URLhaus Database

You are currently viewing the URLhaus database entry for http://clubplatinumnepal.com/css/personal_disk/close_warehouse/lugrc_ztt8/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	307944
URL:	http://clubplatinumnepal.com/css/personal_disk/close_warehouse/lugrc_ztt8/
URL Status:	Offline
Host:	clubplatinumnepal.com
Date added:	2020-02-04 11:26:07 UTC
Last online:	2020-02-17 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-02-04 11:28:07 UTC to ip_admin{at}csl[dot]co[dot]th)
Takedown time:	13 days, 5 hours, 27 minutes (down since 2020-02-17 16:56:05 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-06	arc_20200206_924.docm	doc	6ea2a78c140aa0a279726ad2f13c1cbc707508dc450760c6ba91ae5ad023a599	22.95%
2020-02-06	rep 2020_02_06 VYJ133.docm	doc	6359275fa65b551a691c324e03fa5c3c73ace835ca4f3d90087dc3332f76ecec	22.58%
2020-02-06	file_20200206_SLG185.doc	doc	7fe4afe59b087bf542c67a12ac54ccb89eab281656477ed8bfc41ebab0e0135f	20.97%	Heodo
2020-02-06	list_20200206_S717.rtf	doc	5c3ce056d5c4c031e62f29306f27698d258d673ab890eaf2c2bd06487933aa00	n/a	Heodo
2020-02-06	LIST.docm	doc	fa37e0cba4786db4ba847c2e4f9b4ee78aedbf0eea4491228705fc00980af4e8	32.79%
2020-02-06	mes_2020_02_06.doc	doc	482157c417b079c676484f07bfe8a5904e393be4f53fae3e56942fe904d5b42a	33.33%
2020-02-06	doc-20200206-Q34262.docm	doc	43e38902740c39567550fd0e4c87c00947c5fe577765eb00051f0212c05d7cab	33.33%
2020-02-06	rep_2020_02_06_T246.docm	doc	9e7490ea59c003826b03252f70bd3fc3a4c910d44aa5c1cf377a0cb24491118e	33.33%
2020-02-06	arc 3595422.doc	doc	9005832cf404bc1202dcad8865b5250a9826f2fa18a6e23ee0a7e705c1d63ab0	33.33%
2020-02-06	File_2020_02_06_PVD9560.rtf	doc	24bc1b322505611fc96f657f00be75ad4a096d02fc3e78d4b45369b13358575f	33.33%
2020-02-06	mes-262.doc	doc	58f94895848e841464a8b36d26e332a50e9b082bd7df37c1c054168929b7b34e	31.15%
2020-02-05	FILE-CDJ33906.docm	doc	335e92129e141d12928fdc17fbb6c1dfe8b6fa59b2ff2a4ad0c60f4f0637ee83	27.42%	Heodo
2020-02-05	Doc-4510506.docm	doc	061b77c1354bff1d5cafa4e10d903ee5feb16bb91c295298444e056ffefd1370	26.23%	Heodo
2020-02-05	arc 20200206 735.doc	doc	c1d36e9aab2030f23a10178cc432f92255b74c7e2382840bbae1ad7c099e97a9	26.67%	Heodo
2020-02-05	REP.rtf	doc	23f4a774007e2fc64a2824e5973bb695a64667d8d832fbc29806976dad67d7f7	26.67%	Heodo
2020-02-05	mes-2020_02_05-789.docm	doc	408642c623b422164d2d5e79d498b439c267c0756121e7d453587702c3b9f50e	26.67%	Heodo
2020-02-05	Arc 20200205 80099.doc	doc	fe70cef82c0a8acabe3289f5863a62b3bdf8bbd476ff9c0536600c40fcbbfb9a	26.23%	Heodo
2020-02-05	ARC_20200205_969.rtf	doc	59b1973230dffbe699193f1b10773d0e327fdde500ae9ce1a1af2024c5f38140	26.67%
2020-02-05	REP.docm	doc	4bda34084014e21ceb2db8fb9003f36f4b3a7bd5a8bcfb9b1badbf13529a6d84	26.67%	Heodo
2020-02-05	file_2020_02_05_QN1112.rtf	doc	e9de053b8046e662771b320b25a49cd709591ac896fb6bd4c324ba0b13f37b35	25.00%
2020-02-05	list 2020_02_05 IMO2621.doc	doc	ab556aef3f7baf74127e682541cd5bb674af38a62c4c1f89ff43f09388894af2	25.00%	Heodo
2020-02-05	list 2020_02_05 IMO2621.doc	doc	ab556aef3f7baf74127e682541cd5bb674af38a62c4c1f89ff43f09388894af2	25.00%	Heodo
2020-02-05	inf 2020_02_05 AN317.rtf	doc	e017e89646b0d091bc67504f4318ea078b5a279edd898f418ff735e40c432e28	25.00%	Heodo
2020-02-05	list_8414.docm	doc	dbbe0d7dded778f388849d7ce83487c413292de6f83d4d8286e7b13bd8f5b981	24.19%
2020-02-05	Rep_20200205_ZZW5449.doc	doc	4e82c0983f4287199416515585b3322785209242527d21f73fc1213fac0da816	25.00%	Heodo
2020-02-05	ARC.docm	doc	add57fd6782c427fbdbab1e52f313746c594f78a352135f6961c6e7d3d9ea2f6	24.59%	Heodo
2020-02-05	List_2020_02_05.doc	doc	07fe2fb2cf6e99bc0fee819b38bda8d4c0e8f7d18f8faa9775463041c71ba5fa	24.59%	Heodo
2020-02-05	dat-20200205-7204.docm	docx	3002799efe2f36491f41e0c5e350a6c6ae06bdc8fbef3c1ddf753c6c2e206736	n/a
2020-02-05	Arc.docm	docx	3c0292963e5af1dfc8aa14b1b0408c3d3e0873fde4dd75962bd380b5aa67eb36	34.92%
2020-02-05	file_20200205_YBS39075.rtf	docx	98a046c048e6dccb43c0c6c6ce35eda6d4792e013b3bb7abf69702d4736b8840	34.38%
2020-02-05	rep_M3407.rtf	docx	dcdcefae226e1eccadad30728bc5d5a86fcc042676c0e98078e62ccd82b564d2	33.87%	Heodo
2020-02-05	file_826.doc	doc	ab25cd8065a0df8608fcd69bd29689ae7657b263b8290a459052ff0cfcac3951	30.65%	Heodo
2020-02-05	rep_TES596263.rtf	docx	87bf983815a7bdfc6fda722fa02b1adef0c064fc60a443faed053662ba92a74f	32.20%	Heodo
2020-02-04	ARC-20200205-W22482.rtf	docx	f2d5330b5aa423a1c21c6f960154447080fb0b6a7747307519ce8d57a310d1a0	29.69%	Heodo
2020-02-04	mes_2020_02_05_B733.doc	doc	f189891eacbacefcd510376ad44060a48962b25cfabcdd82b7845acdb512bab8	n/a
2020-02-04	File_20200205_EV834.doc	doc	ec4146a69e81f690514da6199f759c184964dbe031f6ca7850b4af5d0d365150	36.51%
2020-02-04	Inf_5478965.rtf	docx	cf00a0e13bdc326ecf08bd0238ee35c3600642133c7f84f69b0434aa63bfa291	32.81%	Heodo
2020-02-04	Arc_2020_02_04_8320568.doc	doc	226e3d9397801a0c20fc12e65373887d6b8e32d5d47ea818a8b891be4513e330	33.87%	Heodo
2020-02-04	Doc_2020_02_04.doc	doc	b47eba67f3bdcaadc7e9116053d4a250ae71ce6031b8ae4c30bc22459a57ba0d	31.75%	Heodo
2020-02-04	rep 2020_02_04 633521.docm	docx	265e4a2697fbfecc43edb76419d9e4a8928492d01b548cd7d6804226d6b2a593	37.10%
2020-02-04	rep_20200204_TVH7687.docm	docx	786563efb876e891aa804967d96e0a176417ad2c731e93a1fd788cc7d15d57a7	37.70%
2020-02-04	FILE-20200204-362.rtf	docx	a22639097a957b8debdfb4ff182eb2b6a288368b09b8427853ed91346b687737	35.48%
2020-02-04	arc-2020_02_04-5703.rtf	docx	71504ffb2ac7323b2da494aabf013190544db3e4230b363b639d68878aaf77dc	36.51%	Heodo
2020-02-04	inf 20200204 XS967.doc	doc	b71394268acf3acca757143450d5ccc9030bb60cd3e5e9e3245f81fa1b63e757	n/a
2020-02-04	List 4748.rtf	docx	66fbfabc52fac899652f0e490be589ec3d3c5d3cf233ca24171ab6d8ff55a50d	34.92%	Heodo
2020-02-04	File_DKU453778.doc	doc	8850bfdd37da2c746074f307dfcda1b492a3d639d6a48a9d56dc084fec7c536d	34.92%