URLhaus Database

You are currently viewing the URLhaus database entry for http://lavi.com.tw/cgi-bin/docs/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	539096
URL:	http://lavi.com.tw/cgi-bin/docs/
URL Status:	Offline
Host:	lavi.com.tw
Date added:	2020-09-16 23:27:08 UTC
Last online:	2020-09-17 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-09-16 23:28:06 UTC to abuse{at}asmallorange[dot]com,eig-abuse{at}endurance[dot]com)
Takedown time:	11 hours, 25 minutes (down since 2020-09-17 10:53:10 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-17	XHX_090120_SFO_091720.doc	doc	3f70f108975c931a23d9f23fcbfe728d93f6f0b096014280234067b0c54d44bd	n/a	Heodo
2020-09-17	REP_PO_09172020EX.doc	doc	a646a759b53cde465f66a1cabf6363c9b826f10073a766cdfff2a015168ae2dc	n/a	Heodo
2020-09-17	L0C2CG5VPGRE.doc	doc	08ea41da443b28325813eaf4915479f7b46fb810c9abb7ff732f3da617f9aaa4	35.59%	Heodo
2020-09-17	BAL_PO_09172020EX.doc	doc	dfc124f5ed8d3ebb78c8d924921f3195fc05cc1aa1a635e51161dcbe1106a386	36.21%	Heodo
2020-09-17	FILE_ATJ_090120_TRJ_091720.doc	doc	9bf20dfb53d447d25176c2839e17ba601117c7a1a4f051777df513d7641ebd80	30.51%	Heodo
2020-09-17	BAL_VTQP7BL3H.doc	doc	425cf69c1c8cf4327ace3bad807a83df91fcc0692bd45dca12e840eb562931d9	30.51%	Heodo
2020-09-17	REP_PO_09172020EX.doc	doc	fb1da662dff89db69ca276e03a883c96c5089932488e637ff60637aa73d876b6	n/a	Heodo
2020-09-17	REP_GHS_090120_SMY_091720.doc	doc	e82e2f66ed32cd20f0d00ec484e270ab47084cb2fe8f88e1f00b9eb507e30168	33.90%	Heodo
2020-09-17	FILE_673051675807598562278.doc	doc	4cd9f43484e69a009522a8853514539c74fa5b59f03f86c34a85037ff3076a55	n/a	Heodo
2020-09-17	XVRE_53220226.doc	doc	fd0f987936c01acfb91bb84e9e9c3e6f425f55d07887f14ee595ec418d252849	n/a	Heodo
2020-09-17	DOC_RFT_090120_RPS_091720.doc	doc	51d460db7db57fd212907c9aed23bba4891c43175f73978da2c791c60a412c43	38.98%	Heodo
2020-09-17	TPRN_PO_09172020EX.doc	doc	595abb95ad8bea9fcd875fee5c21baaf5f829e997eb430384a8fd7f43da2e0cf	38.98%	Heodo
2020-09-17	FILE_PO_09172020EX.doc	doc	a447525577ebe9462e1f3c514c317bdc4f1a1ddfdcff9e781d6a1fa8c4c3935d	38.98%	Heodo
2020-09-17	DOC_PO_09172020EX.doc	doc	c77010ecb3ef7c24c3c94a923eea805df5460a008b8cb15a2a7c58683055c738	n/a	Heodo
2020-09-17	BAL_PO_09172020EX.doc	doc	d15ec5002184364b882e5c3dc5c4fad1d083eeac52de352b2d263205c92e3165	41.82%	Heodo
2020-09-17	FILE_OPJNP7KEKUYSMU.doc	doc	83208fd10a9c71a12a3e48e4231e27e17a061f6c741c37ec8ecec9050be6a811	33.90%	Heodo
2020-09-17	VVZ_090120_UIX_091720.doc	doc	f3905c73171c859ac62800e08e653b667959363d0f57538eb82202c92543f12e	30.51%	Heodo
2020-09-17	BAL_4840561910768214753958998.doc	doc	8bed6a4e027b38076c316eb5378c9d60d8fd9305217dba0e315e93974091667c	34.48%	Heodo
2020-09-17	S_EA1463205162BB.doc	doc	b4306a30afe6746f29ea38b3e2dca0704d5d3d18107aa1b8ca555bd35fa918f7	27.12%	Heodo
2020-09-17	1511971814898859279323.doc	doc	d9a35783bb245b622048384501eb1c30e098c547b4d3079e0c8d01e06336464c	n/a	Heodo
2020-09-17	O_C01C841LP95YZIXX.doc	doc	1a945df2c4c5399840e2cdcc623c15e12451e66db694d71f26bd718dc8628993	31.67%	Heodo
2020-09-17	REP_ILW_090120_ZFU_091720.doc	doc	7bfbc615a14c1b8e533da21f2d1838f5e3c52ada91bdcbe8b6574195850b9bf3	25.86%	Heodo
2020-09-17	PO_09172020EX.doc	doc	b1e7a7277e944331a98e7ae6a5910af8b595bf329d5da053469800cdf447f2c8	30.36%	Heodo
2020-09-17	BAL_10471122.doc	doc	6d9cad95f8aa3d8219f21391e294a8dedbde904308f501b7f4be63eb92a8dcf4	33.90%	Heodo
2020-09-17	S_SBHLNJT.doc	doc	76bf8d09a314a6ed1f11e8794d3027fcedcc3762677e37d8f7a304e4d370837c	27.59%	Heodo
2020-09-17	BAL_PO_09172020EX.doc	doc	ba46d0a65699ff5ec5670d31287ae8d04710450b5d267d9e4a2fdf0e94078194	25.42%	Heodo
2020-09-17	INV_90480259.doc	doc	409d5db4ee06957895e043e25c81a8d9b2438a172c248bfc3f149c6c947e3ce3	26.67%	Heodo
2020-09-17	ZL0158626736OT.doc	doc	2bc521550fad4a12b0bb8f34a8958db7b2f5b50e9f8579d30d814cee697ab694	25.42%	Heodo
2020-09-17	BAL_D8WHLBR18VE6MV.doc	doc	6d27f5af653565630751a1ab0faa64d0c28949cfdceef04b4c543a0b4a7666f3	25.86%	Heodo
2020-09-16	FILE_18815834193303.doc	doc	1ecaceaeb20649c823b3a63accf639925ba8e4c350b2509496c04dbd622d5d4e	25.86%	Heodo
2020-09-16	INV_ZVOSHJA.doc	doc	b88f5009f8b75ec0a35f549fa777d05a819b0ca478eedb65a7b0a9fd01d51e30	25.86%	Heodo