URLhaus Database

You are currently viewing the URLhaus database entry for http://fsastudio.com/FILE/US_us/Past-Due-Invoices/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:92667
URL:http://fsastudio.com/FILE/US_us/Past-Due-Invoices/
URL Status:Offline
Host:fsastudio.com
Date added:2018-12-11 02:55:40 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-11 02:56:10 UTC to abuse{at}serverius[dot]net)
Takedown time:8 hours, 51 minutes Good
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-12-11Latest invoice - 020332.docdoc05fbf69ba94638a93443bc0b3cc97cf4b1e140133620db00bab3fef0529f8583Virustotal results 17 / 59 (28.81)
2018-12-11Inv. no. 32EOG5674.docdocc072adca0179a17c59bf53ad5428d2e4070ab55f2169d7a5704a8ca526ea9a10Virustotal results 25 / 59 (42.37)Heodo
2018-12-11Statement as at 11.12.2018.docdoc84ed9cd3abfa4f6b84460ae0b747230fed7fc469e32b767395f7afe5dde247e9Virustotal results 17 / 58 (29.31)Heodo
2018-12-11New invoice 4155G577766.docdoc14a74ba9d54a1f9b8de7846d46fcea94d15f5eba4f4c1361994721c6c2abb464Virustotal results 17 / 59 (28.81)Heodo
2018-12-11Outstanding invoice.docdoc885194cc0fa0d5c3f75c2153fd17db324427b0a648c917d196b2341a1b8ede4dVirustotal results 16 / 59 (27.12)Heodo
2018-12-11Inv. no. 4EHX02932.docdoc58674aad9b17f181eb82a583bde0851e387b67569247829d3c1f0fed4022b00fVirustotal results 18 / 60 (30.00)Heodo
2018-12-11Final notice.docdoce2f23d4775ece710bf80134a1dba19b94cfa9194d769281ba319186f03a1dd04Virustotal results 17 / 60 (28.33)Heodo
2018-12-11Month notice.docdocc65bc24db7d92869a677355342481fb74146b869515fb9bdd64812dde0f44b7fVirustotal results 17 / 61 (27.87)Heodo
2018-12-11Invoice Confirmation 5H67030.docdoc16d1eb33627f995503e9bcef79bb799e72482b530c50ebd43f34ffe576bfc0a7Virustotal results 17 / 59 (28.81)Heodo
2018-12-11Invoice Confirmation B38203.docdocf44c4e4dfb7fea1efa2f19edbf542ad9805eab720a79d6551b1aec77511038ffVirustotal results 20 / 59 (33.90)Heodo
2018-12-11Customer No 4397486.docdoc4f9e90fdea5dffe26c45708e6ffb06fda9ece8db28f52282426826ea1f09c69bVirustotal results 19 / 59 (32.20)Heodo
2018-12-11Outstanding invoice.docdoc096714b94c2dd4e3a2f666b1d8598a2dd824109f946070b3139eb802ed20927eVirustotal results 17 / 58 (29.31)
2018-12-11Customer No 7144454.docdoc5db8e82da29b84edcad955dd15ce35f22429a0d55ebbf7a4138130ca533dde0dVirustotal results 19 / 59 (32.20)Heodo
2018-12-11Invoice Query.docdocce930600f3276d5d60abd3ca5f5f3885493198e5f686c7fa817446f53f3eccb9Virustotal results 18 / 58 (31.03)Heodo
2018-12-11Accounts - Invoice.docdoc254c189fcab836ff9d69506217bf7c4662b057dda6ede51759c2b6f004a35a16Virustotal results 17 / 59 (28.81)Heodo
2018-12-11Latest invoice - 320744.docdoc80e3911ae9f497ef95f294bbf0d23eec3b72c398f2ade4fc959cdaffd287d547n/aHeodo
2018-12-11Invoice Confirmation YA2793.docdoc88be98adbd949ec853acc153758beaf76b3a2264d874a726292c9348bb4356e9Virustotal results 19 / 60 (31.67)Heodo
2018-12-11Month notice.docdoc16552a612e691dc1d70d033ac4306e0047f0bb532a59fac53aa85f61adb09078Virustotal results 15 / 57 (26.32)Heodo
2018-12-11Accounts - Invoice.docdoc4acb34a5ad58767decbe0a134a53198f8cbfb3902ed3c33170f4dd153a6ed1ecVirustotal results 18 / 60 (30.00)Heodo
2018-12-11Final notice.docdocf90b4e2348300224409f6b24f046ad3e0e0fa5955919b9747582489fb6d7896fVirustotal results 17 / 61 (27.87)Heodo
2018-12-11Billing Invoice - Job # 1974982.docdocdd07c09b322a4086eb1f8927c75d71702d27a395a2c5cb44e90585fb529b6861Virustotal results 17 / 60 (28.33)Heodo