URLhaus Database

You are currently viewing the URLhaus database entry for http://news.leta.com.vn/LLC/2xof6s/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:731041
URL: http://news.leta.com.vn/LLC/2xof6s/
URL Status:Offline
Host: news.leta.com.vn
Date added:2020-10-21 20:49:10 UTC
Last online:2020-11-02 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-21 20:50:05 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:11 days, 16 hours, 33 minutes Bad (down since 2020-11-02 13:23:42 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-22V_PO_10222020EX.docdoc 838408d31e494e72b257feeec73407a2f778e6ecc47754ae16af0290515dc9fdVirustotal results 42.00%Heodo
2020-10-22FILE_WYA_100120_LHE_102220.docdoc 03d580e7110bd85d7a360ceb31538a967f59877402892ca04ae4859e4ea20e00Virustotal results 43.55%Heodo
2020-10-22FILE_DQ8765129215ZP.docdoc 9f65b2da9711ae073e9056684b032f224a74c70618847b58f9ba3f45149193fcVirustotal results 41.51%Heodo
2020-10-22BAL_BDH_100120_YRZ_102220.docdoc 892a53376594e2bdf65731771d6e7faa4d36e2d3b95340ac4984ec74536d3604Virustotal results 41.94%Heodo
2020-10-228360404590728852333.docdoc a3a88e1d35a8217720e9e2f632e2cedf4d36418f73975906de221523e0755eccn/a Heodo
2020-10-22725838058.docdoc 510f6a8a1701b5399083a1f7805f3d944b330676d573a3d33c1aa0ab3df91f41n/aHeodo
2020-10-22CA8513763176QB.docdoc 001639b7cc59c0a2584aa6a318a5f5b65adab079e516f81c1053efbd1feac7ccn/aHeodo
2020-10-22PO_10222020EX.docdoc 937c87496e98fe97075f0ae5ec35a64a75cc04b533f0a1a937d8a50096183519Virustotal results 41.94%Heodo
2020-10-22PO_10222020EX.docdoc f1b75f055d30296d38034c72181dd63a2ac852ba586b3c7236f0de970dc3a74en/aHeodo
2020-10-22ANSQ6BL326J781Q.docdoc 6e73ed5041166e3aa6f7ce070efab391259a868771d35fa7f6b8aa64d8a3065fVirustotal results 37.04%Heodo
2020-10-22PO_10222020EX.docdoc 80674fb8973e2a7ee31596d9105d1d897a92f7bbcbf6f07b3bf7a9444f71ca9cn/a Heodo
2020-10-22INV_YL0044304711EF.docdoc b7fca993ba0280a6ae9d376c6e08462489275971b8d09a4faa7194332be65937n/aHeodo
2020-10-22L_PO_10222020EX.docdoc 1b36e24bc21e77ea0265e4ace63c3a01d81857c004778ef463016dcf700eef5bn/aHeodo
2020-10-22REP_785470254308870609045507.docdoc a6540f229c21ccaf245ddbce5fea77f216483b5dbd6ca26ed2fa92997426d6bcn/aHeodo
2020-10-22F_250789400560646995646919.docdoc 51fc6f80bb24d135bba70ff8841d75b55f19f4d1d28fc06bc37592e9cbb9e795n/aHeodo
2020-10-22G_JUSHJPCRS2N3E.docdoc 5f797ffdf10fea5ee7b50bc74647cac73cfc4cef96e92d346c842e6cf3df339an/aHeodo
2020-10-22INV_AXJ_100120_LNF_102220.docdoc 8a2460eefaab1e7c970a1836dfc66aacd55610790f20f1074e9b30d4eeb71890n/aHeodo
2020-10-22INV_43922490.docdoc 04ef6e86afab0eba178323668014a554b793f440b011180d15429611da7858cen/aHeodo
2020-10-22PW_FM3018684543MV.docdoc 2c353218e1a20d8e435f57ae45682506c746562bae6f4761e2398d7caf09791bn/aHeodo
2020-10-22POZ_100120_NOT_102220.docdoc d846ca5a520f26f0d6c01d2033a9ad5f5a23deb72df286bc23fa92e4aeadeefcVirustotal results 45.00%Heodo
2020-10-225594156387.docdoc 9c0cb6e2390b59f199cd4dfbca2d6eb2106969b29ec8df33e4987474b80344eaVirustotal results 43.33%Heodo
2020-10-22INV_92367248.docdoc 7eaf0df9dd2a33ee958384a9472366f58f1c0a204360efea6a7f8b0d298560d0Virustotal results 44.23%Heodo
2020-10-22REP_55647195.docdoc 6916f815ae3094ba0e9c9f0464bbd05f8619ce4da774387e7b7df3e1d82330c5Virustotal results 36.54%Heodo
2020-10-22INV_FRU_100120_SZL_102220.docdoc fbb11ed6ce463e4a5598842961d2199f7264331418e806b4d15fa38b06600e7an/aHeodo
2020-10-22PO_10222020EX.docdoc a0ac35ec0ee3a97f79ecb953f29c1dca13fa5661a5df78ba82012b16c5b291d4Virustotal results 44.64%Heodo
2020-10-22FILE_LVE_100120_LDI_102220.docdoc 84f4bb653bce1ba25b6a2fa6fd300f406fa8b0cfa812b07794f3cc657e327a3bn/aHeodo
2020-10-22DOC_83451778.docdoc 3d37409bc0560c15a5641dc06d70f3eaefa42f6dd518a40ee05b1e0d37474b2bn/aHeodo
2020-10-22C_90723778.docdoc 969af7921bad722ff0f082e99bcb5d90218a2b64387e795508902aa64f7a351aVirustotal results 47.17%Heodo
2020-10-22CNW_100120_KWE_102220.docdoc bb66afe308a4f9aac368840effb767d5fec62db675e7d03e6f7d4b9dc52fd30en/aHeodo
2020-10-22BAL_970773634.docdoc 4b59c4db6b4d14e2dfe7730fe25ed0dc21bb251a5c1b053cdd70e28cfc195867Virustotal results 43.55%Heodo
2020-10-22ZZ7010075232IC.docdoc 06b7e31dc559bea806d24d61738a77de70118de926adc81fcbcdac1468c2bc1bn/aHeodo
2020-10-224402531488876125367212.docdoc ed5ed9c256dc24f5aeffc1b9b0e7dba316c5c13a1966b7243770318805567ec9Virustotal results 45.28%Heodo
2020-10-22M_11057985.docdoc d810adecb2a17cc42025465a49799119896605f16af88bb79a6342746b7cd8d8n/aHeodo
2020-10-22FIU_6444149469927995226.docdoc 455f8632f48a5ccc69cff5f9636f1457e4027d280f7cccfae6aed7fcc8bafbfan/aHeodo
2020-10-22REP_6034156883.docdoc 663caca913b5cdb6b0d552c6078f6f3617fd27e5239949b1bc7a35c3d399d717Virustotal results 50.91%Heodo
2020-10-22DOC_43385330.docdoc 56126f16e90d28b3bc7e4a1460c71bd6ffb7763f79d17ecc274e8c6988c8531aVirustotal results 46.67%Heodo
2020-10-22PO_10222020EX.docdoc f4485fe8056305da48ac8453716ea0fa9c6633da1a1f87e01dae3908da1bbbe6n/aHeodo
2020-10-221603336787.docdoc c343246a8b6df26e48dedc87a71762563be3e241ea28994ad1e2d0700b823f8dVirustotal results 46.77%Heodo
2020-10-22IJ3040477492YO.docdoc 486ec0b6be1825886bf09579218543b12ad5ee75da313f4aefe0f9ad0b027f89n/aHeodo
2020-10-22INV_KD0323183290PH.docdoc 638d64989d1dd97fb0243d59735dcc9441f106f3eaa6288d3c6e18a2b11aaef7n/aHeodo
2020-10-22INV_04318141.docdoc 974779809091abd8c5588e79c0ec1d34ab7f69c7c8da3120f35bda0ba1190deaVirustotal results 46.77%Heodo
2020-10-22BAL_XPN_100120_VXR_102220.docdoc 26675160f52f90a778a8e6489be6b67a6982742a192595c69b9d87e49e11cbf9Virustotal results 48.08%Heodo
2020-10-22PO_10222020EX.docdoc a1430eef6f6acc51cfc4215bd06407ebfc4f5ac126d9f05c27b3cf359dbb816eVirustotal results 46.55%Heodo
2020-10-22F_PO_10222020EX.docdoc 0b25fca35bd60d2257616a1c1adbf89fefba07969c5a0fc3aa22d3f43ad7c2f4Virustotal results 42.37%Heodo
2020-10-22REP_YS2LR5XD.docdoc 9b4d04d1dad15a8a798ceba5f12e03c81a04335dca8703f2e4790675688590aaVirustotal results 44.26%Heodo
2020-10-22ZO9813224903WS.docdoc dd44fd55293b9113d93ec32356861c6813ad6c23d399625147eb4ad930d71f24Virustotal results 43.33%Heodo
2020-10-22BAL_7LXJMPFVJ52C4ZO.docdoc 1a8e2f855156722a9170dfcd7a57dfa4d375973ea54bc2b85fca299010c4e763n/aHeodo
2020-10-21VHO_100120_ZVM_102220.docdoc 3af63f662ad3afb788f4f65538788a97811e2a45d869bf83d5ac6dfa9a2251e7Virustotal results 41.51%Heodo
2020-10-21YJ1215292033WN.docdoc 890535144da2084ee8e9431e6521be9719100cc5bec7679a4d7bdce3763a692cVirustotal results 41.51%Heodo