URLhaus Database

You are currently viewing the URLhaus database entry for http://lavi.com.tw/lavi.com.tw/INC/1ZLzMXO1socxzP0/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:762098
URL: http://lavi.com.tw/lavi.com.tw/INC/1ZLzMXO1socxzP0/
URL Status:Offline
Host: lavi.com.tw
Date added:2020-10-28 18:54:10 UTC
Last online:2020-10-29 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-28 18:56:18 UTC to abuse{at}asmallorange[dot]com,eig-abuse{at}endurance[dot]com)
Takedown time:20 hours, 8 minutes Good (down since 2020-10-29 15:04:52 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-29Attachment-2020_10_29-4557159.docdoc 5ce496f13f2728db5457ef356b0cf73e9a390a8016dfb4df1b3d084ad7f0f991Virustotal results 26.98% Heodo
2020-10-29LIST_2020_10_29_K501.docdoc b0774331faab78112421f3a844ba7b32f13d2c9f8fc32ddf5c384094e92b8d93Virustotal results 25.00%Heodo
2020-10-29REP 2020_10_29 C952362.docdoc 0c88c83925738334cf06cde70d1887aa2c6dab7e63cc6860d3d58357a47cafd6n/aHeodo
2020-10-29Dat_505.docdoc 7aaa9a98edfbcbe126159992ba06f8c91ec5560f77e2d0052dd18df4f5bf843eVirustotal results 22.22%Heodo
2020-10-29file 2020_10_29 22353.docdoc bd3531875b303e0395178fb8d3aa3dedabada2cb53d5b937c2d75d18aebd1ccdn/aHeodo
2020-10-29LYG6759-20201029-1732205.docdoc be84537bcc865e8a7b57e55d6755d97f920fac9c0ead75706c64888a8a39de8bn/aHeodo
2020-10-29Rep-20201029-RGV718023.docdoc 2504bfe6f4638ca673793d5db9c066cdd99e889e351c575fdff4b20dccdf228eVirustotal results 19.67%Heodo
2020-10-29MES-20201029-3678415.docdoc 996cb8d00c1ad4cf5762a186d0a02c2fac83304c878d34f1ab48fba223e2e941Virustotal results 17.19%Heodo
2020-10-29UNTITLED 20201029 728190.docdoc 01ba58403e5e92440779e53390420eb7a6402a07bb531cb2b731401e06b617aan/aHeodo
2020-10-29REP-2020_10_29-D605.docdoc 118aebbf6a206f4d7438b0cce8282fd2e0b725fa1b2be9ce8c75d819606ff917n/aHeodo
2020-10-29Attachment 2020_10_29.docdoc ed0680122897e2b9b3bb061cebc25727e95ed976965ee9fcd6aceb21ac85ad08n/aHeodo
2020-10-29inf_7630221.docdoc cd55cbd09a501c04dfe038ec070658783208d27fe4bd1e31088f5d068d3b98f7n/aHeodo
2020-10-29FILE_2020_10_29_55784.docdoc fae885910713e877e3bc35d598867cc34558f009724f5777e84dab81d52c4484Virustotal results 14.52%Heodo
2020-10-29file 2020_10_29 043.docdoc 863c32fe0e6573bed3a0771579c821d9b162d93cc0226b7600af2c9b60b8e26cVirustotal results 15.87%Heodo
2020-10-29Rep-20201029.docdoc 02c5265a531e3a046a3b51daf6b91866e341fc984474f2eb09b2420b16d5f681n/aHeodo
2020-10-29rep_5034.docdoc e7635282ba95bd01648a5dbc8b92ef4b12ae7f0cf9b8992b486a598ce40f42f3n/aHeodo
2020-10-29Inf-ASN128080.docdoc 482e01258fe56544a34ace754fe03cbfa10a36d59d118b80c6ade1f29af308b7n/aHeodo
2020-10-29Untitled-20201029.docdoc 8b60926cf9d5804b5b4c7900d12d19836729d506ea04601e39c1d72ef37eb703Virustotal results 15.87%Heodo
2020-10-29Rep 20201029 5792804.docdoc 2459f003d4b784c960c6fbf68be74cdd02277d11ded9f0a6be0f969c3061d54dVirustotal results 39.34%Heodo
2020-10-29MES_MR2848.docdoc d06c24a09106daa1032a15c8cff9c4eb399881b463ccefee9a51744197fed53cVirustotal results 38.10%Heodo
2020-10-29list_2654.docdoc cb164bd1cfa7c79b3d8040057da0737477aebfc35236cb707bcfa845e3f30c88n/aHeodo
2020-10-29Inf_20201029_F067048.docdoc bb9b42355cd9c3b2448099c344e24ceab8f54de4c5e7f3e68ee997dc8e1bc678n/aHeodo
2020-10-29File_20201029.docdoc e197171c4d9b129dce5753855173cdd09a6318e1c30f4e80a4a902183a9b4321n/aHeodo
2020-10-29FILE RE0014.docdoc 29069c8ef4147aa42ee5cc01d2dcc4f0a5dd6d8116c4122852845a08f2e5fea2Virustotal results 35.48%Heodo
2020-10-29UNTITLED_2020_10_29_H1568.docdoc b9275b6099be967ff38eaab7ab232ce6ec1f903fc98fda4de1f2c057d3f85f70n/aHeodo
2020-10-29ARC-20201029-GPI9105.docdoc 43ac0bbd19c8d0a845fa3ca8b23e7f2fe7c7acb071a288271ad08b3cbc9ed06en/aHeodo
2020-10-2903709389-2020_10_29-115.docdoc 192e7f20388641538ab4e7e243d6c81dfd520107bc8854005b2096b31981a624n/aHeodo
2020-10-292802-20201029-TCJ923.docdoc 1760841f07035052ab44e29d6f475c361b1b2c60b6faeb2419abb262bbfd0e26n/aHeodo
2020-10-29arc-2020_10_29-H9210.docdoc 5b3acebc6baeb90c5d7a614bce180548fc26753571e87577df3d4a42529bde4eVirustotal results 36.07%Heodo
2020-10-29DQA44956 20201029 SHJ6047.docdoc f93b2244f0e3fc1dd8ad428bea4ce02820a32d5a444eb2d4848f150252dc7daan/aHeodo
2020-10-29364QXH EK180.docdoc 9a82999019fd20e3e31fabe6fd23e85218b9c833d75b08c3ab428710b9de9ff3n/aHeodo
2020-10-29arc 8525235.docdoc 131c6bd5dfe6fa22b22ee9a089ef38bcbf255dfd62f14fd565acc4c2c65f5b85n/aHeodo
2020-10-29file_O19079.docdoc 7ef43d002962412af376282a6cf98344219f97bc5ae5ab70b03204fdea131fc9n/aHeodo
2020-10-29Mes_91079.docdoc 947359baeda91df2475d551cd36248ccbc371bfab378fba634176d4fe1bc46c6n/aHeodo
2020-10-29Doc_2020_10_29_8780223.docdoc 5cbb14d1979b0259be5131e9d92da0ea63751d263e0db5d2e3ddde47a74771c8Virustotal results 25.40%Heodo
2020-10-29Arc LUT290710.docdoc c70d77f7786f19c28c6d7b174832b42fc69d47808b6aa5ee197250ab24b32cbaVirustotal results 25.40%Heodo
2020-10-29LH686-CH61655.docdoc f8b55420ef4b3052e8b71f5a228e16219e3f6372d19e8c3e175e8fac7482824en/aHeodo
2020-10-29MES-2020_10_29-6106461.docdoc c59b1b726a72aa7b4df2f72a8eb97bca6345ce1d1400b6cbb7896bd8bf41a27cVirustotal results 26.67%Heodo
2020-10-28FILE-20201029-4147.docdoc d465b5e81ff8cc58d781ba58f2359e6668797d044d4f6144ebd5f738331e402en/aHeodo
2020-10-28Attachment-2020_10_29-99093.docdoc 97f0a674f47ff4d4c21cce81b3a4d50ac0ac5c76c3c14fdc55a266e9d2845236Virustotal results 24.19%Heodo
2020-10-28Arc_2020_10_29_97626.docdoc fbe22d60081f70647f77db615e20d8220e62f4dd7beed3df10be288db8158609n/aHeodo
2020-10-28Dat_2020_10_29.docdoc c47e2824a0c7956c6d3e86bc3b599b19f2eb9c2136949bda71de8e4a5009b49dn/aHeodo
2020-10-28ARC 2020_10_29 9390157.docdoc a0ed553b5f31a05b21e762a33f83951aa1260501b876dc77310c8612e3c1c788Virustotal results 23.81%Heodo
2020-10-28list XFO656.docdoc 6f0669385903d245dbc1e82d3a1789986d819bd5a754c3bcec91c29e9ad561d0n/a Heodo
2020-10-28Inf-67038.docdoc cb840419d82a306425de0298ea798241d9df9759d99200e8ec3a55f5cfc50f61n/aHeodo
2020-10-28doc 4049765.docdoc c700f75dc812b1b29f541c88615349648e5386acf29f2f23448e9ac3f1262ba3Virustotal results 23.81%Heodo
2020-10-28Attachments_2020_10_28_PZ61642.docdoc 8b528ffc8ad5402c0f7d33d8523210015ebc1c326c8694ce27e1f13ab28ceb98Virustotal results 22.22%Heodo
2020-10-28arc-8577788.docdoc 694b0629f5e0d7e62b4b5c15c4e49ff1be51d9f8e6a8657dca67e6d1df1e0f85n/aHeodo
2020-10-28DAT-20201028-U4867.docdoc bab1bd2cd6ad464c20573c8016a122571f22e9d690132c64e40c8a849e112631n/aHeodo
2020-10-28DAT-2020_10_28-NN1680.docdoc e16ff7cfe983a96aa9baabd56c3f8ee53b910bfbcd8c69c062417cfad241e2ddn/aHeodo
2020-10-283458_20201028_548.docdoc 0b4686326341aa6170756e22822c138bc6d813412182af4238dd97fc39ea37acn/aHeodo