URLhaus Database

You are currently viewing the URLhaus database entry for http://angthong.nfe.go.th/753976906install/ew0-541-30606/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	271662
URL:	http://angthong.nfe.go.th/753976906install/ew0-541-30606/
URL Status:	Offline
Host:	angthong.nfe.go.th
Date added:	2019-12-18 13:31:08 UTC
Last online:	2019-12-24 02:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-12-18 13:32:03 UTC to abuse{at}totisp[dot]net)
Takedown time:	5 days, 13 hours, 21 minutes (down since 2019-12-24 02:53:56 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-12-20	INVOICE VO881_62284.doc	doc	db8e444c711cef67b19c3c153ae825882c400ee7e7fc1c3aed6412d701e62bb3	29.03%	Heodo
2019-12-20	invoice_X196_23689.doc	doc	b554687e67437c34ba161bf732d8c04112d581e589a111f9a45772172f3e4f1d	28.07%
2019-12-20	Inv YLR290_80931.doc	doc	bf01172cddf77c0603bacf6e680d1cab2079dc3286de51c482be408c20c236a8	23.33%
2019-12-20	INVOICE GOJ750_0910.doc	doc	f4bbbc4da5a28f015bb779c44f4387bbd0f6fd0b67104e4e3c043fc9d1de03a7	22.58%
2019-12-20	INVOICE-OC11_44.doc	doc	851b896a27a840ed2aefd9b109e320f08fe2077f47fe545aa9f6894cee342bd8	22.95%
2019-12-20	Invoice-NHD840_316.doc	doc	8e6e1845b87676c69b6f2b41ae820b16ed738fcc5bc8f19db5f1e5c004c31862	24.59%
2019-12-20	invoice IJ81_91.doc	doc	e8f4adbc33575dfdc6cc8046ec0478baee34237bda285c3e9fd4798aea4ea516	37.10%
2019-12-19	INVOICE-TUI29_19520.doc	doc	18d783c0e60c476cf900850e6a3e4402ff66e1665d70e3969111daf23e83d103	35.48%	Heodo
2019-12-19	Inv_L676_9754.doc	doc	4a27ff712c8357a71de39f7145a2d7d507c4307740f4926edbcf3dc5c04da625	29.51%
2019-12-19	INVOICE S59_5566.doc	doc	87be47eb44b548bcf19b0d1b0d66666f3ae61b8a6f728ed9c5cd38a28d2096d1	29.51%	Heodo
2019-12-19	INVOICE EKX17_83818.doc	doc	c81fa6a0d384474c75454f40007dee1c7c00275f1e049246ba3025a46be69bca	29.03%	Heodo
2019-12-19	Invoice-SO13_159.doc	doc	cab696d2c8bb5158dab72ca062d69416c2d2e91231bbf09cdb49eadcf557c98b	31.15%
2019-12-19	Inv-QI784_384.doc	doc	d3a47fd928e039e74aa4b0679efcdd9bec08262a9376ce1250d046d1002f057d	31.67%	Heodo
2019-12-19	Inv_VTG896_54423.doc	doc	85b1d02279a15d8613bee732ef60c217f623f8447308e61e9cc713f5d65bfa44	32.20%
2019-12-19	Inv-F31_09584.doc	doc	0208cb1d62bb0797e256c4c55b25e87e50b767223749649ee46edac6c67d9b54	24.59%
2019-12-19	Inv_SZ25_51171.doc	doc	f5243c73d53726bb52ebb46b99fb728fefd35ff8f34e8047624b78ecfd15d91d	22.58%	Heodo
2019-12-19	invoice FQL85_63.doc	doc	50502b1309e5510dc666c2dd81f978bacd097de74ad3839f00cf37bd162c193a	27.42%	Heodo
2019-12-19	invoice DML46_40738.doc	doc	74eefd0de4d3fbf6ab471fcade6b5883135744fc85f876bdc446f9262fe16e2a	24.59%	Heodo
2019-12-19	Inv_XBN03_871.doc	doc	4794705e3b14bb04104db0a8f1970880570d2a68f86f73f1348161fe35999468	22.58%
2019-12-19	Inv-CKB759_48048.doc	doc	d56126c1a995b08b9a058de9101b8017fbcba9450ff193263a59aeb19b52c190	22.58%
2019-12-19	invoice VQ09_70425.doc	doc	afa118fb028f99925a4dfcdb486daea725e1a1143c16905ca1133478d6b82cc7	22.58%	Heodo
2019-12-19	Invoice_L74_262.doc	doc	826145f8cd7d41889db4b1423dabac9725d7b7f665aac33dce2b1252cf1e6b43	27.42%
2019-12-19	invoice_RQ72_14558.doc	doc	25a29c462340890313dcd127d3831fdfb15f53c202ae7e9994994f75e9f0c13a	27.87%	Heodo
2019-12-19	INVOICE_OHI389_1835.doc	doc	e5f1a582de4635159d5f72058d57f15f832ea11f8def148197b632790bb22ec2	27.87%
2019-12-19	Invoice B739_59475.doc	doc	1316399f83cd2feb390a8416d544825ecebcdb410cdcc9bac129e86a541c300b	26.67%
2019-12-19	Invoice-JJL66_25.doc	doc	efc63c54fcad9a31e5861a998a765a7f9e67a409fbd30309c6bc39d370c2ff87	22.58%
2019-12-19	invoice BS992_07.doc	doc	3b1c9207eeebd276ffe9e27a7e40dbba142970a416aa5adcd4b6655cb5eeeeab	26.67%	Heodo
2019-12-18	invoice-W437_15.doc	doc	641829a4ca6829e1f8d92e69d5b81ac91fa99655e4667aab0476ec546f83b2e1	26.23%	Heodo
2019-12-18	INVOICE-BMB623_276.doc	doc	3296ebb9128f8e0f94ac37f3ecf45fe5e51aeb840602030db4ef35c257326e1f	26.23%	Heodo
2019-12-18	Invoice G419_623.doc	doc	e6f94030c55e6b0efd8f98cd9e3127ff431b89b6f8211560edfbcb49f1924364	25.00%	Heodo
2019-12-18	Inv_D674_330.doc	doc	db1afb0cb6d67e9f10fee9d59aa1e9fdf67960b6aedd49454bf31accf524ea8e	26.23%	Heodo
2019-12-18	INVOICE F370_80194.doc	doc	6d78d247c25603598357c7c652a7ef77f8ab908fd1c3536dac5dd0756c260baf	22.03%	Heodo
2019-12-18	invoice-BB972_944.doc	doc	099d9114cf9b28c2283d5da4550cec51027a271f0773a2af0f45e9249ee2da81	26.67%	Heodo
2019-12-18	INVOICE OS979_253.doc	doc	e79f6c7e4e78af1d8bdf1c9588101d86ce41d820176c1fd9b587913fc7e64f26	25.81%	Heodo
2019-12-18	Invoice_DXM00_43.doc	doc	d22c8e86b7d5db3a413c4879c66e490f4914ea9a1733a3a6f5dcd23d664121e8	25.81%	Heodo