URLhaus Database

You are currently viewing the URLhaus database entry for http://topgas.co.th/lthJk-9l1PUQnCptcE7D_OXJdrcYg-yCU/ek3ds-8f03yh-glif.view/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:154489
URL: http://topgas.co.th/lthJk-9l1PUQnCptcE7D_OXJdrcYg-yCU/ek3ds-8f03yh-glif.view/
URL Status:Offline
Host: topgas.co.th
Date added:2019-03-07 17:54:09 UTC
Last online:2019-05-15 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2019-03-07 17:56:02 UTC to ip_admin{at}csloxinfo[dot]net)
Takedown time:2 months, 8 days, 9 hours, 16 minutes Bad (down since 2019-05-15 03:12:45 UTC)
Tags:emotet link heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2019-03-082868097796.docdocx da1b47eb285b4a7c79c91c9f33b6a4088b8b03c175bc900669211b9949fd8b35Virustotal results 20.00% 
2019-03-0801385385812.docdoc 6e46b17e22f93ad24a43e99ea649c0a3b4a3db0f6d9285b7b4e86f73e7afca55Virustotal results 29.82% Heodo
2019-03-08ACC42033716321829369027.docdoc 7a121c47e83923eff6fb29c238278eb437b099a55f9ac1950d9d0d40f688450cVirustotal results 27.78% Heodo
2019-03-08INSTR4205775363683172.docdoc 13b606d9890ede363440340398b8cca666811fa7986498c117a9a7e5f2204c7an/a Heodo
2019-03-08US41598282211988050798.docdoc 6a0822d81f458e3086f53fa70904cdfb68c89c48c17470bd211765a2cd886149Virustotal results 28.30% Heodo
2019-03-08US831725357110.docdoc d61337407e9ec2339fb5047eea3809cfb023d01b89b5ae0faa5d2ff8a4d5dbaeVirustotal results 29.82% Heodo
2019-03-08MOQ90782945101846413.docdoc c212c359996c552bd2c5f90f928aabe2df145897bb86059ffa2845fddb4b7c01Virustotal results 25.93% Heodo
2019-03-08US91234130569122.docdoc 02c5522ff488db5b0ff2e56b60c8a3250cb63660e8992554d035547ac162e090n/a Heodo
2019-03-08INSTR536045833646.docdoc 4c7f8db9045979b708af492e785e11bf8bf286837a9dde04a78814a9e76ed547Virustotal results 26.42% Heodo
2019-03-08PAY52256341181230388360.docdoc 6ececd6e571ccbca5390346ae8260f8cbf1d8d1127815186294acf3aa98cb808Virustotal results 28.57% Heodo
2019-03-08973103500278.docdoc 8da12b09bf625667bbe8c384f64e8e58675b7603827307dd6bdba4a986ce130cVirustotal results 27.59% Heodo
2019-03-08INSTR358741635668.docdoc 7e52eca9089cfe20668e85e096892a90d087f21e0ac1f6108e232ad1f40eb102Virustotal results 27.59% Heodo
2019-03-08ACC5066316457660040.docdoc f907451a1466b27f5337d860be0d01a347e6d69028f7d23d276918059e81d01fVirustotal results 24.56% Heodo
2019-03-08US918108955831968356.docdoc dc6d15cd945e8cd7e8ac2c48f92f283c24c332efe41304964ecde111a31bada1Virustotal results 25.45% Heodo
2019-03-08CQVXN77640429608.docdoc 5c910f3e1b2c2767074476c4ccf62c3e62bd8e78c49b666583c16cb1ee42c0c7Virustotal results 25.93% Heodo
2019-03-08ACC196071171601787.docdoc b90c0b21c53dd8c84018cccd850de1a7ddbd1b8fd640b4ffa041340f04639a54Virustotal results 22.64% Heodo
2019-03-08INSTR27727030877.docdoc 4a13f66450484e652dff2c79c192ebb5ec2e8b1988edb8898fcc3a872bb284d0Virustotal results 22.22% Heodo
2019-03-08PAY8637245113.docdoc 2f92ef85141c58056433f18636f6fc20bd374c447dd2f50486aea48881dbd612n/a Heodo
2019-03-08INSTR0158884924856190.docdoc 5583bcd2eaebd9f55516fe2f719dd2b28e2660d904f92ad7b1cffc8e2db08b2cVirustotal results 24.56% Heodo
2019-03-08ACC287623041970338209.docdoc 800b7443bc2a11861269fed6dc40347bc9fabdfa796f0d5f82384d13761f9e5aVirustotal results 25.45% Heodo
2019-03-08PAY172998057929.docdoc ba9c5bec408a558cbfc82380849de5a5d3e5d47a397989b880bf6328d1436eeen/a Heodo
2019-03-08MQ7531875414464352282.docdoc 39c72954bd293630eaf95b9f7b785a8a248586096cad5f766c3d8107f1b85e33Virustotal results 24.56% Heodo
2019-03-08US63751118648587247679.docdoc 5d3deea9ed7f88cd3045bfd3039e6696616fd21574e8537b46a9d64e89f5c049n/a Heodo
2019-03-08PAY36994852972662.docdoc 69fc7604a1079e2b3e716882fb225991e662c58c65a239c770cf71b1ac7027bbn/a Heodo
2019-03-08PAY641301056465686381.docdoc f9c84d63261b5c29476709051d0d2cfa09d85ae17dcca1cfebfc662698536fbdn/a Heodo
2019-03-080556087911033753.docdoc 52ab5498f5bcc31aa78867692a9833884abedd815abb21730b65b582809a2560n/a Heodo
2019-03-08PAY304751729625227402.docdoc e1626c7fd51afb9cc47f9e3867a9c50a54937dd92eb5003cb43215dace4b45a4Virustotal results 25.00% Heodo
2019-03-08OXF86569920051645.docdoc 1fa265c9d58d4020523f9f797c566521121c943b7ffa67c07f023393b43b1e30n/a Heodo
2019-03-08INSTR241964122871584032.docdoc 10097250f28841210b70cc408b6134580b074190bfb071050ca1990f4a8ee740Virustotal results 23.64% Heodo
2019-03-0821317931196922.docdoc e31674935c422ec5909cb4f780f2940e75ced8f92f8b7440375b518589ca8165n/a Heodo
2019-03-08INSTR6324001015746.docdoc a4fac8f814e04e5723081d4b35d818858a46fe1ca2e9620b415947fe73ed2d14n/a Heodo
2019-03-0811240089109753384.docdoc 23e5b31b5561252db41edcffac8ecff9c192db40225f0331a555d41302d17c73n/a Heodo
2019-03-08US080683905.docdoc 6e3746d5f643d49289338fb5d1030d9920f16c23a33c8b51197a8a2e7fe3b596Virustotal results 37.50% Heodo
2019-03-08INSTR1899990323310144992.docdoc b34474fbbf4eacb783973e41cf37ca21fb4c8c679866a2eb03d231ce7f089a84n/a Heodo
2019-03-08ACC820842462596.docdoc 7edcc5eb33eab66fd94059f26ea86907c5dfdbb81dbc91e9f409f86f6f54b8b1n/a Heodo
2019-03-08PAY6681214999669868053.docdoc b7c6df6661ea9c068bdb0a0099cc72d3bd81fd250840a4d8e4d9a064c32d0509Virustotal results 26.42% Heodo
2019-03-08PAY421181209256961.docdoc 2b9b54faf2216e664d49623ee4570709d2e5f30d44526b9aeceae8ae6c13c058n/a Heodo
2019-03-08DNE06279325943.docdoc 2ad8f2aa1ecc9248bedf72c8955bcd9c88d67352fb364c9ce5dd7c2265491df4Virustotal results 40.35% Heodo
2019-03-08ACC537025052633.docdoc 1c3aa5178dadcc10c6f7e41946863e216e2291edca50c1d0c499b1567d5a831fVirustotal results 33.33% Heodo
2019-03-07ACC9752533549580889.docdoc 39eaa071861a8a641a64ff0017cc07177be170376459198597a99a934021e250n/a Heodo
2019-03-07469947868453.docdoc f85bd7094f3948ca2c2e3c7003a669c3c999e20b789270497158b1c623a94011Virustotal results 30.19% Heodo
2019-03-074439692184862667872.docdoc 0ba237b2fb3d89e9b662c60796091ce5305d68c951e8e0978e262ee4677f2d9fVirustotal results 30.91% 
2019-03-07095680717132091.docdoc abe6cf3cc7139903087968bd2e218b2abe6b17e3f3e812f7ef3ff64055f8542fVirustotal results 29.31% Heodo
2019-03-072278987516192787.docdoc 3c1670deefe95b64e7eeaeb98c41aeb2035d1b9d72ced318efa653c730dfe2e8Virustotal results 27.78% Heodo
2019-03-0745016545064552.docdoc b39e265ef228306376173234207ad459ae5c410e318175cf25dfa0663f215f93Virustotal results 30.36% Heodo
2019-03-07P8654987892385142447.docdoc 6dab88060f79545474d5aa45052e0159a0d3da5720cffebff4263ae87fc719beVirustotal results 22.22% Heodo
2019-03-07NNLX3833712443293.docdoc a1f047e34ca661d9e4efba7631960ce7d5bc1ee8494705dbc9482532ce57b56bVirustotal results 18.87% Heodo
2019-03-07ZO0579658196.docdoc 9be332b69acacd82d21ce85bd87b358e5d4e7b7092f841c2586abf1e09975b6en/a 
2019-03-07PAY6226011340488.docdoc edbadb57381e99df815cc0659d2ff98f1f34a893408c0758673c54ebca923865Virustotal results 21.05% Heodo
2019-03-07INSTR6588523812966881060.docdoc 7b6e8566975868e8eb4f77b3a97734d4f911039580d51aea15ab0b26f47950f9Virustotal results 19.30% Heodo
2019-03-07ACC449233875656.docdoc c441250ea5c7bfd568c9b6ecfa4f6fbc10b80a9d08f6a3ac4e1de190b137c0dfVirustotal results 16.98% Heodo
2019-03-07INSTR623127765040.docdoc 4b7e20aca167bf1f40480a9f1864750fb270d1e742396ee8dd3e286b5b0297c4Virustotal results 19.30% Heodo