URLhaus Database

You are currently viewing the URLhaus database entry for http://duwon.net/wpp-app/sites/US_us/Document-needed which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:61042
URL:http://duwon.net/wpp-app/sites/US_us/Document-needed
URL Status:Offline
Host:duwon.net
Date added:2018-09-26 18:35:05 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@unixronin
Abuse complaint sent (?): Yes (2018-09-26 18:36:04 UTC to ipadm{at}lguplus[dot]co[dot]kr)
Takedown time:1 month, 23 days, 11 hours, 31 minutes Bad
Tags:doc emotet heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-09-28Invoice as at 28/09/2018.docdoc54f014f0173fc7636df5df5ddb20a34b83999cc0b18b62cf8e823e08a3df39dbVirustotal results 19 / 61 (31.15)Heodo
2018-09-28Final notice.docdoc73179b181357927291a9473855bc2bbeb3138906af2608ae3f4b8525e36f9dbfVirustotal results 18 / 61 (29.51)Heodo
2018-09-28Invoice.docdoc47318302dc1a0f44e24456ac118539d9b077e33599d2a5dcd996e054c84b54cdn/aHeodo
2018-09-28Month notice.docdoca491d83cf95f6d10c8f5deacfb1101bdf8e4eface08444eebab96c60848ffd74n/aHeodo
2018-09-28Accounts - Invoice.docdoccae37eb33bbfef6e1b5cc05d327fb0693f3e8efccb6c53a47bc8951a63e883bcn/aHeodo
2018-09-28Latest invoice - 631946.docdocbdfef5760af99ab34fafc5266bbb73fa447715f2342ee412afac8580015b83d4Virustotal results 17 / 61 (27.87)Heodo
2018-09-28Latest invoice - 539639.docdoc16780c465458cbb69a46d9f925cd54bc4922db1dd67dcaaef9010e593fa78d81n/aHeodo
2018-09-28New invoice 6HG12316.docdoc4a5ef70b4c1249e52f06131e2f48c19fb4141c9e89fb7ffe09ad0dd69e49b306n/aHeodo
2018-09-28Invoice.docdoc204a5be209be30dc08d6d0ca041e514b3b5a20729b0e772bbb23d2c4430ec4aan/aHeodo
2018-09-28Inv. no. 7S9B67553.docdoc4da86e631edd992d2c6ac26c8511d4317fd2974ab9136d88ee2b638386409331Virustotal results 22 / 61 (36.07)Heodo
2018-09-28Review invoice required.docdoc98c9987a6135768b342b36df376518c5232bd50c98f5866e248ace9aa85336b2Virustotal results 16 / 60 (26.67)Heodo
2018-09-28Review invoice required.docdocd772837ae2873b5eb3809366707fc349283dad768f05eaec332ed2dbe7097fe5Virustotal results 18 / 61 (29.51)Heodo
2018-09-28Final notice.docdoc9d861149271b7fd3062831ee6b545574ae71a554e78d789180769ed601faee71n/aHeodo
2018-09-28Outstanding invoice.docdocd56837d200fd6617a2593e52245bea006afc27fd4391179cd6fb3e43c2fa9a93n/aHeodo
2018-09-28Billing Invoice - Job # 128620.docdoc12b17663d53d0e3ac0cd75309b51f7d9037f7ddebb0b98bea1883984c433ee6cn/aHeodo
2018-09-28Billing Invoice - Job # 344976.docdocc91a000d20f3dce047ad53972e86b02ac16267eeeb420c96cb64a413813819dbVirustotal results 17 / 61 (27.87)Heodo
2018-09-27Invoice.docdoc2b76d8f68a57dad4e52491e78af497cef796b4e82e1f25af7ca8e18e4a3ae4e1n/aHeodo
2018-09-27Invoice.docdocab1bd3d173d285a66cbc0e18befb7e36e488b119fe585db00243fdbc0a456cf0Virustotal results 20 / 61 (32.79)Heodo
2018-09-27Invoice Query.docdoc2e7a575ca8ac56a542461c64125c31da793e8bf99ddd6c87484d26b5e51f42bfn/aHeodo
2018-09-27Invoice.docdoc05dc7c3a91d9402c426865acdedbc42e4a691f4e328b401ed4ecbe483e077483Virustotal results 16 / 61 (26.23)Heodo
2018-09-27Invoice.docdoc8bf890afc87fcfbb2f86a976a9721da151ecbc1c84340b1c3f8203e4e4484872Virustotal results 18 / 61 (29.51)Heodo
2018-09-27Customer No 092186.docdocd8ed5743582a42f89bec45c1cfaf7ce936faf8d8ce6e371953fcd4934561e2a9n/aHeodo
2018-09-27Inv. no. 43GM16320.docdocfb7ed9c7de10c5a2e1554f3d7d91148e0c2f13ba1b17496002b4a743af4c66feVirustotal results 17 / 60 (28.33)Heodo
2018-09-27Review invoice required.docdoc117683d153ab17a29e2784b1d88006d266a619a0f26fe44cb65bc7c17c221392Virustotal results 17 / 61 (27.87)Heodo
2018-09-27Billing Invoice - Job # 0335283.docdoc80886b0cf828f377aab65d0ae0834e5d63804224db9478be7f865d7171a72054n/aHeodo
2018-09-27Invoice.docdoc01c438a829e555ffad2a6e27f6e9a7b9fa988169b372c1c2c4c6a970454515aan/aHeodo
2018-09-27Invoice.docdoc38498522f07f7a5b5bb30145d837e56ca2b49277dd6d3f75c5bac56c8a7958efVirustotal results 30 / 61 (49.18)Heodo
2018-09-27Invoice # 88O2022.docdoc0ddbd8ea72ad8ec5c6c6fe5c1b718e7e2c4a8627f9fcc83f9c08b0862968c267n/aHeodo
2018-09-27Latest invoice - 344349.docdoc91edccc40d05318ba9c03d7f83380537deb294a532b5a5bda3e3e14ef00fb627n/aHeodo
2018-09-26Invoice.docdoc8be3161d77a6646362b962572d46fa534edff961819bfa383963a2f740fc76c6n/aHeodo
2018-09-26New invoice 1WVC9268.docdoc848c43755d6a78a643369027790f2b1d562a51377e202bc8129bf2f166a46954Virustotal results 17 / 61 (27.87)Heodo
2018-09-26Billing Invoice - Job # 288217.docdocf6c3709a39171eb8fc4c5bb19febbbce0f7e99914badad182e2ba629da016e37n/aHeodo
2018-09-26Customer No 900600.docdoc8c36388b25f3abf9028b588a86e26d045a50f2424d3d6dc4cfa4694ffe48b21fn/aHeodo