URLhaus Database

You are currently viewing the URLhaus database entry for http://fpw.com.my/files/EN_en/Open-invoices/Past-Due-invoice/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:42944
URL:http://fpw.com.my/files/EN_en/Open-invoices/Past-Due-invoice/
URL Status:Offline
Host:fpw.com.my
Date added:2018-08-15 02:31:34 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@JRoosen
Abuse complaint sent (?): Yes (2018-08-15 02:32:06 UTC to noc-abuse{at}mschosting[dot]com)
Tags:doc emotet heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-08-16Statement as at 16.08.2018.docdoc377896b81460ef61d22b561442c1375220b8e34039bf9efb7bdc1036f5d9600en/aHeodo
2018-08-16Review invoice required.docdocb35b9a690d5b2b94fb262bf488c8acd5f437ae489024ecec45cf9197d5177053n/aHeodo
2018-08-16Review invoice required.docdocc9ac91c9915eba1cf9ee1ce5d8680ab5c37167d17a618fd2c493e73b9c10b853Virustotal results 17 / 60 (28.33)Heodo
2018-08-16Invoice.docdoc27be34434aee00afaa097fcd9b09d9881dfea493d081bc133a40d39639918b88n/aHeodo
2018-08-16Statement as at 16.08.2018.docdoc66ebe328415e1eb4e16e3cc17fe1f206f07ad16bc40477760b73e46ccddfbc25Virustotal results 23 / 59 (38.98)Heodo
2018-08-16Invoice.docdoc5f2b40e65fd036b135ce6a86239f657dd670e50f576e5832937c230cf636a37bn/aHeodo
2018-08-16Latest invoice - 094413.docdoc3662c11021cd7b17d7c98ba1fce7e7e0d4cb4cf3c3b08845364f51ebf3b5badcn/aHeodo
2018-08-16Review invoice required.docdoc7260f2a45eab27145ac352d37286df61aebe0457cd9a50f10385c37b52769003Virustotal results 18 / 60 (30.00)Heodo
2018-08-15Outstanding invoice.docdoc6f59607f97d7242934de29fedd6cd1ac0efd74c99e7ca212b68c042ffb8bf9c6Virustotal results 15 / 59 (25.42)Heodo
2018-08-15New invoice 89QBC6204.docdoc168308817df0b5f51a942117a0a736ecbbb5642648b480803d0fe70c5473983dVirustotal results 15 / 59 (25.42)Heodo
2018-08-15Review invoice required.docdoc16e1912fc16e789e8913840e57e10fe8aa8aa1e0f165791e461de17871959d47Virustotal results 15 / 59 (25.42)Heodo
2018-08-15Billing Invoice - Job # 4218704.docdoc9798fa7bdc64e53865bd020e745a6030d2be452533f825f5112d17729120441cn/aHeodo
2018-08-15Outstanding invoice.docdoc8c4ce35dda3d110f5e6e6bac50cfbb34751f5db03188170d1680144fcca1267cVirustotal results 19 / 60 (31.67)Heodo
2018-08-15Invoice as at 15/08/2018.docdoc61f8679f1af61e12535ddedacd965dbb1f745d85d67e597f97df64c2947e35f9Virustotal results 18 / 60 (30.00)Heodo
2018-08-15Invoice # 816P467955.docdoc72a9605fb3bb77cde5b3fb2d1355df6707e0fb3c7fe4d0ee20e561354234d15bVirustotal results 22 / 58 (37.93)Heodo
2018-08-15Outstanding invoice.docdocb3780348a997bf9644df511fc09819640396ae7b5934775a7dae92d1453b9f74n/aHeodo
2018-08-15Latest invoice - 850930.docdoc175b3629c776f00ce86f5d635be7e8a8f96e0e8abe184b49ee11020f3f363626Virustotal results 20 / 60 (33.33)Heodo
2018-08-15Invoice as at 15/08/2018.docdoc750f735540883b2a173ef6de05ed720e37ff554457199c64728f5dbd9d411348Virustotal results 20 / 60 (33.33)Heodo