URLhaus Database

You are currently viewing the URLhaus database entry for http://fpw.com.my/zy which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:44047
URL:http://fpw.com.my/zy
URL Status:Offline
Host:fpw.com.my
Date added:2018-08-17 13:42:16 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Abused domain (malware)
SURBL:Not listed
Reporter:@unixronin
Abuse complaint sent (?): Yes (2018-09-07 11:22:41 UTC to noc-abuse{at}mschosting[dot]com)
Takedown time:1 hour, 3 minutes Good
Tags:emotet exe heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-08-1812058.exeexeaaefae6e7220af071c90a893224dccec2ca353ad51569a016374b9b0eedb77d0Virustotal results 14 / 66 (21.21)Heodo
2018-08-181950688.exeexeab882716b531372dc50f8eba37b6683b6327eb0135cdcc2a8c1cb7795db48d7fVirustotal results 9 / 68 (13.24)Heodo
2018-08-180946365.exeexeaddd80b214f609d1799362de2fd5f68e7e7e1e1def6de8ca7d60313810e6a532n/aHeodo
2018-08-18877889.exeexe8a9b68e0a57c342705395375693d49c636c0a7156a582ebf2f3bebbf6c2b2b90Virustotal results 13 / 69 (18.84)Heodo
2018-08-18491698.exeexe403d64e1257206aeaecc91916f29afa9ee5310d1affa8a095f5e12302d06bd3eVirustotal results 12 / 67 (17.91)
2018-08-1849409.exeexe3f5b0db6333d5e482ead2873074398b8a9710f9fc251d1d0c5c7b1c95ce1f352Virustotal results 14 / 67 (20.90)Heodo
2018-08-1822.exeexeb4f2f21d096166d37d1b60379a3559779cb5660dab936d05b405bb54a772b460Virustotal results 13 / 67 (19.40)Heodo
2018-08-18019.exeexe52414b2187bbcb10b287d7e158b14e5bda39865341ac975c3f41d3e3cf0fbaa4Virustotal results 14 / 67 (20.90)Heodo
2018-08-17453.exeexef2de177a0a58c34b4d6803020ec194b07edf610c42d48f35c2d8368f3c7a12c3Virustotal results 10 / 67 (14.93)Heodo
2018-08-17351213.exeexe69a0e2965831b04fc57d3026088131717e60651620d698aa03f427cb91bb3536Virustotal results 17 / 65 (26.15)Heodo
2018-08-17793343.exeexec32a48c50076172a80dce4279458233bd814c5f12971186c11a528d52041e285Virustotal results 13 / 63 (20.63)Heodo