URLhaus Database

You are currently viewing the URLhaus database entry for http://www.plasdo.com/MNXfUEtpo/702DXQ/PAYROLL/Commercial which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	55554
URL:	http://www.plasdo.com/MNXfUEtpo/702DXQ/PAYROLL/Commercial
URL Status:	Offline
Host:	www.plasdo.com
Date added:	2018-09-12 11:33:10 UTC
Last online:	2018-09-18 02:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	unixronin
Abuse complaint sent (?):	Yes (2018-09-12 11:34:09 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	5 days, 14 hours, 43 minutes (down since 2018-09-18 02:17:25 UTC)
Tags:	doc emotet heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2018-09-14	PAYMENT #708772PKD.doc	doc	c3f2233ec52a49433a093f5e83ea01228c7088ead6cef9b914543b2268085bc6	29.51%	Heodo
2018-09-14	PAYMENT #52RRFZ.doc	doc	9349ca5c47141bc0277a0dd9f25c5767e7d6378057c985488ccd3b4b552a25da	n/a	Heodo
2018-09-14	PAY #8AYNGHL.doc	doc	a5207d69b06370cac30aa2f58046957fd42810ca4efd0b67dcd8f05f9179e7c4	n/a	Heodo
2018-09-14	PAY #6590C.doc	doc	56be3018493c1b5f47eddfbd3ae3309607dfe38aef9a20f75835acac73dd082b	n/a
2018-09-13	PAY #771762YNKM.doc	doc	5f0ad3642213289274ff254fed176dff2e17eb410a4d2aad34244b119ecb6e72	26.23%	Heodo
2018-09-13	SWIFT #366P.doc	doc	f919d7e922a27ffcca7450ca40ca9647e52771346197f606ae02275ae67b3268	26.23%	Heodo
2018-09-13	BIZ #0X.doc	doc	3faa88ea91d876995945b8ca680036a4c2d9f7d77e0f21681508b0cc85fee7e6	n/a	Heodo
2018-09-13	SWIFT #206052Y.doc	doc	7f2da553eae249a03e752f53c31f7c55bbf041a0d09779cf615f6ac0e12319fe	24.59%	Heodo
2018-09-13	SEP #674409YZ.doc	doc	5eb986d05ad832897acbc13e870ee4f2971f1901374615a41ee2f5f5fe91d68f	22.95%	Heodo
2018-09-13	PAYMENT #2351NRDBRDVH.doc	doc	1c84d3a7b02bd30a0884d5a0ff5840f77490945045ae7b8055d408e8ec6de8ab	n/a	Heodo
2018-09-13	PAYMENT #39L.doc	doc	4f3b20b026bdadbc5b9744834db42bf6858f4a238068f44f335967461755578a	22.95%	Heodo
2018-09-13	PAYROLL #156120EBLVQXY.doc	doc	0432b3023902e6923a125718c35108cdd55b58ddf985e3cc7efb5a4b79e1c208	18.03%	Heodo
2018-09-13	BIZ #457515VFATIQY.doc	doc	764122c8c7d3c80f2c4c5c812333b6d804683a90cd5c6ffe28d36e6bbd2ac90e	n/a	Heodo
2018-09-13	SEP #23SEJC.doc	doc	8870a62f875161882a0c93807ccc85209554a068953ae16190484414b427b173	36.07%	Heodo
2018-09-13	BIZ #84Q.doc	doc	30594291490a1928a7bf89f633c88b3e8bb41c4ae795156309a0f076652d072c	n/a	Heodo
2018-09-13	BIZ #58847RLAMJA.doc	doc	1316c887d94e24f942b882ecbe7314ef4746e2800122b27bb0086e8aacbb8b00	n/a	Heodo
2018-09-13	PAYROLL #993380UPYA.doc	doc	da2a56412ba9240e01d478074dfee4cd0ef92d0d8d1d2b42b01411212c2e6e83	33.33%	Heodo
2018-09-12	SWIFT #0QRF.doc	doc	e6a578c89917327adb9fcd46a34823c0f2b34ec26d7e0bcdd08f2fdd0b3e534a	29.51%	Heodo
2018-09-12	PAYMENT #775087G.doc	doc	9bf0d95cb5f73ff4945a61379a9d058f520376aacd4eae89d82165c1e67c35c9	26.32%	Heodo
2018-09-12	SWIFT #548YTVOFLHL.doc	doc	961a7252c607c4675cfda69848006780ee9886b7d011c30cbe4aaae3b244abb3	31.15%	Heodo
2018-09-12	BIZ #967602XG.doc	doc	2ceb81f9c7601592ac7b99888c1c7611f0cb9053aed8a7a9306078f4c1d9fb92	n/a	Heodo
2018-09-12	SWIFT #3492020MKELWKT.doc	doc	d4482c6be7b3208e3668f55f40b2207dfe7acd33c26f93e7100757827eafe66f	n/a	Heodo
2018-09-12	SWIFT #360SQCUARSU.doc	doc	4e12f2597757d29a510136a07205cab71f04755e39063e13de5ecacc6dad0bd3	31.15%	Heodo