URLhaus Database

You are currently viewing the URLhaus database entry for http://fpw.com.my/files/EN_en/Open-invoices/Past-Due-invoice which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:42868
URL:http://fpw.com.my/files/EN_en/Open-invoices/Past-Due-invoice
URL Status:Offline
Host:fpw.com.my
Date added:2018-08-14 22:49:30 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@unixronin
Abuse complaint sent (?): Yes (2018-08-14 22:50:18 UTC to noc-abuse{at}mschosting[dot]com)
Tags:doc emotet heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-09-08Statement as at 16.08.2018.docdoca5a1e18ac158189de781409d57be50702ddf831eee5e493cbd53a2c7f413f8cbn/a
2018-08-16Statement as at 16.08.2018.docdoc377896b81460ef61d22b561442c1375220b8e34039bf9efb7bdc1036f5d9600en/aHeodo
2018-08-16Latest invoice - 670083.docdocff47dc0d57d2db700b12d1c0e671bdce414b6abaeb19401eb07600009c73d8faVirustotal results 15 / 60 (25.00)Heodo
2018-08-16Review invoice required.docdocb35b9a690d5b2b94fb262bf488c8acd5f437ae489024ecec45cf9197d5177053n/aHeodo
2018-08-16Invoice as at 16/08/2018.docdoc0be4241572bb34864bce4a92517d2087cc96edfe8d943f8340b7b91f59eb9619Virustotal results 16 / 59 (27.12)Heodo
2018-08-16Review invoice required.docdocc9ac91c9915eba1cf9ee1ce5d8680ab5c37167d17a618fd2c493e73b9c10b853Virustotal results 17 / 60 (28.33)Heodo
2018-08-16Invoice.docdoc27be34434aee00afaa097fcd9b09d9881dfea493d081bc133a40d39639918b88n/aHeodo
2018-08-16Statement as at 16.08.2018.docdoc66ebe328415e1eb4e16e3cc17fe1f206f07ad16bc40477760b73e46ccddfbc25Virustotal results 23 / 59 (38.98)Heodo
2018-08-16Invoice.docdoc5f2b40e65fd036b135ce6a86239f657dd670e50f576e5832937c230cf636a37bVirustotal results 20 / 59 (33.90)Heodo
2018-08-16Latest invoice - 094413.docdoc3662c11021cd7b17d7c98ba1fce7e7e0d4cb4cf3c3b08845364f51ebf3b5badcn/aHeodo
2018-08-16Review invoice required.docdocc49c861f8be237608246522b56d4e729568e804d4adfca2a28117d972d94e928Virustotal results 18 / 60 (30.00)Heodo
2018-08-15Invoice # 5LV55945.docdoca8ecd3c1fcc6e41d4a24c4d8c39f1d7696a83ba28d148511e92c2fd13bfddbf6n/aHeodo
2018-08-15New invoice 89QBC6204.docdoc168308817df0b5f51a942117a0a736ecbbb5642648b480803d0fe70c5473983dVirustotal results 15 / 59 (25.42)Heodo
2018-08-15Review invoice required.docdoc16e1912fc16e789e8913840e57e10fe8aa8aa1e0f165791e461de17871959d47Virustotal results 15 / 59 (25.42)Heodo
2018-08-15Invoice Query.docdocf2693d14afafe2e7e8b9ddb930b12e3a29b8a1dd31524df2dbd392b5860a6c5eVirustotal results 15 / 60 (25.00)Heodo
2018-08-15Billing Invoice - Job # 4218704.docdoc9798fa7bdc64e53865bd020e745a6030d2be452533f825f5112d17729120441cVirustotal results 17 / 58 (29.31)Heodo
2018-08-15Outstanding invoice.docdoc8c4ce35dda3d110f5e6e6bac50cfbb34751f5db03188170d1680144fcca1267cVirustotal results 19 / 60 (31.67)Heodo
2018-08-15Invoice as at 15/08/2018.docdoc61f8679f1af61e12535ddedacd965dbb1f745d85d67e597f97df64c2947e35f9Virustotal results 18 / 60 (30.00)Heodo
2018-08-15Invoice # 816P467955.docdoc72a9605fb3bb77cde5b3fb2d1355df6707e0fb3c7fe4d0ee20e561354234d15bVirustotal results 22 / 58 (37.93)Heodo
2018-08-15Outstanding invoice.docdocb3780348a997bf9644df511fc09819640396ae7b5934775a7dae92d1453b9f74Virustotal results 22 / 60 (36.67)Heodo
2018-08-15New invoice 842MW988453.docdoc23d5a27e14c1441567e38b6a14485082e88f56133f18d60a4d42e5ce9a60d743n/aHeodo
2018-08-15Month notice.docdoc1a4ca08fb00aedb3b45ec4418539472eea22761aabe719e0e8021947305c4e6eVirustotal results 20 / 60 (33.33)Heodo
2018-08-14Invoice Query.docdoc429012f0faade3186f4d5ef455c114ea0cd27973f1a785b4a8f12326f028aa32n/aHeodo