URLhaus Database

You are currently viewing the URLhaus database entry for http://phatgiaovn.net/FEOD-XWKz_x-EH/MS095/invoicing/En_us/Outstanding-Invoices/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:109504
URL:http://phatgiaovn.net/FEOD-XWKz_x-EH/MS095/invoicing/En_us/Outstanding-Invoices/
URL Status:Offline
Host:phatgiaovn.net
Date added:2019-01-24 16:31:30 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-01-24 16:32:11 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:19 hours, 57 minutes Good
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-01-25PAY245604522.docdoc77984fbae2073f4f253d867935a54133c0825460dda54a9101e0bb2b2a794671n/a
2019-01-256720780979313341742.docdoc8b62d98c06656678cecc6ba2fc74e908cc0de4bce6e939cb6c345a1f2a5af9b6n/a
2019-01-25PB202265813164.docdoc0400885272b35c6fab8a5837832af3128f995bf884e964ddf5b984331acf56f6n/a
2019-01-25PAY0812713056442.docdoc701605897478cf10f0f7ea8902653b47f8896596ec7ad8d8cd4a4d1a5447dff0Virustotal results 17 / 56 (30.36)
2019-01-25US3618983393553715.docdoc5835b520db5bdd237bc523267aa7af0b20ff31d97c876124bd1c8621710c4c3eVirustotal results 15 / 54 (27.78)
2019-01-25US02303213139196.docdoc205bbf3f476158dedde09d05eee916defe36e55ac79b61cd396afcad208303c9n/a
2019-01-25PAY9148483121.docdoc7d3603d20eea95c56b71434d6882069f8ce553ad23b88cdda413962af4228d4an/a
2019-01-25PAY64224903419.docdoc77b5e49a2c5d376ece96abdf21e887f5f170f96a75978974ce8cef4e0f6a3c61n/a
2019-01-25HQFDD68286991481550424063.docdoc5d7f5a1e4350fb8ccaba5b0b6586f66728b74809300edd5c875e44b02918a439n/a
2019-01-25893116922.docdoce78251e75a5cc05df87ccafc517368fce93df8e64f650c6fe99afa3a831095d0Virustotal results 16 / 58 (27.59)
2019-01-2503391996915793738.docdoc19597e6d8add104c96b26aa9f97d8f198063550c8e679ee204f63a3aa73d2f47Virustotal results 16 / 55 (29.09)Heodo
2019-01-25KU2214584332104555083.docdoc34e9b5c3ac32cb44462abcf40ba8d2e7ae40d1e8615d7f9feac78afc3a6d5872n/a
2019-01-25US0418661459659132.docdoc33d74d1c3d4b734d36d7b32fee55c68bc0d15db8ad94b41f3d7bd6eba0c65286Virustotal results 17 / 58 (29.31)Heodo
2019-01-25PAY830390838.docdoc98564ff725f49fe7c524de5175f5d9e905c9df282aed774e8df373c52e4e7761n/aHeodo
2019-01-25PAY548376262265586672.docdocbf8e3a72f5aab7336932724df62cc713087dcc132457dbf41da6030c1b656aefn/aHeodo
2019-01-25PAY60263798445438.docdocef849902273fae9da552384668603f752e4b59431eae6a277cbe880b6696ce6dn/aHeodo
2019-01-25US186054013330.docdoc6672048fb5378ac76a0e079bca6bc20c4680504f872f5655f0c5c2f74b78ad25Virustotal results 15 / 58 (25.86)
2019-01-25US8459063432.docdocd3e532e7c6d84cfa1ac05eced73101ebf4fd10d9cabf5045a039a1ad2863af62Virustotal results 16 / 57 (28.07)Heodo
2019-01-25US9395196061905274.docdoc92b2a3a649730e5de2109c2e8d6136a7ac438fa2b6804ad8d8223712674aaf28Virustotal results 17 / 58 (29.31)Heodo
2019-01-25US0153802577.docdoc38c05a6a24491e08c41c3e67a963ca3797bac57eaaac7e9df4e856010821b776n/aHeodo
2019-01-25PAY1998398564808339762.docdoc0230882e1b3807b4ecc9cf9a76150898480471bca5cdda795c340635885529b6n/aHeodo
2019-01-25US781564535998251372.docdocd066e338e42908621e50b2a953cb19a08877b102e2ded59531f016dbebd1cb63n/aHeodo
2019-01-25US769146666716624.docdoc77bf69a2d9bddf1afd916d9dfbdf78534a235f7ba691e681d689f4739cc72ecbVirustotal results 13 / 46 (28.26)Heodo
2019-01-25PB0359632070567905869.docdoc7061da3ae23c95688e9ac32be19c7e7212ae158cbfa61cda5ce59458cf177444Virustotal results 15 / 59 (25.42)Heodo
2019-01-25TF7675706827209305.docdoc6b5a27bff483c190b7dfb441fea3ee42ec9001b93a01cd0914c947940a4ae16bn/aHeodo
2019-01-24990336016.docdoc6295e72a5cc79f26427bf84b481758025e172e2c80db850abb716efbc858aea0Virustotal results 15 / 58 (25.86)Heodo
2019-01-24226401634733434074.docdocf0c79afca549bfaa56762ef101af8d1b2c0e6d4455e7092bc4ce2c6df805ac65Virustotal results 16 / 58 (27.59)Heodo
2019-01-24OZTV715062124105.docdoc3da6fda094bd239debaa63ebf2740581844b256943495ce7045d07aa2923611dVirustotal results 14 / 58 (24.14)
2019-01-24US275510899623895541.docdocba76d97647b34add1ac99ef63fc9747662fac1e05176d8967922c721782d80afVirustotal results 16 / 56 (28.57)Heodo
2019-01-24PAY73990452605317210.docdoc227671b6b0585077640c3b7924fb71ad4d4d45e07edb06b0452e9fdbe7ce34d0Virustotal results 16 / 58 (27.59)
2019-01-24PAY9606113276136248.docdoc91538973d32d5fe3fcf83be77a88bdda44229657f26986934e5676cc3f430d67Virustotal results 15 / 57 (26.32)Heodo
2019-01-24US56439433572968.docdoc163c2e2ae4063b79f0fd4d45cebb68616f0989f309792cad65a2b8f220fd5d8aVirustotal results 17 / 56 (30.36)Heodo
2019-01-2487877583612503.docdocc7a9a1febb7a2bf7e8ec2a4e745aac234a551901060badd8942c0a1412dce9c1Virustotal results 15 / 59 (25.42)Heodo
2019-01-24Z748211553597.docdoc4fae190d47b1fcb93bca278e52bc31b798123c0393941c9b426403002bd2b194Virustotal results 15 / 57 (26.32)
2019-01-24US89306240952419194141.docdoc60289420bdf3841d97aa00afa20af0798984fa1797e07ed44dfca574cebf1c5cVirustotal results 17 / 58 (29.31)Heodo
2019-01-24US5760909878.docdocdaa470a82a7822b227caee8ac4ca37fb0fd048735c3c0935b34aa7392f25bfa2Virustotal results 15 / 58 (25.86)Heodo
2019-01-2428185198826675.docdoc18989a9f30a1cdfb3fd795a4c9f75f38786a12254ae71bf8ed49aac067be6c5fVirustotal results 14 / 57 (24.56)
2019-01-24PAY6234069567304879616.docdoc1d5e5d984ee072e7e35ce9c22592e658fd5cc5b332020ddb7d66e263cf34a40cVirustotal results 15 / 58 (25.86)Heodo
2019-01-24PAY4104429305884.docdoc86347c0032f48d2d0aeb76747aef31086a74f1620373d5e462ad520efcbf187eVirustotal results 13 / 55 (23.64)Heodo
2019-01-24US4216124272743.docdoc62ce4812156514f66f066c9d79819f96e48063cd364e88b2d53781c52588bf0dn/aHeodo
2019-01-24PAY23788434017727908865.docdocefa454d51613df1dc6106e5470e11a78acb353b407f95ff7becc48dcca9a704dVirustotal results 14 / 57 (24.56)Heodo
2019-01-24PAY883131992.docdoc72bb31f07407d948a9b97ff68b83db30860c0b8ce94d41172eeb69f5172dc5cfVirustotal results 15 / 58 (25.86)Heodo
2019-01-24H36881767162.docdoc1a34a4312d22c602dd049171349471681c517448de38b037c4de201655691a9fVirustotal results 14 / 58 (24.14)Heodo
2019-01-24QLA0866087406844483.docdoc2437b6e513fdd8f13ae879d56abc802a4f2b737aedbd37355441896b5244b637n/aHeodo
2019-01-24US068901015957437571.docdoc17f6e081d098a50b0a44bd1532df2e924a7204a02b9bc484f45315860e119be5Virustotal results 15 / 58 (25.86)Heodo
2019-01-24YKOL7144267774954530932.docdoc2d7d80de48d115b6cd785dfd752e786d3408b9c4ec9c44f94909f7c1a91c4892Virustotal results 17 / 57 (29.82)