URLhaus Database

You are currently viewing the URLhaus database entry for http://creauture.com/Update/Document/tcFLeJ2BUCFtxBmhjd3/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:757377
URL: http://creauture.com/Update/Document/tcFLeJ2BUCFtxBmhjd3/
URL Status:Offline
Host: creauture.com
Date added:2020-10-27 17:37:13 UTC
Last online:2020-10-30 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-27 17:38:04 UTC to abuse{at}mschosting[dot]com)
Takedown time:2 days, 9 hours, 51 minutes Poor (down since 2020-10-30 03:29:10 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-27list-20201028-IM0702.docdoc a1cb746a234a5724731ed895cea6034aec2e589532190034c5d1520f7b40759dVirustotal results 28.57%Heodo
2020-10-27file-20201028.docdoc 0de43abd8d4f8877ff865f52486cf10fdc2c9c8c627562969e32f6b00ebb36f5n/aHeodo
2020-10-27Inf_AX294.docdoc a7b5befccf3dd1276a60f1cea3f930219e35aa634b378b23b57772f480d9fe2cn/aHeodo
2020-10-27INF-2020_10_28-73383.docdoc dc195bb810b63c35c74cc0cdd8690cff533be0b29da2a5e568c8a03d6b3bc05eVirustotal results 28.81%Heodo
2020-10-27ARC.docdoc 53f11a87c5eb09d98d2ad6807bf4a19a1844cd1c984dcb9365e45650ee7374b0n/aHeodo
2020-10-27inf_20201028.docdoc ef0f8adbe044b90fda85ccfcfb7ce57ee106f835c82e5ddf4ffd7a79b9a40200n/aHeodo
2020-10-27Attachment-20201028-05942.docdoc d935cbc56ac84cce7d244a7e4f959ecc6cf22379b74a0d816d4e81b6a5a58992Virustotal results 22.22%Heodo
2020-10-272376 2020_10_27 2802269.docdoc 19edb720e222817dc696093f3000cbf44dc66691e3b3f096f395366f794c6ca2Virustotal results 20.75%Heodo
2020-10-27MES 20201027 OI8459.docdoc 885bd0f67afc277e86935a0d40269d5acda103ce69562edb2a8992ec925aee8bn/aHeodo
2020-10-27UNTITLED_20201027_711043.docdoc c4478df05ea4d77b2886f04b1a0b8ab67fd66e0f90064c0fce17fdf1171aec22Virustotal results 18.33%Heodo
2020-10-27File MI420128.docdoc a7e1f9d64652a74cbca86328a7acfd3bb739d8528077ac42522f8e5e024273b3n/a Heodo
2020-10-27578_TVY1746.docdoc 8af21c0effa3f3067862a9a0a2a73008a2f67bf0992c10af855463dca389898fn/aHeodo
2020-10-27Mes 2020_10_27 V808839.docdoc 7361bce55fc9bf2abccce87123c812bf499278023d0b206d6ea656a87bf3d592n/aHeodo
2020-10-27mes 20201027 R7048.docdoc 22dbd6df08e41fde302a14a96c115f4b65e89f399d1edc1a14a6504df407bdaeVirustotal results 24.00%Heodo
2020-10-2752257465_ZZQ991.docdoc 014c6092529a2c8fcb1cec8bbd38eaa844a0dde7451752cefc4844dcfee2f647n/aHeodo
2020-10-27List 2020_10_27 39583.docdoc 95d6502baed7604d8057c1835f59629605748e13e17f51a8bb9a35dd55655feen/aHeodo
2020-10-27Inf_86683.docdoc 86c0ac9f02673ffa7c091cc2fefd49bbd835c10feb6e9c3afe23bd6ef682d36an/aHeodo
2020-10-27list_2020_10_27.docdoc a8f90351c28fc268cec63f45f68a993cf9ef9c459b5d9fa23e939791d57bcb45Virustotal results 35.19%Heodo