc ccd219a6f531ed3f9ff84a1ce8e664e71c3dcc4af09fe196889fe1e1b69ed956Virustotal results 31.03%Heodo
2020-08-27B_YI2307520349KZ.docdoc 5651215bf90d3d27bf652a23f6f4ab03e32a080fba71d964022a87038fa6f1b0Virustotal results 55.93%Heodo
2020-08-27GQZB_QQ4739203402YG.docdoc 4a883ec03aa2a167f2ebe1778ce38fda19b778b00286254daf1de8d39a6d1944Virustotal results 56.90%Heodo
2020-08-27HT6298012717FH.docdoc 41627e3471672730007dc13d026ac234950ae1f71564721c77dd5aff29e9c51bVirustotal results 32.14%Heodo
2020-08-27LUP_080120_SQV_082720.docdoc 5e2acb078bf706a90389d90636ddaf5d332c47325336781c2ab14600e34adb05Virustotal results 31.58%Heodo
2020-08-27P_OE1K5GQA2RVNGO.docdoc ef416af10e5118129a871fbf94df4162f6dc2ae1cd5966e94b74058f8298197fVirustotal results 32.20%Heodo
2020-08-27BAL_784562746955159960611.docdoc d6f8e60e80e4142bd6e6c2162f5b44596f03cf98b415d29a0099e3462bc60dc1Virustotal results 32.76%Heodo
2020-08-27C_LI9DVZ8N1J74J0.docdoc 8d55499216baf8d4336c908f7cfe243e51a6da3542a26504de0c18c18febbfbbVirustotal results 32.14%Heodo
2020-08-27N_99108769.docdoc 46ad3ffd2f18db73936b38d5e36b53663025ded5a415cc6154ce37e6639ad546Virustotal results 32.20%Heodo
2020-08-27LWU_080120_PPQ_082720.docdoc 7fe66f85659a10160846a834f8b4befde4e554e2c6e6586097218eed58c96790Virustotal results 32.76%Heodo
2020-08-27REP_IC9239272210JK.docdoc c2da9f1e760b2054a7244c442736269184220a1e7639e186f9eb4022ed7dba3dVirustotal results 30.51%Heodo
2020-08-27R_PO_08272020EX.docdoc 7e6ae0bfbd08090276dc8821dbac500fae364dab68dad84b1fc2c4d971080dccVirustotal results 31.58%Heodo
2020-08-27LWS_080120_OTL_082720.docdoc cd0f5f2cc1f1f1bc7dc7bb9fe38aed374ad228315804fa2a759639ab42a35d89Virustotal results 32.76%Heodo
2020-08-27FILE_PO_08272020EX.docdoc d8b2892cb235a6a574651012133c78ab0928fdd3ce752cc0699681a373778c04Virustotal results 28.33%Heodo
2020-08-26FILE_28737174.docdoc 538f09c0b0e7a2ad7a2238635d7e136726a91b996a98d144ebe8a8b3b70fda38Virustotal results 30.51%Heodo
2020-08-26REP_SLV_080120_PCX_082720.docdoc f745d063038b7bcae3c19cd07cefa9488c5df1d744a2a272a5f8399a964270c0Virustotal results 30.51%Heodo
2020-08-26DOC_WWXSMSEO4FG.docdoc 560fc48350b60321bef9c84786d68acb7b7f4414d53d1fe7660563cd05cb5a1aVirustotal results 31.03%Heodo
2020-08-26REP_TI3346155835MY.docdoc bf3d5149b15fa4399dfadac2556d328a9707b9332e9f063dae1d4c90e36c480aVirustotal results 30.51%Heodo
2020-08-26BAL_JOT_080120_MTC_082720.docdoc 40761e27d5738895fd87e37555b219f0b556bc51d2701d965a51cabebfdabb74Virustotal results 30.51%Heodo
2020-08-2681695584.docdoc 4e78ff2d8f46718a5e53083c2f96401ea3e1174f112b70c741448aad402b9132Virustotal results 31.03%Heodo
2020-08-26YNB_PO_08262020EX.docdoc d30dd5e885a79fb037d8a45fbc54cdfc8a4d0186cdb5f1cad6e3554458a5c69aVirustotal results 30.51%Heodo
2020-08-2610070765635074155472493.docdoc 874b498a569260ed044256f13bd87d1a3697f02a17a364d2d61ba9005e12cd25Virustotal results 28.81%Heodo
2020-08-26DOC_XJ3075387006TB.docdoc f80629914c9555da3d9e7caf2082092d7898f702397f8fbb4a5ab84da12633f3Virustotal results 31.03%Heodo
2020-08-26DOC_XJ3075387006TB.docdoc f80629914c9555da3d9e7caf2082092d7898f702397f8fbb4a5ab84da12633f3Virustotal results 31.03%Heodo
2020-08-26BAL_IGTC2J5I0SV0H.docdoc 898606ce53cb944570ef3226fed74c7f3d6cfab92352cacf96d3a190cb045145Virustotal results 31.03%Heodo
2020-08-26EIA_080120_BBO_082620.docdoc d9d8d7e4e5f7fa56ad36e21ff3874101b96e601a79397a7aeff7918cd9d0ec80Virustotal results 28.33%Heodo
2020-08-2605796534.docdoc 39fffa400541356137e91075849e49947cd4864baeeacbc328e6aa73f52ef4fcVirustotal results 33.33%Heodo
2020-08-26M_BF2645147629SB.docdoc de6eef8f559ed20487bd721dbd7d2d2c26871567abca7c8ed929e8a16a3be992n/aHeodo
2020-08-26REP_FDW_080120_GMU_082620.docdoc f704c7aea8849d0ae729aa1436b9590e92291e62204821e5d7550db4c49b2c1dVirustotal results 32.76%Heodo
2020-08-262405246818221996222392527.docdoc dd471711916613ac1e38ee1a757f5b743a522d49535d62096de0d3f248c5465eVirustotal results 31.03%Heodo
2020-08-26INV_ZUE_080120_TOD_082620.docdoc cc40e627bf4ec25eadb39fe8f637b55c950280c0f5329b0b189a35ede2339cd7Virustotal results 32.20%Heodo
2020-08-26BUUN_6372946452953578148.docdoc 6172691b40af326e4401a41208b54f047786ccc000cabda70b3afc6a0d434278n/aHeodo
2020-08-26BAL_QS5080592356DW.docdoc 230ab4fa2ef9855a13c29c152fc59b6de56233f75e523a408a709175c7b68953Virustotal results 29.82%Heodo
2020-08-26VE_BAT_080120_GFN_082620.docdoc 14d43c503a1c9c5f61bcfd706d421ffca90c3f85c85dd05adc435c623d8fb46fVirustotal results 29.31%Heodo
2020-08-26PO_08262020EX.docdoc a40b452daaaef1e757d3c55171fdbefcbfaa8342757d2037b3eb3e451f292008n/aHeodo
2020-08-2657814113160215940.docdoc 690b7078636392724c3d0facd5199e05ec56585148bbcda6aa7f2c64f597635eVirustotal results 28.33%Heodo
2020-08-26DOC_PO_08262020EX.docdoc 19ca8c91cd538e5f8391aa3c2aedcf6269da71895ee8746d43258bd2a8b960ean/aHeodo
2020-08-26DOC_4OW029Q.docdoc 43b33fc5852e71888cd1482bebdb418167ded93b6c98c1c46892a0559ad53345Virustotal results 26.67%Heodo
2020-08-26REP_ESZ_080120_UBB_082620.docdoc fd78d9fa07b70f12144d7cbde2f043f1662f4b01828337ec3363bb51d7492133Virustotal results 29.82%Heodo
2020-08-26BAL_96846028714803.docdoc 04c871d208f036de0564f672c588b02133e404885077c81fd692c49021c5ee46n/aHeodo
2020-08-26REP_YJ2348976583MX.docdoc c2e51843833af341e0041af71442fb6dfb6991c35fb6a54ad3e2e23fbd3d691dVirustotal results 27.59%Heodo
2020-08-2636461191.docdoc e14c5eae5d7ce85445fc7463becfb3896307625e246e3b97df5def0501570eedVirustotal results 28.07%Heodo
2020-08-269842519246559651.docdoc 0322eae38619df582bc680d8fbde3a8a8f4b9e2c02b689db2d863c62f88c559aVirustotal results 26.32%Heodo
2020-08-26INV_038632852499324120137260.docdoc 1059da022c224102397993239d8e954f4eafa8a83e645f14d34ff2881e4d338aVirustotal results 25.42%Heodo
2020-08-26PO_08262020EX.docdoc 2c2f9ca6f1364c572f36aff18e3e5362fd335a1df30aa0de87dee0e8628312caVirustotal results 29.41%Heodo
2020-08-26Y_PO_08262020EX.docdoc 300cf0fd3de72ba9c28fc5428b8fac05aa455c7d7ffffbf3ae72db863f7fec1eVirustotal results 29.82%Heodo
2020-08-26FILE_EAP_080120_SZX_082620.docdoc 45f3d708478cd8e94ed0efa61d005fe07c3a6b3bf0c83e532e7714a6c8eaf529Virustotal results 28.81%Heodo
2020-08-26U_95586336848753.docdoc b8a9e11759f4c916ebdfad5cfab584cf315a1048647d699c994d6a7b60471781Virustotal results 29.31%Heodo
2020-08-264916305789572639350316.docdoc e2f93f504fd4eaf83abee9ba616dd2ff6264f7805737a5556899e37883c7cdc0Virustotal results 28.81%Heodo
2020-08-25BAL_KHD_080120_ICG_082620.docdoc 8fca1b7834abd4c497c08643e11210ec88d3dc33c3d75a94f72f2039b584bf94n/aHeodo
2020-08-2521095079.docdoc 966e05abf8db8638c7e4ca88db7b7943092c05b18f44597801128b6f7ba41254Virustotal results 29.31% Heodo
2020-08-25DOC_09542554.docdoc b1e3c18649bc4cbed912ce7f0087cdba73298204214713ad1038375ad055142bn/a Heodo
2020-08-25FILE_UCG_080120_BLO_082620.docdoc a60bfe31dcab8ba0730c4edb7de14a10147c618560d09a6137b8e7bb6209dbc1Virustotal results 28.81%Heodo
2020-08-25FILE_ZE2779714486TO.docdoc 696268abaa7fca009d2d755c96a4aab42d5aa9d20f5e586480896798e975b44eVirustotal results 29.31%Heodo
2020-08-25DOC_1087809317174217565428954.docdoc edc3477618d76e98889e1be29182a8db3e21ff561eaea309e12070219788bab4n/aHeodo
2020-08-25REP_MZA_080120_SUI_082620.docdoc ac78eee3878c21048095ec53df6b24c4cfb8475a8eae927fdb5a179e811b47acn/aHeodo
2020-08-25FILE_TX5244823001QP.docdoc 450e8dc78bc1e07fb859e5b2aa358a8df25b20cb9e7aee45c0489e1718d10f1dn/a Heodo
2020-08-25REP_RS3455392607IH.docdoc 0d20df2cfdf9cf06ae715303485715ec9bf9baf96fb9e6a9f7de0bd43479e678n/aHeodo
2020-08-25TPLP_85JZL1M.docdoc f83ff86a7b80e435264d444c0bec91a81e09cbc5df01e1f2f155d3782e456eeaVirustotal results 31.03%Heodo
2020-08-25RT9120920752DL.docdoc 96eef74c59d9b8b47979fbaf2552a9735dcddef28df0b5b87655a4c849f9d853n/a Heodo
2020-08-25REP_01373833.docdoc c83c6353d36706d9ede8b73d387db5ea74ea2977900f849d802d7cf17669c266n/aHeodo
2020-08-25BAL_AL7456727101QB.docdoc 9c0aab9278337eef97af4227c2c84c4e6ca81a76b72df7c1afcf2439b5d6db00Virustotal results 41.38%Heodo
2020-08-25REP_PO_08252020EX.docdoc 23b985aeba6423e4a9a4b3c2c30d057fbf0dd29f65d0700581a45b8276eae366Virustotal results 40.35%Heodo
2020-08-25FRWNL1K.docdoc 5ea798c77e148ba56c705159bad7572cc32b08d35f1490759356a6d114d50a2dn/aHeodo
2020-08-2526571968560486375.docdoc 3dce2355e30fc9c2bcf1011d6e069107e0f65eef8e4b8dcab989ecdf8bc55407n/aHeodo
2020-08-25DOC_QG9402572919XO.docdoc 31b667c4a36243119386974054815bcd6f58ac21d868084ff020986f1b28cb30n/aHeodo
2020-08-25FILE_TW7003740910RS.docdoc 340c0a7bd1dea55284f43e599ed5afbb240cbe03d66e478ce327abac2358c230Virustotal results 32.20%Heodo
2020-08-25REP_PO_08252020EX.docdoc af47b502a8a50cac62e1d264219056d986f81305a62bf0469e433a70e939bc23Virustotal results 28.81%Heodo
2020-08-25FILE_EZNM1KV0A7.docdoc e06211b96198e300977ef5f59cf0badd6899b4e387a2b82068e4d0aea2b1d40dn/aHeodo
2020-08-25P1Y79NQ8QSCCCCW.docdoc f6962e13233f4fa07ca79a91a9af5bbaf486ef0d20083a41f8d6779a0c651b49n/a Heodo
2020-08-25FILE_49170444.docdoc 10216de03866c86a163d074495bfd71636ac299c24a2c6f0d482a733a5582c62Virustotal results 29.31%Heodo
2020-08-25L_SV1933624094FY.docdoc 9782513596cfc5b6c1085aab702486a584065a2801f69b7b671c7d5d347534eaVirustotal results 28.81%Heodo
2020-08-25REP_578825120782831449.docdoc 67a58e87a8dd00886a21fd38eb8403c023f21a4594424b6a9067b970d59b6c7an/aHeodo
2020-08-25PO_08252020EX.docdoc f21faca8972bc209d15bcc3c2e83128492fde7fc7bc93f369ddccf2618f28d05Virustotal results 29.31% Heodo
2020-08-25SKK_91730070.docdoc 917c58bc1bb89ba90f3ac83a87a5ad3370a69bf351acdf7e5b9ccf53d25d3d84Virustotal results 29.31%Heodo
2020-08-25FILE_LY4000679324XA.docdoc bd8a0109baf1b5261b7d2f4bf5845d6de6998b471a2a21a52e9bc7d07d343ce5n/aHeodo
2020-08-25INV_20063334019796.docdoc 7c31462a60a856f9b8b0377cb7be76abe08f0d89985a8e07064f72d68b71da28Virustotal results 28.81%Heodo
2020-08-25FILE_21606149.docdoc be9508b06ac529e53e81f008999cc6ddfc0402beb7506e6094c0d8bdacfafb55n/a Heodo
2020-08-25WHR_080120_QDW_082520.docdoc 9b8ac0009923f7349f148f64d519bcf46bcd84fb706fe390b706a9313ee631afn/a Heodo
2020-08-25U_WKH_080120_CDE_082520.docdoc c31475ad1afb6834c1506749edb8bc12f09e65437e5ad218dd08ae12c57da3abVirustotal results 28.81% Heodo
2020-08-25EXN_080120_MER_082520.docdoc 9653845487d1b3c5f4a30493f9a0df6df6f9f50677748425b87c6a9480793d45Virustotal results 29.31% Heodo
2020-08-25DOC_PO_08252020EX.docdoc b945b988b27801540e449630cec785cfe4444083df589ecd4b5a2e4a63eb6353Virustotal results 29.82% Heodo
2020-08-25BAL_MHM_080120_YLZ_082520.docdoc 9e4c05c17d893da13a307c9d50f5432d7e96f54523946ff273addb3aeed8107fVirustotal results 28.81% Heodo
2020-08-25JEV_080120_WZJ_082520.docdoc 290f2f075627e5423a5f1fe0c367f56a43faa67534721d431d9e8ed517ddc146Virustotal results 27.12% Heodo
2020-08-25FILE_9AKK7B4.docdoc 8ff5eaba46f6770520940acdc99aa9bab3943e6f4dbf9ba06bf1774e89079489Virustotal results 27.12% Heodo