URLhaus Database

You are currently viewing the URLhaus database entry for http://fpw.com.my/FILE/US_us/Inv-524771-PO-9Y763007 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:49457
URL:http://fpw.com.my/FILE/US_us/Inv-524771-PO-9Y763007
URL Status:Offline
Host:fpw.com.my
Date added:2018-08-30 07:17:20 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Abused domain (malware)
SURBL:Blacklisted
Reporter:@unixronin
Abuse complaint sent (?): Yes (2018-09-07 11:22:40 UTC to noc-abuse{at}mschosting[dot]com)
Takedown time:7 days, 8 hours, 58 minutes Bad
Tags:doc emotet heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-08-31Invoice Confirmation TK4415.docdocf21e796035e8fc8916cb80a3ca4361d5e4d01cde2301ac0540bca3c92db7d3c1Virustotal results 19 / 61 (31.15)Heodo
2018-08-31Inv. no. 52W2799076.docdocb134ac283063896b64c18aabb90961561dca0480e9c7fccdbbdb7316f231d369n/aHeodo
2018-08-31Month notice.docdoc14bcc7022839a7881708d34b8147c00cb3ab1a9f30a8020ba4b74720bc12c7b4Virustotal results 20 / 61 (32.79)Heodo
2018-08-31Final notice.docdoc4986ba3fb0b7756341ebeddf0af16792fb61dad7cc47f6c1e44e5e2fb629d171Virustotal results 20 / 60 (33.33)Heodo
2018-08-31Invoice Query.docdoc1baa060cae609753a1b52f036a55bcd9212b521d483e8be099b1f646d506d95dVirustotal results 19 / 61 (31.15)Heodo
2018-08-31Invoice as at 31/08/2018.docdocef704fa55454b296ff196b27dcf30e3e0974ab106ad6d927c5f258757e01f351Virustotal results 20 / 61 (32.79)Heodo
2018-08-31Invoice.docdoc87d1341c26511e57d07e8df5c6d6cd64d4d6f95e7403e171c1fc38415d134177Virustotal results 20 / 60 (33.33)Heodo
2018-08-31Review invoice required.docdoc79765635b755992b9035560d4e00b550c3690c4a75d4e022b5998f11db4db738Virustotal results 26 / 61 (42.62)Heodo
2018-08-31Invoice Query.docdoc3a2ce04a9398657962a31a6e53e5762b754fd7bfd675a34ed40bf5817c15964cVirustotal results 24 / 59 (40.68)Heodo
2018-08-31Invoice.docdocde0e3be51c4083fe7e6ab6d9808500d1b38555238a1b610d68788f030cbd3e32Virustotal results 22 / 61 (36.07)Heodo
2018-08-31Customer No 799990.docdoce0953baca7f001d0813b2e86994c00d7110431adac7f2cbaa45efa1191f2ea3bVirustotal results 21 / 61 (34.43)Heodo
2018-08-30Inv. no. 8XMR004190.docdocd50f60d0d4232d24730c86c326a4188a5fa60c3dc31f0968af55e27c444332cen/aHeodo
2018-08-30Review invoice required.docdoc92e27f0f1bdefda08f890d324e4a631f53f33096379d9bba32efb554a4834dbdVirustotal results 20 / 59 (33.90)Heodo
2018-08-30Customer No 1790054.docdocd3c91e0c485e6896f752c64f4bc186859e31beb72ab777b5b3c51c491158a9fcn/aHeodo
2018-08-30Accounts - Invoice.docdoc499e366d052b2456375a48c68d71b5fab9013834be17ad8c4972b514d1f090d5Virustotal results 20 / 61 (32.79)Heodo
2018-08-30Invoice as at 30/08/2018.docdoc2a0df4d0005fa84de6cd6ccbb337de5ec045e1e7a86bd79607089b3a2eb84723Virustotal results 19 / 60 (31.67)Heodo
2018-08-30Outstanding invoice.docdocb25f7a6d85c230a92f0849263c5e734f43a00da97acbf8fa3ab0fafeb4489c78Virustotal results 20 / 59 (33.90)Heodo
2018-08-30Month notice.docdocb1f78b1f323a98708f4b888cff40ab0ed3c86dd4b2ef7c43205ac95ad8cfc2b6Virustotal results 21 / 58 (36.21)Heodo
2018-08-30Month notice.docdoc6acf75a4e27f2a8b0f505a991480274abffbfeb2a1b8e11f84189044dd589e31Virustotal results 20 / 59 (33.90)Heodo
2018-08-30Invoice.docdoc0ae0d818d08187dc762af06f9422578cf1671c177d9aa3b289f67548263e5f94Virustotal results 22 / 59 (37.29)Heodo