URLhaus Database

You are currently viewing the URLhaus database entry for http://treatwellonline.com/directions/oixeGsPCBaTiJ5KLEDVhZeGTTHnnGL4CkLVrAe0PrFSX1xvPwZVuCC5qwHBjK/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	936742
URL:	http://treatwellonline.com/directions/oixeGsPCBaTiJ5KLEDVhZeGTTHnnGL4CkLVrAe0PrFSX1xvPwZVuCC5qwHBjK/
URL Status:	Offline
Host:	treatwellonline.com
Date added:	2020-12-22 00:27:11 UTC
Last online:	2020-12-22 20:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU003188181 created on 2020-12-22 00:28:22 UTC)
Takedown time:	19 hours, 35 minutes (down since 2020-12-22 20:03:59 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-12-22	FHN32LOA.doc	doc	755b0648467884ea407cb2be70ee59bdff597edec6e149816e553134e25aaf54	n/a	Heodo
2020-12-22	ODY862OOZWX5V7.doc	doc	fe3fc65fb1e96044ac8d1bc675d4abb6956734dc2e446aa2d073c2808365f6a6	19.05%	Heodo
2020-12-22	F0RKZQ.doc	doc	282e189a38374ce617073f353580971897a17a1eae677743234fa85c73cb5225	19.05%	Heodo
2020-12-22	XAOEQETWB.doc	doc	8d0a380012f874d975499d45632b01438dc0e7a4d6bdf4791c400e375b02acb4	19.67%	Heodo
2020-12-22	07UKHODNCJBMP50F.doc	doc	fabd2798310f1b90dc1321bffbfa1ee8c41695839459d40fd6e32618d3df7ccb	44.44%	Heodo
2020-12-22	FP8GDX394.doc	doc	7bf5d728fcd19d3df1127a4d8648cd870c5d123ce9ea4b10eca54cbcd18e10af	43.55%	Heodo
2020-12-22	VI7RH0.doc	doc	cf6c363eb34d0c34ebdf5b4e79c44e7bbf6a2831b189f929102e3da045fd0b26	n/a	Heodo
2020-12-22	8P50AGNI.doc	doc	b4c07579191b925b8d588484fde55e5ff1e83e7b82f482d041b8913d1f2d7485	42.19%	Heodo
2020-12-22	X2ZDEMTHGP7SH.doc	doc	0bf21df6643e15a9eadc034f6e7bb35aa9d1b1433bad331c1944fe60418e23b7	n/a	Heodo
2020-12-22	BF9MIX9Y2.doc	doc	a85281de5e12bffcd8f98cb6280e13cfd6223c6325cffc92d80ee618c167bc2a	34.92%	Heodo
2020-12-22	0QOFE8USOJ71FVF.doc	doc	02da530f198d747d124f0554938c6718e94f78528286171a3a3298e4eee488a4	36.07%	Heodo
2020-12-22	JEDWC2V74J3.doc	doc	30fcb0b638fa78c9ec712cfdde89641c5d6a6ae28c3bd1fa75b29f9b78855721	34.92%	Heodo
2020-12-22	IHOP9G1DLQRBK5.doc	doc	110c702523b61a449c85889be0f1f3a8b2c0375bc3de47eb9051189eabd03445	34.92%	Heodo
2020-12-22	3IX3PDG7NIRQ.doc	doc	7ec200a834392208ae8521c4804d11ff669137b4265b732a17660527ccf3cf36	36.51%	Heodo
2020-12-22	GBDK30IRHVWB74.doc	doc	0ebdff0201647a1df0ad578dcdfff8ca9e91c379b6183c53845de8e226b95c39	36.51%	Heodo
2020-12-22	GTBMQCE.doc	doc	d1f80b7c07e821a23ed98aea9fea39b3cb0c0e9dd65fee3291a32c01a8086659	37.10%	Heodo
2020-12-22	HC8629MRX.doc	doc	bf71d36b2ba7d0198a2bebd6c351f932fba9da682a76a354de6b798db426a9e9	n/a	Heodo
2020-12-22	T1HQVRZAT.doc	doc	7be2388880d2ad20b0cfa616a726d7c91d2904da8f3f8ad4d2236d3c79e935fc	n/a	Heodo
2020-12-22	151TS3F95.doc	doc	8d81a91518edb9064843167a920609e56978183e85642ee805484047d2629808	n/a	Heodo
2020-12-22	0S63J2TCEE7P.doc	doc	1ebb0eb36a2dba1d5dd9648b8e96e8e7c03fb0cddae7d0060ad0aa7990f5dcef	n/a	Heodo
2020-12-22	H5D8CJ.doc	doc	c15afb6bea1845209d106cfeac84add67d50b3498380a28d7bb6fb47f1b255db	31.75%	Heodo
2020-12-22	29Q8C001T6LIK8M.doc	doc	9720a3e0e322e5daf89a2d48916ae17a8d58eadcf34fdbddd7955ecf2d7007e8	n/a	Heodo
2020-12-22	BADA6O1EB5.doc	doc	3ffaf475cb8655c59598f2c4591efaf0b153a52173bfb3a63c238008edb72201	32.26%	Heodo
2020-12-22	DRMDK7D81L7Y.doc	doc	10b2c41404b05b905ff8ca14da050e9a25a7c6297bddb80244d9cd437fca5072	n/a	Heodo
2020-12-22	0FHLSTNS7K.doc	doc	e18f34fd2b761c5ff699a3bb1e6bf4fa2f9d43f91cfc0ff44794e8ae7e4ae926	n/a	Heodo
2020-12-22	4LUJXFKUKPGZLIPM.doc	doc	40662dfab1c2354498969010dcf09c1998267de262631c1d19b8b7596278d92b	n/a	Heodo
2020-12-22	DY7Y5MLUQJZ5.doc	doc	5e7b5f66817d31d512e968c0de66f4f686e74249facf010c218e49ee144c57ca	n/a	Heodo
2020-12-22	0WWEPB6WUMYEU.doc	doc	d891344c9d8a55fb3c94ca53e96c96b05a56789cf097d10b30e9f0533abb1665	30.16%	Heodo
2020-12-22	EB7XW7SAT77FA3D3.doc	doc	fed94c0a35c3aee2ff982f1f4001348cd2f048009efffc9676fcdb1ad6ebc374	n/a	Heodo
2020-12-22	3JT84DCXWGM1TV.doc	doc	8c609a2a6e8a0753a2e8749e054a04f699c4bc379523bf3029413cc4f61163c8	49.21%	Heodo
2020-12-22	VBO1GEKNM64RG.doc	doc	e7089d2cfc740d86a12a70fd5c0277858daa9ab9083a4b01b2ff7873274b6d17	49.21%	Heodo
2020-12-22	9WLRXIITMIKUK.doc	doc	7f0db28f42defa949deca1a03ba0d33617c04b5e114e187e9b65b67639d750b7	n/a	Heodo
2020-12-22	NA1V406A5N59J.doc	doc	99791db1cb487d25ca3160836589adcad5fc57a1dceecd3cdc82ecbee51716be	47.62%	Heodo
2020-12-22	PVQEJH4VG9ODX0.doc	doc	419de57605bb9474687edcff1207a053c0da9c08c58d7ad4671981603cc08743	47.62%	Heodo
2020-12-22	3NYJ3026UU.doc	doc	716592916c6f39ede3e673f03bfadfc09349bf29a45ad31bdd83faa58b0efc0a	45.16%	Heodo
2020-12-22	FRDF682PG.doc	doc	2e9ec962d345ba4cd081dc1bd3c89f72f8e52fa86cc06152f1cab0ead72042b7	43.55%	Heodo
2020-12-22	95U45PR4H.doc	doc	cff7b2d4fb395de88b4c8494f75e925c14e735c01f9a79572938f9c6c7f590a3	n/a	Heodo
2020-12-22	X4K6N93GRQ7KQMZW.doc	doc	a02591c24d3c86f54be79271c7ec7e679141ae9245b3ac62da5d6f382edc0880	44.44%	Heodo