URLhaus Database

You are currently viewing the URLhaus database entry for http://bestcloud.bestcom.com.tw/bestcloud/lqyvcmwnegbakc4ui0hcglp6qts6p/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:765373
URL: http://bestcloud.bestcom.com.tw/bestcloud/lqyvcmwnegbakc4ui0hcglp6qts6p/
URL Status:Offline
Host: bestcloud.bestcom.com.tw
Date added:2020-10-29 13:34:20 UTC
Last online:2020-10-30 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-29 13:37:08 UTC to hostmaster{at}twnic[dot]net[dot]tw)
Takedown time:13 hours, 26 minutes Good (down since 2020-10-30 03:03:53 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-30arc_944086214916025615.docdoc 8bb5a15cb71b657003f306f7244048209df651b7d03e95efb7318b15018c6a49Virustotal results 30.16%Heodo
2020-10-30Untitled_XA5760028003FN.docdoc 2bd445000ef12b82a7dbb15a89578a71ad17a82cf8b2f19239fa60afb2ba84f3Virustotal results 26.56%Heodo
2020-10-29REP_338852561884.docdoc 5eb2cd7fd89bc000cab80454ba0da8cb954a960d3b415bc26039832a7f6f7544Virustotal results 25.81%Heodo
2020-10-29Mes_911207521822673060776.docdoc b716fa67c934451161c1be78e1587b3c68a53b5e219dc5452e9ea883d32a274cVirustotal results 27.42%Heodo
2020-10-29LIST_KI1910483027SW.docdoc fafa3f90775c5c6e8670f2ac2f7602e60d30f1f8ad279f220686e2eac91c25d5Virustotal results 27.87%Heodo
2020-10-29mes_AY7558785589SC.docdoc c685520233b6d670ab20445051b6688bac6affb5c8b99a71213937d99ac9e380Virustotal results 25.40%Heodo
2020-10-29WY6NBV3.docdoc 168c46a9b7c3c72ceb572a447f6317e5b66aca4735ea8e096bc92f0d03628879Virustotal results 34.92%Heodo
2020-10-29FILE_8507501696.docdoc 30afb0ba6cad7d0adca2d6200ecc891e79a8901808aa35a78dc2e03b6b1b3fean/aHeodo
2020-10-29DAT_90006597.docdoc c61fca273223598ec29bcc70b0f716f3cb0ff9d9e293a02c8e0328dcf0011153Virustotal results 34.38%Heodo
2020-10-29Arc_PO_10292020EX.docdoc 41439f935c27535a7752ad0b7a778de41fa076af62cee2bf3ce8138567fd7060Virustotal results 34.38%Heodo
2020-10-29Mes_JLULW16FS0X4.docdoc 1aa45bfd6fa4890726daf11261b2aa4a7a23e9506d1845fc62edac1734669c26n/aHeodo
2020-10-29Mes_PO_10292020EX.docdoc f1360579a25ea174943b561c1e8e174e0145373505152d928c6e1dbeaeae60ddVirustotal results 26.98%Heodo
2020-10-29DAT_XMS_100120_MMU_102920.docdoc 2751d59d7f5d6861ffb622c3456b70ccbbf70fada26f49f7f12e4937d90495ebVirustotal results 31.25% 
2020-10-29LIST_BBD_100120_YRU_102920.docdoc 633a628e9a364cb3bbd93ebdce10e5f23fb15370a584efb4fcecf4549c3b975dVirustotal results 31.25%Heodo
2020-10-29Untitled_4NVBWQW1F.docdoc 72795d86c0dff6adb123dad6b3a9b9c23d725d275a28e5fc69d10b701169ce29Virustotal results 31.75%Heodo
2020-10-29Arc_VFHLWEZ8TY9S.docdoc 2ded110822e0153fbd8d8c157f8f6ca47440730ee4fa093e193eb720789b83a6Virustotal results 31.25%Heodo
2020-10-29file_61052109.docdoc 32eb83b21811e1d39d4c68e15a5ff6a2b640161c0960cdfd4dea92a72f368a2eVirustotal results 31.25%Heodo
2020-10-29DOC_PO_10292020EX.docdoc 413b38a8a1796a27fb2b85f7a6fbb12b86499a131a2f86a75862afcf9b4c8ce7n/aHeodo
2020-10-29Inf_10701036.docdoc 66f21ad9f94f3926c870736b3a33af58b00eea538ae8da9b7cd71ad1eb5614d6n/aHeodo
2020-10-29ARC_WW2478135766CY.docdoc 51657b8a72e7e81349ee2744529184125522759769f93b02aebc3a2d33fddc2bVirustotal results 27.87%Heodo
2020-10-29doc_OJ2406626666MQ.docdoc bcc7aff4bedea7ed486112d49796a83b2454c034e2aaf534028b904e76c816cfn/aHeodo
2020-10-29Rep_65970367.docdoc 75df04fe2bbfe95af6c2ff3ad6beb372645597b0350f6cc16f995a09e27da829Virustotal results 26.98%Heodo
2020-10-29INF_PO_10292020EX.docdoc d94ef71ba973986a34d34bc222026baa9954d1849b3fa74a609967ddf8e6af17Virustotal results 27.42%Heodo
2020-10-29Untitled_55626730.docdoc 5ed767510e9b2630ac3c6ea38470821c0c85acaf712cb5f45eddd5f6e0fcdc17Virustotal results 28.57%Heodo
2020-10-29MES_99772702.docdoc 9fe969fee626debd81e116bda0f8fba99a6adf05e1a8265e3e9d93df703da84bVirustotal results 26.56%Heodo
2020-10-29Inf_86WMQUT2T.docdoc 5db58ed4308eeb76f9c66c885d4f1b53530d6c42eac9d755e67bf41989094087n/a Heodo
2020-10-29inf_21981836.docdoc 6b1f7e5a0f6190b5197e49dc08a98a69963e68443f96780368895b0bffb30cb0Virustotal results 26.98%Heodo