URLhaus Database

You are currently viewing the URLhaus database entry for https://critical-thinking.fr/wp-includes/D337bsaxwgioijACjsxWokN/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	769910
URL:	https://critical-thinking.fr/wp-includes/D337bsaxwgioijACjsxWokN/
URL Status:	Offline
Host:	critical-thinking.fr
Date added:	2020-10-30 15:36:04 UTC
Last online:	2020-10-31 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-10-30 15:38:13 UTC to abuse{at}online[dot]net)
Takedown time:	18 hours, 2 minutes (down since 2020-10-31 09:40:28 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-31	TV_GI1VYL9.doc	doc	858159295a83a85ce85a8e18a4398873eb02dfa32012325f963ab2de57c8c0aa	56.25%	Heodo
2020-10-31	list_AY2509558406EM.doc	doc	4ea3b44401112b07c8579bc245bb22ee9c40c153200538038bb8bc8d53f6b632	n/a	Heodo
2020-10-31	P_01951626.doc	doc	369deae0aea3bfa6e8367f494d149dffe4c9a5f821bd8270c06016f0e6923227	52.38%	Heodo
2020-10-31	Untitled_12866978213.doc	doc	cdb79e413c85c2fa4724ac77b430ab5a6a0c770f7f6a640fec00d946a93f5e09	53.12%	Heodo
2020-10-31	List_XG9732670644IS.doc	doc	2cb36ff671181007c49a60cbbafe936340f4465bc46d3451c5ad6cb8086a4eba	51.56%	Heodo
2020-10-31	Attachment_NZ7165561857LV.doc	doc	0ab261e8e21a48f3423dbe6d18512f5e2afbd09fd31af5d5c45d2814c2c709af	53.12%	Heodo
2020-10-31	REP_893210744602090.doc	doc	96636e8803958a85be6974b0fc6c91e24526ae529a00c31dcfdbf3ed761c5304	53.12%	Heodo
2020-10-31	List_MH0063128301KR.doc	doc	5f41c6d26db569d644da86fdc71dd2448e2850998f476944b09e1338411210f8	53.12%	Heodo
2020-10-31	MES_BYH_100120_PWD_103120.doc	doc	b104e5360f8f17268449e97ba36749b921cf7cdd797fdb8a28ffe20d8d9c59e4	54.69%	Heodo
2020-10-31	Untitled_NCS_100120_RDC_103120.doc	doc	3f1565ba4e9c93cf71b5b5a3f3b16869e7c6a7d86a837a32db34f1f0105e3aaa	54.69%	Heodo
2020-10-31	FILE_93648194.doc	doc	a77843eba99adffde7cc22482865a6e64cd0217a4779ec035d11d060982996e7	53.12%	Heodo
2020-10-31	Untitled_88505654.doc	doc	d0173484a8073ed5336acc965770f3875b704785bf08f59a929f20c65512e1fb	54.69%	Heodo
2020-10-31	BTQ_100120_HBQ_103120.doc	doc	a914d86d2a97040bb1c91827828f9ec8e72e18d73ca90d884b5d385e4c9793f5	53.97%	Heodo
2020-10-31	doc_LEX_100120_RGI_103120.doc	doc	9c96edb7b23fe316d7ea6705b137c283da2aba4f7dab4537a681e7e5d031b0ee	25.40%	Heodo
2020-10-31	Untitled_SXE_100120_QQM_103120.doc	doc	4eabd4dcb81c28e86bbfd9ac62090d51aea5a733c96a8f3a7ad130a9841bce71	54.69%	Heodo
2020-10-31	Arc_27343618.doc	doc	26b30e58ed2342d042367ba0487873439d5c9c28920ddd000bb94b3eac79d94d	54.69%	Heodo
2020-10-30	INF_56666460.doc	doc	9918cf9fc52a9d19fe483b17d847fc7fa23d4fe150c5df91abb94e61e932cf1c	53.12%	Heodo
2020-10-30	Untitled_FON_100120_HRW_103120.doc	doc	621f149c8fdf5abbc449baa3bc86423a799301ca3017950f0b173a6977033e88	54.69%	Heodo
2020-10-30	FILE_56322745.doc	doc	22a4eae8735782a3f12e3f7ee5b6d0839cd7c4a8b91dce6ce27e2414b2e5f817	51.56%	Heodo
2020-10-30	Q_18028295.doc	doc	b79376701bfc97b082e9d8d61f6886b399692a2b154c6095559ab1da86e4c518	53.12%	Heodo
2020-10-30	Attachments_WCR_100120_VGD_103120.doc	doc	5041a2eae4b04f23df9804031b3a30e815e0c2310bf42d82176cb89618617933	55.56%	Heodo
2020-10-30	doc_PO_10312020EX.doc	doc	20a348277c58a86bab1a218fd2dc97ea61811eeca81bbab000bf5f0afa562b36	51.61%	Heodo
2020-10-30	list_96784542303857290431.doc	doc	f2413a07e3362999d85fbab3f6c2fe8f228e4567eac899cd565ad65a2d0eede9	53.12%	Heodo
2020-10-30	inf_34843368.doc	doc	8ead4e972ba536f428fbee5bb8f687ff6a1efdae4456aafb1bbb176b37672180	23.81%	Heodo
2020-10-30	Arc_169861396337583071442.doc	doc	4f6d5190871bdf4ebad7eb4520c7a651e3a2f4d8def1ca783c0efb807bdc7ec3	23.44%	Heodo
2020-10-30	Attachments_PUU_100120_XKP_103020.doc	doc	5a995a547c20076ca1850fead69dba97ce8af344b544648dc463a9a18899da74	31.75%	Heodo
2020-10-30	Arc_CP4858631383JZ.doc	doc	894961b5cd902ae1bd280ad4d906f510e47f2d02fba5fc278823a37eabedcc7f	33.33%	Heodo
2020-10-30	dat_48236999.doc	doc	6270902fc810af901f9685bb0b3251f8cf96445514e9bd288b51d51156701665	25.40%	Heodo
2020-10-30	Doc_PO_10302020EX.doc	doc	5fc665986d6e0e5763554e4d9f9db9ccc61b2c20fc408e955d286a458f622f48	47.62%	Heodo
2020-10-30	INF_PO_10302020EX.doc	doc	b0f3557b0ac948f3137f3cc926504dbe28038ea00d282c81a33fd46b93af1c25	n/a	Heodo
2020-10-30	Attachments_PO_10302020EX.doc	doc	023fdae311195c64889d2c87831a470d7c4826a755cd385729dc6bb02281c4e5	n/a	Heodo
2020-10-30	Dat_75022399.doc	doc	166f3880aa773ce0e75712aa20839d2b0f37315533364e3794401b389579ab2a	42.19%	Heodo
2020-10-30	DOC_780862517.doc	doc	b75935a097651bf38a480763eb4c9973e89974666e00bb021c25e21b7932c0ee	42.19%	Heodo
2020-10-30	Mes_76333071.doc	doc	578a7143a40755b7d7601a1b0e3f660137971473556e817d2a0e2ca57bc91053	42.19%	Heodo
2020-10-30	53024471138848106813.doc	doc	33478c951541dfc62cd1b974afa9e6be46b51b140a5228aa4f34f417a17b8a64	42.19%	Heodo
2020-10-30	File_OAB_100120_HOF_103020.doc	doc	0b8a8e7a53d7fe5cfe16dbec4b9d21361ce7f6eb2f21c9ece0c5fdea89d09b74	n/a	Heodo
2020-10-30	MES_IUA_100120_BFB_103020.doc	doc	2c35c7c2a35e6c0d057d6a29697d6caeab76363a0040219edbed385309cb15f6	42.19%	Heodo
2020-10-30	arc_RQB_100120_NIE_103020.doc	doc	9121a79689d2a88dad9bce32476217b48aa14ced73ea3ea2394760e2da314d15	n/a	Heodo