URLhaus Database

You are currently viewing the URLhaus database entry for http://phusonland.vn/wp-content/protected_disk/4t1r3fvf170t9eo_j514bab3dbfqu_forum/91080804932_UTv5el8Fe5FE2/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	299148
URL:	http://phusonland.vn/wp-content/protected_disk/4t1r3fvf170t9eo_j514bab3dbfqu_forum/91080804932_UTv5el8Fe5FE2/
URL Status:	Offline
Host:	phusonland.vn
Date added:	2020-01-27 20:43:20 UTC
Last online:	2020-02-06 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-01-27 20:44:03 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	9 days, 8 hours, 3 minutes (down since 2020-02-06 04:48:02 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-29	MES.doc	doc	b092142d9f04ca524e6a503fce42f889811ed93f8be0719e2f8997ff614a3659	33.87%	Heodo
2020-01-29	File_2020_01_29_X0170.doc	doc	ff03bf7f9376aeaf634321eda33cdb1c854770422c5c08b7997dcf6d93b8feba	32.79%	Heodo
2020-01-29	doc_261613.doc	doc	f794730342329d1ca756e53becae5be97d1f5fc5628dc8dd371111d0d8df96c3	32.81%
2020-01-29	MES.doc	doc	49725f6641477d5fcdc1933e66eb652922a1e1264277a6aef8069967eb0084f0	30.16%	Heodo
2020-01-29	Inf HWA932747.doc	doc	8dc40d99f92dd1c2ff5556ae1ece5c86052c849ee3b1c2d6f92a088e0ecd17b3	30.00%	Heodo
2020-01-29	file_2020_01_29_192140.doc	doc	7caba02f08e117aabc3a0f109c1e5d565c3fdf3aec3ae0c90d0d78a16b6c2a8e	26.98%	Heodo
2020-01-29	FILE 2020_01_29 1969.doc	doc	ec9b05ca4512e2e594339751e698ee57b1373c749a8c8b26cbe5c79dc1e978cc	26.98%	Heodo
2020-01-29	REP.doc	doc	535c5234dd69ac3a1a95e01ff9c97dc628806d9004c4c59bc93a9694d3d91935	28.81%	Heodo
2020-01-29	INF 851.doc	doc	0b0243567f8017cba7be007b4d797731af10a9c7e9971cb09881d0a646bf88a2	30.00%	Heodo
2020-01-29	FILE 2020_01_29 534846.doc	doc	66ecd1fbf53f10ac6f349605be071821abddb87b684dbf9e12b5add72eb5a61b	26.98%
2020-01-29	MES 2020_01_29 CK159533.doc	doc	a4edb0742bb50f5c20c88508ef0dd1028d985dcf0b9ced6c6c9bdf800e1c6748	25.40%	Heodo
2020-01-29	Rep-2020_01_29-738.doc	doc	2c68f8e2764dd94c2229034f644bf7cb24cd34b1fa153e999d321e0e4eb8e73f	24.14%	Heodo
2020-01-29	INF_20200129_0699.doc	doc	1ef6105a74f740cf1d57a9669a882f56dce5e41b6ed9f71ffbebec2a9f17e586	24.19%	Heodo
2020-01-29	arc RUE8947.doc	doc	c2b2cd3b90f72db2fc325fdac1161626765153b7cb874ee42bea9fe3caf0eb6c	25.81%	Heodo
2020-01-29	mes UYB74956.doc	doc	fb8b1e69574f8ec2121b612f1339a516d01536a2174f432585e94c98fba7ab8b	44.44%
2020-01-29	rep-20200129-5426.doc	doc	b40831be7daa247208f2f37c223101e825eca3eaedbae7a72de040e21852ae00	42.86%	Heodo
2020-01-29	list_2020_01_29_F11713.doc	doc	8c05cb88caacbc8eb0e4a1e79a0d1a707959b45fb39f5e694923b6b069ebce75	43.55%
2020-01-29	Doc_2020_01_29_V848.doc	doc	d0587297f7b5699b364592f59c0d93057b42defb42c714d6381d54a6142953ed	44.44%	Heodo
2020-01-29	File 20200129.doc	doc	85359d87138be58de0c049e5c520f4de37adde9310893971769a0c640ba0a0fd	44.44%	Heodo
2020-01-29	FILE 2020_01_29.doc	doc	99f4cbe6a9549c0dd8d99cdbee3c8ffe2c85d61f8a3cc94d1e57a962e4497be1	41.94%	Heodo
2020-01-28	file-2020_01_29-0559548.doc	doc	3184cbfa34c1ffcc3a308983dbff824aa454bb50b733e4cfd2cbb343030b9d6b	41.27%	Heodo
2020-01-28	DAT-2020_01_29-SB450428.doc	doc	8b8474795d9bdbc5d8247db653044a519fc7895540dc1f99c035f20657232fe2	39.68%	Heodo
2020-01-28	Dat_20200128_WR35337.doc	doc	fb2b108e0a60dd86b0478caee0c19cb0056953fbfdf00e100184e1a53a031948	36.51%	Heodo
2020-01-28	mes-2020_01_28-3246138.doc	doc	4f0657b4834de2757799949da41f3ed5391b919f6539122e9dd06523c75df20b	36.51%	Heodo
2020-01-28	Doc_20200128_T5050.doc	doc	76288b03aada28f313d41a8856e42320372dfc03b255335b3d8c0427cb01c4a1	31.75%	Heodo
2020-01-28	DAT-20200128-FTP767.doc	doc	e973fec4c3e5b5f599c5defe0c00df33eae0e9b00f1f8a1d8f9479d4e343e446	25.00%
2020-01-28	Rep-Y7310.doc	doc	59428bbec1459b7f3517f508013242a3dd7f4dbdee059380b5ff1c265abc6197	26.98%	Heodo
2020-01-28	rep 20200128 448284.doc	doc	894514926b92fd7ef2300717c7110a6a2aa938dff494d0d40fec8d927317cc34	24.19%	Heodo
2020-01-28	Rep 20200128 A553220.doc	doc	64c30e8ba595e7f8c199ac4f03b81d2e6c2f944c4c4f8a4bcdc8521f915771d9	21.88%	Heodo
2020-01-28	DAT 295723.doc	doc	ff3030128824873fe504c15ecf0cd7b700b36b02bee75fad21ac9d45ea20fa58	30.65%	Heodo
2020-01-28	Dat_2020_01_28_0422.doc	doc	e3ba2559956e5915407cc1fb85cbb6d4a50bfb9d028a5ba9dd33505953aa5ddb	29.03%	Heodo
2020-01-28	List-3384.doc	doc	1ac8d894b4e2be7cb2d7fc3dee2346677c5fdc5871be74589848518155c5ff8c	25.40%	Heodo
2020-01-28	File_20200128.doc	doc	c5666d80df3d2361122568d511e336c58a58b27576a1cd78b434c425d8b2e809	22.58%	Heodo
2020-01-28	List-406653.doc	doc	256954bf735b73749d5fd67afbf6e789abb356f02cec192954e129996801d642	22.22%	Heodo
2020-01-28	Dat 2020_01_28 661443.doc	doc	fd375e3e635e2233a2c582c4aa48c277ad9d0bc9b9b8d498d9c632641e894c30	22.58%	Heodo
2020-01-28	inf-20200128.doc	doc	0827a2ab4aa1c0caddd493489b6197943bc03b6da0d9f52c54071449dee6538c	n/a	Heodo
2020-01-28	Mes 20200128 3382.doc	doc	33d3ef3b1fb0f8ed8ed87b487e184b207ff302b60481dac9da9487ca210247e9	n/a	Heodo
2020-01-28	Doc 43850.doc	doc	20cdcb97c92b8c58397ab1170823f96ce0db2c3e93d4859bd06fb23302687d30	41.27%	Heodo
2020-01-28	MES-20200128-NKF365668.doc	doc	f79992105131cff7dd4570db1648129b246323085d2843087e402a966d52503a	41.27%
2020-01-28	inf_20200128_OQ157395.doc	doc	c13b52eb583794eb0a50cdcaa031505507d999bc95725e77c29eb6b1adcfffa8	n/a	Heodo
2020-01-28	dat 2020_01_28 RZJ593028.doc	doc	a021057a2d983bc13e1f6b1516cac0041546aa046e6822c87e09c6c8ba870b1a	n/a	Heodo
2020-01-28	inf 1518.doc	doc	15e7acb25aa2624c378b3a89937810c058af5ebec4e48fd733ccb400b783b1a9	36.07%	Heodo
2020-01-28	DAT_2020_01_28_DQ50974.doc	doc	3927da4014a56e521774e33625a1ac60e65e39edee26dca5fc703fc240bc0c99	37.10%	Heodo
2020-01-27	ARC-2020_01_28-VI38568.doc	doc	010557b57dc7eed6705961196595b0ee3d067ad35d29cf8d4a7c8ee9de520077	32.26%	Heodo
2020-01-27	doc_2020_01_28_NB028140.doc	doc	2d501d68c1e225c67050206bd812c1f22671ec54a92dfad493ac47c632194301	n/a	Heodo
2020-01-27	dat 2020_01_27.doc	doc	5560e84be15cbee1d2650beae5cb19cb082942dbeb4a2dd9bb21bf836ca3fa59	29.69%	Heodo