URLhaus Database

You are currently viewing the URLhaus database entry for https://catba.goodtour.vn/wp-content/plugins/adventure-tours-data-types/assets/fonts/DOC/fouVaiw5pTL/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	188387
URL:	https://catba.goodtour.vn/wp-content/plugins/adventure-tours-data-types/assets/fonts/DOC/fouVaiw5pTL/
URL Status:	Offline
Host:	catba.goodtour.vn
Date added:	2019-05-01 05:55:05 UTC
Last online:	2019-05-03 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-05-01 05:56:14 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	2 days, 4 hours, 10 minutes (down since 2019-05-03 10:06:31 UTC)
Tags:	emotet heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-05-02	INC_007863731578US_May_02_2019.doc	doc	71bc0919dd2d7b84656383c07b7ea006e3c3e303c80a3d4b309485417aecd634	30.51%	Heodo
2019-05-02	SCAN_257343200057US_May_02_2019.doc	doc	b0ac55a9a3533916702fcb365a321abaf4990b73459a2fd1a32a3378cda957ed	32.26%	Heodo
2019-05-02	DOC_670873429795US_May_02_2019.doc	doc	c4bb3c6de8d16d8d68841fd2fd8230fb13d8f7c51feaced318d5f41c78f15da1	n/a	Heodo
2019-05-02	INC_169972874637US_May_02_2019.doc	doc	05a8d63623061e357e6537d32e097ef07f792fbfbdbb534d37533e5f9632c5ad	n/a
2019-05-02	Document_930473228709US_May_02_2019.doc	doc	8e4a311d2368b3ef3374691d891e860542fbcd33a8c5df81d9264762449a41a5	28.07%	Heodo
2019-05-02	LLC_9232494973US_May_02_2019.doc	doc	17f4ae8fba484e7fb87c16216ece4622556d70db4d807d8b0a4ac207eba7d015	35.00%	Heodo
2019-05-02	INC_733908602920US_May_02_2019.doc	doc	8849cbdb89ef44865f23e8745eee176d529ca564c20c66da99aa5c04db555ec3	35.00%	Heodo
2019-05-02	INC_7656405087US_May_02_2019.doc	doc	e39ace0837155e85d59f5059bfe202ba3de02a88c848a6067c9965cadb79c5ae	36.67%	Heodo
2019-05-02	DOC_96951901215US_May_02_2019.doc	doc	677e0cc93380965dc2a1f323cf07e84848fcd41950daf4158e244113536896ac	n/a	Heodo
2019-05-01	FILE_864484323781US_May_02_2019.doc	doc	07ad82ee6f552024b89e9569759078672295762694af017f35f64bb7284b93c3	35.00%	Heodo
2019-05-01	LLC_59287516163US_May_02_2019.doc	doc	438757f58f956c0bf3c4d88c3270f25c6bef6cc6c7599d01e2050871e1c7cced	32.79%	Heodo
2019-05-01	SCAN_4279666068US_May_02_2019.doc	doc	1f4a46bf19d090bee1282d5920e1ce502620c0a50cb4d5165d735d5b52e4a79e	33.33%	Heodo
2019-05-01	DOC_5207757077US_May_02_2019.doc	doc	f28f62f33ff6ea0d8d9708e54142e83603afe0bcdcf1206bca2f2dfa00e05b0c	n/a	Heodo
2019-05-01	INC_37515176942US_May_01_2019.doc	doc	571210656adbfe8cde574bb15f96232169cdfb487f4597ce1a4532c7a0258f46	32.79%	Heodo
2019-05-01	SCAN_5829479865US_May_01_2019.doc	doc	f9aa8059e3a7418a2e686036ca8198cde4ba026f1d0b05ba2a32774825fb71a8	32.79%
2019-05-01	LLC_362317391824US_May_01_2019.doc	doc	3b338a2b75997eba6f9666aaea6f422da3e38754657f4be7f7e0e9967c479a63	31.15%
2019-05-01	Document_5102260318US_May_01_2019.doc	doc	60fef10a83e873748b44cf932f3e0fa0a0d891f414e591696daeefc00f0d01c9	31.67%	Heodo
2019-05-01	INC_263344422299US_May_01_2019.doc	doc	dc49d2d7421719050d62368d665c84629bb08d6874ade0bb8940f133b619d9ae	31.67%	Heodo
2019-05-01	DOC_65493908316US_May_01_2019.doc	doc	930cace84e8704d5385df2db7557c7d3b2a183de3ffad0d3a51291745b4f9f39	n/a	Heodo
2019-05-01	FILE_64998607958US_May_01_2019.doc	doc	1a6641086b78035d6c9ba38c7199aac02d37dafbadf96059a81b6f4c35e49f84	26.67%	Heodo
2019-05-01	INC_98644499448US_May_01_2019.doc	doc	68e686c3f2b87d3169766ffe4bba021a8acd7648ca38c6c75be829a864558ecb	26.23%
2019-05-01	Document_349494271646US_May_01_2019.doc	doc	42981d37b50801d5cdc23d5d9f0a1e0e20f3787e24c4d20f606d2250ce5bf804	26.67%	Heodo
2019-05-01	Document_5091816165US_May_01_2019.doc	doc	6f926261cf70832a6f3332c727eb674da29212109a968a25cab4cb92fced7694	25.86%	Heodo
2019-05-01	SCAN_582897412650US_May_01_2019.zip	zip	47cd845b9cacc3be6d25991de747cfeccadd39700feaf7571fc11aa7717e90d3	n/a
2019-05-01	DOC_6024624553US_May_01_2019.zip	zip	376c2c25dac81450b61964817589152268e8d43c97b8cbb1c8c943fb24879d2c	n/a
2019-05-01	LLC_09419739321US_May_01_2019.zip	zip	336263f75e817705c4fb3656323abea679f9e4ac63ac79124fb89d0e636af5fd	n/a
2019-05-01	LLC_87351253738US_May_01_2019.zip	zip	8ae3e2de7c8cb5029a59a3a59ffacca734d04d67aedfbd7022f216a947573884	n/a
2019-05-01	INC_04486282977US_May_01_2019.zip	zip	b9e6ff0a30cb3e64012ad4f7076ccf6ee5624c0390bea7839fcd1bf189adb93a	n/a
2019-05-01	FILE_30976088198US_May_01_2019.zip	zip	45b6b2327f4edb094748c5be2995054f0514352b1fde4b1e28ab20d75857b59a	13.33%
2019-05-01	SCAN_13336081755US_May_01_2019.zip	zip	c98ce136d5181c0322a69563a9e5867f5af41b391631415e70853d74824e36e7	n/a
2019-05-01	FILE_829600941042US_May_01_2019.zip	zip	8b4219bd79136433aa011412b6214d5245d267c527db10c46290d706bb4c1c47	n/a
2019-05-01	DOC_0199127038US_May_01_2019.zip	zip	fc8f439fcc8cc4a9873d3c573fa74c638dfd989571c612566603e1defaed67b9	n/a
2019-05-01	DOC_0835485769US_May_01_2019.zip	zip	8ac49ef862634a339e2573351b84e064e9d6ded404b81cbf4bc87a8b4e089551	n/a
2019-05-01	LLC_281835452625US_May_01_2019.zip	zip	6f5f7dc45a527b3d61c13a1318aa76ec86961923e3012c56d94fe7aad38d94a6	31.67%
2019-05-01	SCAN_089837481613US_May_01_2019.zip	zip	8ce51fa1047a78104ea86385af30712549a6b24225d5f3625edffee98ad002fc	n/a