URLhaus Database

You are currently viewing the URLhaus database entry for http://fpw.com.my/DHL-number/EN_en/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:37287
URL:http://fpw.com.my/DHL-number/EN_en/
URL Status:Offline
Host:fpw.com.my
Date added:2018-07-31 19:16:05 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Abused domain (malware)
SURBL:Not listed
Reporter:@JRoosen
Abuse complaint sent (?): Yes (2018-07-31 19:27:59 UTC to noc-abuse{at}mschosting[dot]com)
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-08-01DHL_Express_76354107911.docdocbd966328404c4b5ff7a9ceda1ea441c4ab1675029f27af702ea46f21497550e6Virustotal results 17 / 60 (28.33)Heodo
2018-08-01DHL_Express_321888048.docdoc9551a0941f52e4f6b23c3451cc266e24e206fc74bc44f10c7b4bb41ad9ea0f9fn/aHeodo
2018-08-01Tracking_011250268.docdoc6083231d07911aace3bd44aa0e6ff244da42bf5b844a68a241f1f801ce5cfac8Virustotal results 17 / 60 (28.33)Heodo
2018-08-01DHL_Express_69120028487.docdoc617bcd198922ae1b6385e5169d00357353f85cb020f6a42d6c6ad76e21d350f1Virustotal results 16 / 60 (26.67)Heodo
2018-08-01DHL_Express_80693475.docdoc4c724126ba4cec6b0c95367e9abca9ab89c60f721869313a428523bfacfc5068Virustotal results 14 / 60 (23.33)Heodo
2018-07-31DHL_Tracking_0786386501139.docdoc019c9283d85b63dd3f52ed9c23225d33815b661a80c10cf5a6edbbf98b70e0fbVirustotal results 18 / 61 (29.51)Heodo
2018-07-31DHL_Tracking_807541466209346.docdoc7ab7134daa5c94ddec1ec844a5535db1377227d3694e408651c4844e146cfbf6Virustotal results 15 / 61 (24.59)Heodo
2018-07-31Tracking_60878902.docdoc7fa70528b6491323da9b6651dbceb1c866c1e6a380491d27129549cd9a43d873Virustotal results 15 / 60 (25.00)Heodo
2018-07-31Tracking_27840408426.docdocafb4a5d9d02bbcf8e250f1289f56ba65d48ea63779088020ca0f5b531cc1530bVirustotal results 23 / 60 (38.33)Heodo
2018-07-31DHL_1236292.docdocb716af9a4b2aea60e3fd35b721bf597d67a7dcb5ad97e4399b8ba8686dba8e74Virustotal results 18 / 60 (30.00)Heodo