URLhaus Database

You are currently viewing the URLhaus database entry for https://ruttiendaohan247.vn/iijxFWI/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	299688
URL:	https://ruttiendaohan247.vn/iijxFWI/
URL Status:	Offline
Host:	ruttiendaohan247.vn
Date added:	2020-01-28 08:49:34 UTC
Last online:	2020-02-17 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-01-28 08:50:03 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	20 days, 6 hours, 59 minutes (down since 2020-02-17 15:49:32 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-29	invoice_F334_001978.doc	doc	5452b9448c3310adaa86f6020c32d6ae4727fce5049f613ad9242e2f35e94eff	22.58%	Heodo
2020-01-29	invoice GILO705_01069143.doc	doc	41ef384c11051e3b98c409f476aca9a2f5a0433e0cb411f547133b5d5727044a	31.75%	Heodo
2020-01-29	Invoice_DDOX969_146701.doc	doc	8f114fa9732298d525aa216d90905f24142f129d79e62500f139a3c09db00fd2	29.03%	Heodo
2020-01-29	invoice-977_1732324.doc	doc	3bdbcccc69e55ca69203cb80868675eb9aed4e2e9f880d181e51bb341905b8b7	28.57%	Heodo
2020-01-29	invoice NSTE7058_94225940.doc	doc	8a502f32c4e9b027761b883615a99071262858fe124e0f76a51ee65583ff4c59	27.42%	Heodo
2020-01-29	Inv-LS307_2536013.doc	doc	7522a47f398818f54f95582e8d122a7bbd81f69c9807cc61fa12d0fc15a2e39b	27.42%	Heodo
2020-01-29	invoice ZE1_4875560.doc	doc	ae350e475f5f34203313d523d6a5b8eec86357ef06ca6c9cc222d2c353506387	27.87%
2020-01-29	invoice TJ5912_9730256.doc	doc	67180fabd5a9287998057cd7666b1b8896941d37ba3bca1e197e27b447edec6d	25.40%	Heodo
2020-01-29	Inv-NVVD38_269746856.doc	doc	e8eb03b874c14f0429931aa7f367e9b480b593c28963c964049ea04f6670caf9	30.16%	Heodo
2020-01-29	INVOICE-K9066_29685548.doc	doc	b9b47debd4d9fb932401d580847e8c3f82b770c5163dbc7d405aefb5cc704a1b	31.75%
2020-01-29	INVOICE_5204_15298608.doc	doc	7cf8f24d7e8b1e2f63bfa7a18cd420a03fff44126e80aed8cb90fba3c4e986ac	52.46%	Heodo
2020-01-29	invoice-XCN1_896135.doc	doc	11b4519b76957b0758381f8e19c5e15d8744f7974716642aeb586c615dde38fa	48.39%	Heodo
2020-01-29	Invoice_BH7747_758123.doc	doc	bdcef0f16c70086414ff95b69fdbbe7eb0c9814308d3d60143b6c04dfc077257	45.31%	Heodo
2020-01-29	invoice-6872_2692673.doc	doc	ea3a0a223474592635d1fb7a0731dd28a96381ad2562e3e064f70e2d4830c39d	49.18%	Heodo
2020-01-29	Inv IBVW1_16147371.doc	doc	01dc8f2a419b640e733d067267aee6135ea117fa9704348547a0a2a0cc32926e	46.88%	Heodo
2020-01-29	INVOICE_ZEJ13_41438569.doc	doc	2fd056e58b1cd8701682d939465220b59c924a7056756daa30029fdb28defceb	28.12%
2020-01-29	INVOICE-KP70_99042265.doc	doc	0d1de45954adee600bf2a41e5b1de25ba4ead4b3938d1c987f6bdf8e48fb9a42	43.55%	Heodo
2020-01-28	Invoice_01_17940401.doc	doc	1f826649cf4d7894c52b645fe736ff139ff80f0e72ebad38385e8882bc545ca8	n/a	Heodo
2020-01-28	invoice A6_42001464.doc	doc	0617b35ff84886cd395bbf20745f3b82a830d97b07b0085b0f4aa056bcd57cd9	42.19%	Heodo
2020-01-28	Invoice-RHOW88_8210350.doc	doc	b7109568a2beba7e63236e9fae5d014d43ea3164de3e4149790c89356b10766a	39.68%
2020-01-28	invoice_M194_5355981.doc	doc	f635c4a870ec9061d6d0d75ad2909b9c7ebe4f21dda6a4c359211fe146df925a	32.26%	Heodo
2020-01-28	INVOICE F40_62234015.doc	doc	e8c780bbb1f9fd071b00776b138b3cf27c3815c7203593068e78774d4dbdb36a	30.16%	Heodo
2020-01-28	Invoice-HFIM40_734199.doc	doc	92c3a1a03abdc8976c1b9e1b200a2b08e114d2e6dfa54566f81f16a2671e9735	26.23%	Heodo
2020-01-28	Invoice OYI37_048751499.doc	doc	c17c75821c89a7ad0099092a5b55fcc514e74124e43e60fcf669de6436453b82	23.44%
2020-01-28	Invoice 23_8408795.doc	doc	9db28f01c7a26ba6a757542ddb44145a167395b639df0eac4d9f48a926d8f810	22.95%	Heodo
2020-01-28	Inv-8_524949.doc	doc	58cd4f0ffbd2cfb01f153efd0e8560a2475bc3f98abaf8ed787f8fe17166524b	28.07%
2020-01-28	invoice GZ15_04901335.doc	doc	a6b9f25b3f632a071e548d1e092d8557eedd074094e5e1a2dd684a724fb07fe6	26.98%	Heodo
2020-01-28	Inv-PQ7_777173360.doc	doc	fcdf9154d769d5e1f3935355b39b57010d978fd2dc9ad24a1df12131f7d34155	26.56%	Heodo
2020-01-28	invoice HEHK584_987761476.doc	doc	f011df38b6175454072fad95688f1773f09e969da619fb4cc7fbeb84c4f17ea1	23.44%	Heodo