URLhaus Database

You are currently viewing the URLhaus database entry for http://plan.ksu.ac.th/bvehu/OCT/bmynf0k/yy68805151690717i2zyruicmi1y8uwp/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:532917
URL: http://plan.ksu.ac.th/bvehu/OCT/bmynf0k/yy68805151690717i2zyruicmi1y8uwp/
URL Status:Offline
Host: plan.ksu.ac.th
Date added:2020-09-16 14:37:10 UTC
Last online:2020-09-22 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-09-16 14:38:39 UTC to noc{at}cat[dot]net[dot]th)
Takedown time:5 days, 11 hours, 40 minutes Bad (down since 2020-09-22 02:19:15 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-2118137598.docdoc 83676faad35894bb04262d898f1279995a52ca4f91f343223e0403b6c915311eVirustotal results 67.80% Heodo
2020-09-18BAL_JO0684254744XF.docdoc 7d6af6fb5524fab475918225161ccfa03fd6b0893b5d6aab343555908978e002Virustotal results 49.15%Heodo
2020-09-18BH9699248435ZZ.docdoc 95aa58c779d17b78ffab83759ad0e70fdf40edf24f573b20839e2da83896d55an/aHeodo
2020-09-18BAL_09141692044162909115608.docdoc 58061f1266dff582938c173bf8f0d73a71593d7d31e79899973ab5eab0d0596bVirustotal results 50.85%Heodo
2020-09-18XHZ_090120_JVZ_091820.docdoc 7a20cfdc1bf8e38ae094a08d8c24b9fe9afc5019768f31ce2a89a17898420878Virustotal results 45.76%Heodo
2020-09-18FILE_50100944.docdoc 58bd7739a1a006ece6b332089b3495f7a5d43baf7f66aa3dfcce0ff1c5e8e098Virustotal results 40.68%Heodo
2020-09-18KBQ_090120_YSD_091820.docdoc 8f433669bafea35f75ac63a4e6aba4cb6345029b4f5d32f42c177071467f9623Virustotal results 41.38%Heodo
2020-09-18DOC_PO_09182020EX.docdoc 7a087796ba52981da1f8e06f79b5bd1bdebeb961afe1f01af7864edfe071712en/aHeodo
2020-09-18DOC_071856229500492819.docdoc 7e96a13f66a51a3a39430169e9c21da4780b9630c7699ffab5ae9b137122dfcbVirustotal results 38.98%Heodo
2020-09-18GFC_LJG_090120_SVR_091820.docdoc 3c558e63407682d8fee665283a24bb73c5839f85317215925264c1b15071b061Virustotal results 42.37%Heodo
2020-09-18HIT_090120_JRR_091820.docdoc 971112bf91b341992aa8874b52425261e68b7cec89ea114487056783acc97e56Virustotal results 42.37%Heodo
2020-09-18REP_36369619085.docdoc c77851ba151f09f555db36179250d20da6817e32999215d3ba13dd47898e8fa5Virustotal results 37.29%Heodo
2020-09-18GK5224938918DC.docdoc 4b9a2688db3fd6465d84ee5baf9fbdf6c50772a16d3e7c265c758ae284e8a63dVirustotal results 37.93%Heodo
2020-09-18995797086643632190907.docdoc ed98997bd450d0c8f1285f0677f4735e52e35f8504b6ab44ca0af91650f29ac4n/aHeodo
2020-09-18FILE_8H7SQ2ANWF7C3MQ8.docdoc 6e221be1094865f6f92e91e222da06c0cfb67ce691d0bd25afb4b4324bb05714Virustotal results 36.21%Heodo
2020-09-18DOC_098575422.docdoc b157c7e4296be966f45fa1efac02053cbc78a6c2012faf885bd9654287f0f35dVirustotal results 35.59%Heodo
2020-09-18INV_PO_09182020EX.docdoc 344be8e47a1c334ca0f6e8d6383c509d62ca9004f050e5a368e064e87e2e947fVirustotal results 35.59%Heodo
2020-09-18DOC_PO_09182020EX.docdoc b42e69393fa458ca73822fb6b7dab4911069668786030a5a6d1ae3b67e107e44Virustotal results 35.00%Heodo
2020-09-18KOB_090120_WSB_091820.docdoc d95aeafb85cdd18684d7a50288bd895c7549455d652bc1997dc4b27c26788c92Virustotal results 33.90%Heodo
2020-09-185927150076281132338694871.docdoc 6098ea8b508e01b7b777f7e9ae9b62e69f4e95a1bf8342c4d7ad98e5559d70d1n/aHeodo
2020-09-17REP_DHK_090120_HYU_091820.docdoc 12412cd6a77f4f37c4af299317f54c6e10deb114a14d2ed1f0de95a3f8466b51Virustotal results 35.00%Heodo
2020-09-17S_24364646.docdoc 074d30932dc73bf17312105a7a4a157bd6cd44f75ce2cd67026282c6bdb3b21bVirustotal results 33.90%Heodo
2020-09-17PO_09182020EX.docdoc edee77f468412b29903ec095de648b2214e471174deffc438b41cb18fed1058bVirustotal results 33.90%Heodo
2020-09-17REP_86KO2KG8.docdoc ebce78b8c9a54b4d497ed1c424eb689cd0959596daf9f6748a46b65aa84b91dan/aHeodo
2020-09-17INV_61809487.docdoc 11cfbdf8ce4f99c93816a1ed7ff7410d051b0cc978efc9ff9fa824db596374e5n/aHeodo
2020-09-17REP_Z4K34AUQ0.docdoc 12d6b38f752ecea5e77fa8c3623f322427bd77fbe3070efe165d432a739f4bd1Virustotal results 33.90%Heodo
2020-09-17BAL_XF7813802028EF.docdoc 794d05a964943c6e59eef584b6bd5ee060dec7907a990ec1a0d71260e641c74dVirustotal results 47.46%Heodo
2020-09-17DOC_PO_09172020EX.docdoc 339016f3d85e1e43b24fe0c43e85be15801e5268905882fd77f11c3b70d3ded7Virustotal results 46.67%Heodo
2020-09-1778649019.docdoc 30fae41cd15ad7341c7e91b9e003b523538a2b23f9afa8d601ec22cdb738526bVirustotal results 42.37%Heodo
2020-09-1781MA6LSXAVZ6V.docdoc 55f67049f14332814d65bbc5690f2538dd7fe24edb943627e039a7ff43ab1fb8Virustotal results 41.38%Heodo
2020-09-17BAL_HY4659906468FY.docdoc ac68b80cefce2e5cea6c8552e9098be831aa16d377071da37b2cf423abb857b6n/aHeodo
2020-09-17YR0961279551EF.docdoc 887f85960d6c0ac59a114e344b272ee3ed2b737523b6d8c4eefbaf1cf0524e62n/aHeodo
2020-09-17ZR_PO_09172020EX.docdoc fdc92337b2b2e66b79997a395980d7d7de9e80daa006d7af482876a6571daa6fVirustotal results 35.59%Heodo
2020-09-17Q_PO_09172020EX.docdoc 14650f22ccd9ac8f4effcb6415afc3ee21a1a681e0d621888dd3e28a30e9e237Virustotal results 36.67%Heodo
2020-09-17BAL_PO_09172020EX.docdoc ef1653ce5dbebfcbaedf38b0994902c3b34b60f312dffcca34560164a435847eVirustotal results 35.59%Heodo
2020-09-17P_29895568.docdoc 5550d9e16cad7854633fe0ca4c7315a5595cdb78147360f022c916fb27890aa6Virustotal results 32.76%Heodo
2020-09-17KOD_090120_PGU_091720.docdoc 9ffdb4d90517b3838da2fe89fe09c33a7351ab0d5b14173bf9674c01c88c1a7aVirustotal results 31.58%Heodo
2020-09-17X_0GRKQC6IEGI.docdoc 22823faf02dacc31bab524d0ff73e36775b3f629be5a241f9334b6f094220b0eVirustotal results 32.20%Heodo
2020-09-17INV_26964436889721.docdoc 58e9e29b2ad9adffb9050f55dc81946e45a9f4dfbf263e4b4a1af049f2897148Virustotal results 33.90%Heodo
2020-09-1717216703.docdoc 7dbf132e16c58a6ffc3e77056da28a5e84a5bab8d4ebc7c1d90057b380d2d5c6Virustotal results 32.76%Heodo
2020-09-17259890225148820160022660.docdoc 5a9d0acacf9a1616330ac1559a2243f80f03ec322e564298c0cff70b28014a7cVirustotal results 32.76%Heodo
2020-09-17REP_PO_09172020EX.docdoc cd7eff89ab25979594648885ed165b0e8cb844bf354d2cd77afb285047573fa3Virustotal results 30.51%Heodo
2020-09-17C_8084633251.docdoc d6780dd989cd52d8f8db998fedd1bdc4d5b52c738e0850db64c96310eddd7c1an/aHeodo
2020-09-17Z_DDD_090120_HXS_091720.docdoc 46b9776b6dcbbc272429563afe8cbf980019b5a57e1a4625c5495dd553ef439fVirustotal results 35.59%Heodo
2020-09-17BAL_TD3172381566GX.docdoc 208e89fb766998ab21cbde91b170f04f5833e9d0d69257b3654828d00dc79933Virustotal results 35.59%Heodo
2020-09-17RZO_090120_OTH_091720.docdoc b0b2a354ba00df18bcae0a90dde8b4ebac01e94a2d8722557c2bebba4368e784n/aHeodo
2020-09-17AKNB83OJ.docdoc 9bf20dfb53d447d25176c2839e17ba601117c7a1a4f051777df513d7641ebd80Virustotal results 30.51%Heodo
2020-09-1765793630.docdoc 43b986aff0456aa4a46557f94d9229679337ddeb001128e516ed0a627e17edc0n/a Heodo
2020-09-17FILE_PO_09172020EX.docdoc fe6c61d58e613b1737dd42c11ceb421b40f8f854324adeecb71245e245ed3a34n/aHeodo
2020-09-17REP_55377844.docdoc e0e9dac7a50485ca1030fc7dd02b0654cdb97f93294d975d06d9d8b8317d8e6eVirustotal results 29.82%Heodo
2020-09-17OL3359688226UE.docdoc fd0f987936c01acfb91bb84e9e9c3e6f425f55d07887f14ee595ec418d252849Virustotal results 40.00%Heodo
2020-09-17932864391315688.docdoc 51d460db7db57fd212907c9aed23bba4891c43175f73978da2c791c60a412c43Virustotal results 38.98%Heodo
2020-09-17SRQ_090120_CXZ_091720.docdoc 3fc9e1303ad2b93db95a11ed49156bfcaff2b986b739b1f4ec66485445548ed8Virustotal results 39.66%Heodo
2020-09-17INV_VBX5X6S9X6V8T.docdoc c3474c39b7b924e42872d74244d0854423f1a19a0bc7bf53337994e269cad134n/aHeodo
2020-09-17FILE_047828664845243720334.docdoc c77010ecb3ef7c24c3c94a923eea805df5460a008b8cb15a2a7c58683055c738n/aHeodo
2020-09-17DOC_S4X0LC0.docdoc 093ca9b873eac37c451077497250eda40c15ef31aefd41593a79f206a45ff6b2Virustotal results 39.66%Heodo
2020-09-17J3RPFHOYTY1ATJ.docdoc 83208fd10a9c71a12a3e48e4231e27e17a061f6c741c37ec8ecec9050be6a811Virustotal results 33.90%Heodo
2020-09-17REP_MP4682394852HW.docdoc bcf9a2940f9615487667d5d0edb9dfcb6e5917b328bc56ada5fe0d5b9f43a9c7n/aHeodo
2020-09-175635505855.docdoc e09973ac979e2a9efbdb59ea10416f8714545ff719579b21a48327219a3ec797Virustotal results 28.81%Heodo
2020-09-17FILE_PO_09172020EX.docdoc d9a35783bb245b622048384501eb1c30e098c547b4d3079e0c8d01e06336464cn/aHeodo
2020-09-17FILE_PO_09172020EX.docdoc 1a945df2c4c5399840e2cdcc623c15e12451e66db694d71f26bd718dc8628993Virustotal results 31.67%Heodo
2020-09-17FILE_7093306143707217.docdoc 7bfbc615a14c1b8e533da21f2d1838f5e3c52ada91bdcbe8b6574195850b9bf3Virustotal results 25.86%Heodo
2020-09-17DOC_PO_09172020EX.docdoc 524f6d1744c625d4ee827ab1ee1406f5aeef8c8799b8cf6474c2a53014a1dfadVirustotal results 28.81%Heodo
2020-09-17INV_PO_09172020EX.docdoc a9c8d3bb56d6abf69a804578bde7b85ae2717ff03d86c79d9f96d313d82552b5Virustotal results 28.81%Heodo
2020-09-17FILE_176365997.docdoc 7a8024cf777ab45c5c969c5efff3dd4f289bc22baf1c91bd884fc2d29435c884Virustotal results 25.42%Heodo
2020-09-17BAL_FO4541714507LM.docdoc 2bc521550fad4a12b0bb8f34a8958db7b2f5b50e9f8579d30d814cee697ab694Virustotal results 25.42%Heodo
2020-09-17I_PO_09172020EX.docdoc 8f96a4ee289f6093a2f1afe8c584cba4a802c054ef22fde70d451254191872fdVirustotal results 25.42%Heodo
2020-09-16FILE_PO_09172020EX.docdoc 1ecaceaeb20649c823b3a63accf639925ba8e4c350b2509496c04dbd622d5d4eVirustotal results 25.86% Heodo
2020-09-16REP_65662864.docdoc 66bd50b4b2f0524aff6b9f64fcad5a686d04778fc56eae470249da88f7c40077Virustotal results 25.86%Heodo
2020-09-16V_816724081979040075097791.docdoc fd4fb3464a7f787ee4d5b1795fe7b4d8ffde4a1683fc6620602fb78ba52f52a9Virustotal results 26.32% Heodo
2020-09-16INV_32118621.docdoc b3f921be965718a9741b8f63d9b29dba0345f98cdfda7a0cabae90ffabc8043aVirustotal results 25.42% Heodo
2020-09-16REP_ULCD7Z4D.docdoc 73158e3c574c5cfbe98520ebb3b8c4270609205751d997b87414e5a43980f960Virustotal results 25.86%Heodo
2020-09-16FILE_ZQ2825061606KE.docdoc 6d9cad95f8aa3d8219f21391e294a8dedbde904308f501b7f4be63eb92a8dcf4n/aHeodo
2020-09-16NJ7125186049DP.docdoc 76bf8d09a314a6ed1f11e8794d3027fcedcc3762677e37d8f7a304e4d370837cVirustotal results 27.59%Heodo
2020-09-16INV_267959726474.docdoc 6ba572ac222372c95a63401ec2b6710af0a9445d6c38efc7cf8397461ab1fd8eVirustotal results 27.12%Heodo
2020-09-16INV_PO_09172020EX.docdoc 1a487a6af75caefff2748862adf7200a692c1e5f6453c1d86ebceab252b5bd66Virustotal results 25.86%Heodo
2020-09-16INV_5206UXSA6LN89Q.docdoc 85ecc831aac84128028e315d8229777d99b91e6adba5a437b18e0f2a3c34e76eVirustotal results 25.86%Heodo
2020-09-16BAL_PO_09172020EX.docdoc 2d28945e5e6a8cb9f9e82d32bbff50d953e72e8f55c46e910c596d92bf646963Virustotal results 26.67%Heodo
2020-09-16QYQ_FPK_090120_QOM_091620.docdoc 89c63f940c17124065f94ee04b40a3cf2f048fb270b93b38fe1b1e937ab4abffVirustotal results 25.42%Heodo
2020-09-16PO_09162020EX.docdoc fcb293cfa69d4cbbc6afa71ad0a6456746863f91a54c2af300ca91c088f9c2f4Virustotal results 25.42%Heodo
2020-09-16FILE_PO_09162020EX.docdoc f656f7fc2ac175767aea79393803f493b18211403a390c2daf9c5dae720e26e3Virustotal results 25.42%Heodo
2020-09-16INV_IGE_090120_ODW_091620.docdoc b88f5009f8b75ec0a35f549fa777d05a819b0ca478eedb65a7b0a9fd01d51e30n/a Heodo
2020-09-16FILE_86802028083317706.docdoc e247f4f69c1be4c95bdf6687e2ae1adbd1635c126ace3b544ad989024da5fb3cn/aHeodo
2020-09-16PHY_090120_ZBF_091620.docdoc 7ad1bb86cc5ab4b2563548f2fc53faf9ed64e5216c895c9a425aea815a45b6b4n/a Heodo
2020-09-16JQR_090120_VQD_091620.docdoc 8807b5e5fcc84574f25c3cc1fd79a2b292b7f7037cba0ed308a05190ce462002Virustotal results 42.37% Heodo
2020-09-16FILE_BB8846283812WG.docdoc d4d482bd99e2f75b977c3fe22ee3df44c1e3758bd61f0636d31c1e35c2d38be6n/a Heodo
2020-09-16BAL_PO_09162020EX.docdoc 679e5f33c444b178b0da6da41a58b4590f05e7c464293e3b1d8f858dbe157124Virustotal results 41.07% Heodo
2020-09-16INV_PO_09162020EX.docdoc 25d1788ec133f048b97e9f205cf6c7b69e50ed0418bd9877553aba8a7bdaefc8Virustotal results 37.29% Heodo
2020-09-16WJR_12831685.docdoc b114281a6664f44018353cae8a6f00cea1d34854e2942f01a9e027d2ab333b9dVirustotal results 38.98% Heodo
2020-09-16PO_09162020EX.docdoc e9e98328d96157a0fd47c6abe8d1d60d8521171a61378aded651b274a0619993Virustotal results 38.98% Heodo
2020-09-16FILE_AN9679089475GQ.docdoc 4d88090314c39059da536bb37270cdf7ffadeeda4ea768b55dcb9f2b807586f4Virustotal results 38.98% Heodo
2020-09-16XA15H45O.docdoc b9a6ff1bdbfdc506e17b3e590738e75cae3ce59614c8a77074df2b1d2abc3801Virustotal results 40.35%Heodo
2020-09-16REP_PO_09162020EX.docdoc 06875ecfcdad40771a2a6d4ea795ebf797776a5fb3289a4f4f6207dc2d4ff91fn/aHeodo
2020-09-16DOC_31557062.docdoc 962d453203d41ae26badcb1083a24aada6ccb51ae5ef7a416d850a0b8cee6c90Virustotal results 36.21% Heodo
2020-09-16BI1070027200DC.docdoc 6820256b4c1c4c5b50146126f828d2317ef12e023043a390611fe9b036cfe638n/aHeodo
2020-09-16BAL_PO_09162020EX.docdoc 54f3ff0a6c12843bdb1b448362320aac7421e7a1c1a210779dbb9c57ede15a75n/aHeodo
2020-09-16PO_09162020EX.docdoc fb878934dbdb4fb712a53bec5d4f866b9bb7d8599edb94da33f95b773e62859cn/aHeodo