URLhaus Database

You are currently viewing the URLhaus database entry for https://www.fleuve.tk/wp-admin/statement/zfkdtqgff/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	414049
URL:	https://www.fleuve.tk/wp-admin/statement/zfkdtqgff/
URL Status:	Offline
Host:	www.fleuve.tk
Date added:	2020-07-17 15:42:13 UTC
Last online:	2020-07-18 02:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-17 15:44:02 UTC to abuse{at}amazonaws[dot]com)
Takedown time:	11 hours, 5 minutes (down since 2020-07-18 02:49:03 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-18	DOC_PO_07182020EX.doc	doc	75f0d4945e98a3f8bc73e66436cc437061ea5f38510e7e554d6b26617460b74a	42.62%	Heodo
2020-07-18	FILE_MA6744442789KV.doc	doc	0321dcc5d416f60aa5a24e206e06a2f787dc3021fa9a4589508637668f25c892	n/a	Heodo
2020-07-18	FILE_CIW_070120_IZP_071820.doc	doc	372a312952d5f8a1df0b77bdeee39ad2b4bb16c3d04b12fee5575e0d21204610	41.94%
2020-07-18	VY3819609629OB.doc	doc	66341377204cc1f59817b6449fb99384c8d173153ada7a859a907cce12bbc54e	n/a	Heodo
2020-07-18	INV_15295926.doc	doc	235905e0f1e943ece9739738d7eafbe365d0b86d3e8c80453056e6cf5f94df17	40.00%	Heodo
2020-07-18	INV_ZG4335856602JR.doc	doc	e9cdb9eed210e1ef9fef04891b1739922b435e2ca30c9dd18cde8d79c4c25c4f	40.68%
2020-07-18	69399767.doc	doc	306d6c3978c7ab7f9b4453ed2901b3c250556695dd0f2b9ae7d4e361bf33c9a2	39.34%	Heodo
2020-07-17	PO_07182020EX.doc	doc	1d5a17b767d9159f1c285fe3291b2c3914f5f02d996e093fdd0187727e7c95ac	37.70%	Heodo
2020-07-17	INV_W9TSBBCPH.doc	doc	8336b8c1e755f2f490572d7be01321aae42ecb94822deee84a78a0d28a4f3fc9	n/a	Heodo
2020-07-17	BAL_PO_07182020EX.doc	doc	5f6d8525a28494c7eda3df2fbb04bcacc9ec20abd2884a8e690d91a2de033807	37.70%	Heodo
2020-07-17	04659383.doc	doc	80fdf1be057aeeffabf88cc551c7c54430259f75b413391064642f8217eefa36	n/a
2020-07-17	FILE_RF5019236984WG.doc	doc	9733e04aff3f386bf6dddf3dd39186c03f4d4e5a842b85898877bc75202125e3	30.65%	Heodo
2020-07-17	RF2273684776RI.doc	doc	57f9025a6b2f793ecb441fead80f3443ee2423ee3e1a273fa7ca7910c931cd80	29.03%	Heodo
2020-07-17	S_MTH_070120_NRI_071820.doc	doc	93a32c3e66cbc2cf825f94cbc698cf9f2bde89f46cbfdae33a83f009b6eb6cf3	28.33%	Heodo
2020-07-17	DDOJ_PO_07182020EX.doc	doc	841439a2ad14784959d57c8b1ad8fb09014fbb03b41aedee51947e8f31e5c4a4	27.42%
2020-07-17	XU_PD2509931686LR.doc	doc	973b004896e71141aa2b073101a02712ba7cf9d9c15ed7371a338d05ec725106	27.42%
2020-07-17	L_61195307.doc	doc	b232aa9c0f20263cb714d75fd663a826ccb2c6987fcf62b815f39a3f111a075c	28.33%	Heodo
2020-07-17	A_PO_07182020EX.doc	doc	d1a117224d6084e8c49f1dec45be3d1bc2227f21988735f86d9e9c9d4a2a102c	27.42%	Heodo
2020-07-17	FILE_95242039.doc	doc	f441acc4d711bcbbdf09e71a85e3c8e18b635bd1b20fcbf6a86432ea328a7614	28.33%
2020-07-17	INV_PO_07182020EX.doc	doc	025407d7f9f039213a4739d987010429db7b0ff963f996c2f5486f4baad2106e	27.42%
2020-07-17	REP_VUO_070120_EGS_071820.doc	doc	af29da688320e9dd533fd56f53aa58a024797de685963ab6a4b570757e78bb93	27.87%	Heodo
2020-07-17	EW7627164102RC.doc	doc	c6badf36e62ab0ca9dc26a615191e6a75be2cf68890349bca490ce9c07f7855d	27.42%	Heodo
2020-07-17	BAL_CS5491322504UZ.doc	doc	c1897c410a839fa5e18b492ba4b120752f8e9aa18c63b45ff2b62df7a02fd5ec	27.42%	Heodo
2020-07-17	51106263.doc	doc	039d3c16562212063e5d5fabb2cbc3c783f134c0e073a13c900d3d0aa2904bb7	n/a	Heodo
2020-07-17	BAL_ZMY_070120_KVE_071720.doc	doc	10ec404f1a061e9911313932f279e74cd87c7d00f077f2461a0efb413687ace0	27.42%
2020-07-17	PO_07172020EX.doc	doc	443db428583d6cdc78e5b36275f584a95900cea3318fe31c41025d6800f72392	n/a	Heodo
2020-07-17	DOC_LOF_070120_XDT_071720.doc	doc	9b9318fde51ab32fedc80fddd35a8a803afc91d702725e36fbdb12ac0f9cb92b	n/a
2020-07-17	LQ7844290377XS.doc	doc	087e866a6e659b16153a3ad2e219c7ef4b9f4c64703fa87ad1942f582c6dd5ea	27.42%	Heodo
2020-07-17	G_OHB5G43I5QZ.doc	doc	916952ee03739b67a15604a644771826cbc68d6134354e8173f79dfd09466b6a	24.19%
2020-07-17	INV_OG6L02MLD73.doc	doc	1a209526bbc903bb6426ae3ff33f5db71d4241c1d9ec1aeafbe484c07681e315	n/a	Heodo
2020-07-17	IQ3087755816TB.doc	doc	5a6fed1e3fbaf23508b2010143e2fbd9dee8b98f118b8cc1d8ef4208cf8a7fa9	24.19%
2020-07-17	DOC_XRW_070120_JIW_071720.doc	doc	d5606359c71b5217e35ccdb928404788494c2ccbdc3cd2d4026bed510628caec	n/a	Heodo
2020-07-17	PO_07172020EX.doc	doc	5d120f70cd581faa4efdf88f603b50b4b50131d95874ab20bdcaee60772a9a99	24.19%
2020-07-17	DOC_VFO_070120_OKC_071720.doc	doc	2447c611ac0acd22de827a810eec268a381f97d1ba492126db467c44839c6bc2	n/a
2020-07-17	2050594918354437.doc	doc	17649aa7c5391a0f362e6c8f19665ad418b3ddaa2fe2924d455674760721d0ed	25.86%
2020-07-17	42477534.doc	doc	1f9da8d9c9ed9e611f84ed4fddb6280272435ce3d7cc0d132c9cd031c89c7be8	24.59%
2020-07-17	Y_PO_07172020EX.doc	doc	bf72069bdf671e14c551ae12b4b287ab44dc12df4096be4506cb9602154c5421	24.59%	Heodo
2020-07-17	X_LEYITODS.doc	doc	5f0f010296e1e7a326946c127d5305a3a343393b152e146b630fbe76cf6da98b	24.19%	Heodo
2020-07-17	BAL_226035978053134502076312.doc	doc	41b8ac21a20b9d25790a7d7960b95c1c918eb5dec2a6859d57963db63ffbbe26	24.59%
2020-07-17	14543023.doc	doc	e52985c0c74b8e3bf541427378c916e3cf44a789ce7647a6a9c558c05be8c535	24.19%
2020-07-17	FILE_1132300680722.doc	doc	670d90ba6f5742258f18c603da7ff6625fd2a17da2b37d76710a7494cda1020d	n/a
2020-07-17	0IMH6LEPJ.doc	doc	eaf63cfd8797d8dc37a5ac57c57a7a199b53fd23bf6b6b7dc55d8ce3b4e765c6	24.19%	Heodo