URLhaus Database

You are currently viewing the URLhaus database entry for https://fuwa.com.vn/cgi-bin/1o4x7vuik/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:588334
URL: https://fuwa.com.vn/cgi-bin/1o4x7vuik/
URL Status:Offline
Host: fuwa.com.vn
Date added:2020-09-21 18:21:47 UTC
Last online:2021-03-02 23:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-21 18:22:46 UTC to abuse{at}choopa[dot]com)
Takedown time:5 months, 12 days, 4 hours, 42 minutes Bad (down since 2021-03-02 23:05:44 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-22C_OEO_090120_JJU_092220.docdoc b47a1743a01e5885f50abb8a2bb9ad539a52c6b38e1fe97ace7c7165c384a523Virustotal results 34.43%Heodo
2020-09-22FILE_APG_090120_VXC_092220.docdoc 81f0521a22118d4b0d1ab491183c0e961d22f56fb43d063febfdbf53348add1fVirustotal results 31.15%Heodo
2020-09-22REP_93599017095672421.docdoc 09354d76c301e3e65f29aceb76a3bbfa8cd5bc590010a3eaf044b7050c3e61b1Virustotal results 32.20%Heodo
2020-09-22PO_09222020EX.docdoc 0489a6b94e2c6206bd2730cc32c8f873d1ac1af2ad02bdb69a77a8078460741cVirustotal results 32.20%Heodo
2020-09-21V_PO_09222020EX.docdoc 62f036b925c8b4c5c90b88eaf15e774481a952ac6e1c7596916e10054b82daceVirustotal results 30.00%Heodo
2020-09-21Z_LO8828338924KS.docdoc 6aaa5d1200a0ddb1900acfe0f5b79eac2ce5b928d30db37c4f21e43cea55d69eVirustotal results 32.20% Heodo
2020-09-21SH2371000600XU.docdoc 0b406d237fa37888f1acd0ffc4b59577ffd5e45b792a835c2141483e2206ce9cVirustotal results 30.51%Heodo
2020-09-21Q_59625573.docdoc 74c1fc2f43a4a426a9f4ffbc4738e6107d95009d67a202f0c8a2a1b80ef60937Virustotal results 31.03%Heodo
2020-09-21REP_10996725.docdoc ce745f41bc3c216b25b5d553cff68854d633377995317973429dc64180aa89efVirustotal results 30.00%Heodo
2020-09-21REP_EYK_090120_SXI_092220.docdoc caefda78ff290b2ad9de3f8ee864f985144a3caeb6e307e034427b5f621184daVirustotal results 31.15%Heodo
2020-09-21FILE_UH1229255152UH.docdoc 04b6915557c386d4219e56049dca6eeef6f30b41f45fb525d36977e248fbf4ecVirustotal results 31.15%Heodo
2020-09-21INV_ZQX5S2M.docdoc b0c1e64b3b04df99668587d56d89c513ced13de50d8596e1d49a2eac66c96049n/aHeodo
2020-09-21AT6272680984FC.docdoc a8f76389eb48147fbdfcf5e3037911b1d933d7e0a1da38d58125ee2b9084b561n/aHeodo
2020-09-21REP_QLW7PT0GCY.docdoc 9e23f757e5e389aaaedeada32671c3f7a5620ec100069483a67b7305697a88c9n/aHeodo
2020-09-21U2ZLVZLPTE7.docdoc e6573ea6cfe0bdb4f9b3d43b7b68207d18fb492c9ed35aaf6bee52d0d681a9ddVirustotal results 28.33%Heodo
2020-09-21XJ3964974240AA.docdoc 5af136d60a366d4fa170883a816b530f4ef2828bfd11eafe0204c4f202deb748n/aHeodo
2020-09-21REP_99527212.docdoc 0375b4835fb4def35254dd37af3b71c8c92dbafb8af44ccf8f7ff85e3751ffb7n/a Heodo
2020-09-2182994735.docdoc cabe0605dd6140798ca1573bc18bbc38043b41d7e8bc202fb6ce104462a88595Virustotal results 28.33% Heodo
2020-09-21NV_6PSMV28O7W.docdoc e4bf7ba6d49953f6d305ed245b9ef7be426ea9b211bbd8aee04948809159fda8Virustotal results 27.87% Heodo
2020-09-21BAL_FQAJ0TA8I2L.docdoc e60647cfe1adde616c890f3e26971215036da239a61dc90bf5ef9fbaaba6dd65Virustotal results 27.87%Heodo
2020-09-21SRV_KMW_090120_NSZ_092120.docdoc ea13635d8fae6f813f3021e4d264e12f874aba0cadf496e53a82fdd80faf37e5Virustotal results 25.00%Heodo