URLhaus Database

You are currently viewing the URLhaus database entry for http://vol.agency/wp-content/5guw5brb6e9j5r-ss1y4tqdwg-module/additional-warehouse/5366813583282-XkLsANtcGFGrGvMs/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	307653
URL:	http://vol.agency/wp-content/5guw5brb6e9j5r-ss1y4tqdwg-module/additional-warehouse/5366813583282-XkLsANtcGFGrGvMs/
URL Status:	Offline
Host:	vol.agency
Date added:	2020-02-04 09:22:10 UTC
Last online:	2020-02-18 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-02-04 09:24:04 UTC to abuse{at}kryptservers[dot]com,abuse{at}vpls[dot]com,abuse{at}krypt[dot]com)
Takedown time:	13 days, 22 hours, 21 minutes (down since 2020-02-18 07:45:45 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-06	Rep KTV67904.rtf	doc	71f46630f6de4f24b035f374af8e43a6072164d3deaee02f9d6da6dc9267107b	21.31%	Heodo
2020-02-06	file 2020_02_06 319759.doc	doc	d0ba1020328bfa59129c6d94b6bfd8979bd652574b24407bcfdadc75fcf28fb4	n/a
2020-02-06	ARC-D32736.doc	doc	5c3ce056d5c4c031e62f29306f27698d258d673ab890eaf2c2bd06487933aa00	n/a	Heodo
2020-02-06	LIST-2046653.doc	doc	84e6bb18fc4d5994987feb9edc02eaaec7cc0988b27845fb8735d3c45591e5cd	31.67%
2020-02-06	ARC 2020_02_06 134.rtf	doc	702b22d598064f664dd6fbf97fb50364269f0215cbeabf867165861dd0b7d82e	32.79%
2020-02-06	Arc_2020_02_06_IO733526.docm	doc	9005832cf404bc1202dcad8865b5250a9826f2fa18a6e23ee0a7e705c1d63ab0	33.33%
2020-02-06	Inf_2020_02_06_QQK82240.doc	doc	74491fc6dd7ba85729f150a091baf5019a4a9cfcfa8e7bb6d450c9edf7762fb3	32.79%
2020-02-06	dat_3046.docm	doc	77016ff9da8e219908f060ccb135597a6d365ce13a53cb4f40e13ec91bbc37b3	32.20%
2020-02-05	arc_2020_02_06_Z1181.docm	doc	335e92129e141d12928fdc17fbb6c1dfe8b6fa59b2ff2a4ad0c60f4f0637ee83	27.42%	Heodo
2020-02-05	dat_20200206_PB815757.rtf	doc	8f2fbc53d8f8bdf05da88e924c8a768a3553ca543aabe034572e0b0f2b38486a	26.67%	Heodo
2020-02-05	arc.doc	doc	c1d36e9aab2030f23a10178cc432f92255b74c7e2382840bbae1ad7c099e97a9	26.67%	Heodo
2020-02-05	LIST 83612.rtf	doc	23f4a774007e2fc64a2824e5973bb695a64667d8d832fbc29806976dad67d7f7	26.67%	Heodo
2020-02-05	doc-H050.docm	doc	47ca3de0e80a4e9571311ab0b2470ecc29d18c990b063b57aef1818e5a3c260a	26.23%
2020-02-05	list 2020_02_05.docm	doc	c0b9c90ce017a4e5196e744c7948464ff57431da4a1d820793c5aea57cc0a095	n/a	Heodo
2020-02-05	Arc-20200205-YB012.doc	doc	da0b1e331a89bd28e4338a886d224c01e9194a764a6ded30bac8b16670a589b3	26.67%	Heodo
2020-02-05	list_2020_02_05_WP89537.doc	doc	20b603562ad65e466c27733e3ba8368c3ed83caeec165555f4a935ed0cc6d4b1	26.67%	Heodo
2020-02-05	mes-6394.rtf	doc	f4dbeab20387f793a3dd0b39d717b27c6787e02951aa4ef7cfeb0d156b75697c	25.00%
2020-02-05	ARC_2020_02_05_6928.rtf	doc	6228be42f808ff1c2d59dc6df839b24c07a9e9640fffea33d21e69f3b2765a69	n/a	Heodo
2020-02-05	Mes 2020_02_05 8027654.docm	doc	e017e89646b0d091bc67504f4318ea078b5a279edd898f418ff735e40c432e28	25.00%	Heodo
2020-02-05	inf-GL859167.docm	doc	4a45120dce1cd34a211f66e94d6a16a0e567d8aa85527c6fa830f99691cd1816	24.59%	Heodo
2020-02-05	dat-2020_02_05-039006.docm	doc	6552a6b01beec690c8ebf79b58d1397c3e9449e2d59c4f17b1d0e24415fdc05f	24.19%	Heodo
2020-02-05	INF-YAZ537679.docm	doc	add57fd6782c427fbdbab1e52f313746c594f78a352135f6961c6e7d3d9ea2f6	24.59%	Heodo
2020-02-05	rep_10559.doc	doc	8da9b64f05685802f69618feda838a3f4331363e5e7ad48cc004353b8a4dac2c	25.00%	Heodo
2020-02-05	FILE_20200205.doc	doc	49935d065197043a5954f5c0af2fde686f0dc8e83a648ca5377b249246310dde	36.07%	Heodo
2020-02-05	file 2020_02_05 525861.rtf	docx	3c0292963e5af1dfc8aa14b1b0408c3d3e0873fde4dd75962bd380b5aa67eb36	34.92%
2020-02-05	File_2020_02_05_KP660303.doc	doc	e96b3b96851ad8f49fa155f44b5dad11bedded8a6c96898fa814e872822f3eec	35.48%	Heodo
2020-02-05	arc-20200205-RHU766102.docm	docx	a464fbbd0fd6eb2e09bb5c04dd46379d3cf1c4f67eeb3f4e9f0b9f7896a2192f	n/a	Heodo
2020-02-05	LIST UD7239.docm	docx	ab25cd8065a0df8608fcd69bd29689ae7657b263b8290a459052ff0cfcac3951	30.65%	Heodo
2020-02-05	dat-2020_02_05-727.docm	docx	87bf983815a7bdfc6fda722fa02b1adef0c064fc60a443faed053662ba92a74f	32.20%	Heodo
2020-02-04	MES-2020_02_05-107987.doc	doc	f2d5330b5aa423a1c21c6f960154447080fb0b6a7747307519ce8d57a310d1a0	29.69%	Heodo
2020-02-04	File-BH721922.rtf	docx	f189891eacbacefcd510376ad44060a48962b25cfabcdd82b7845acdb512bab8	n/a
2020-02-04	dat-2020_02_05-81759.rtf	docx	ec4146a69e81f690514da6199f759c184964dbe031f6ca7850b4af5d0d365150	36.51%
2020-02-04	mes-2020_02_04-O9247.docm	docx	cf00a0e13bdc326ecf08bd0238ee35c3600642133c7f84f69b0434aa63bfa291	32.81%	Heodo
2020-02-04	Doc_20200204_5369.rtf	docx	226e3d9397801a0c20fc12e65373887d6b8e32d5d47ea818a8b891be4513e330	33.87%	Heodo
2020-02-04	list-2020_02_04-7668.doc	doc	b652230d0ab5eba2fd05573b7ef10013f6563c1bb9f64d5f5106b15cc8a5ade7	31.75%	Heodo
2020-02-04	rep_2020_02_04_1279.docm	docx	265e4a2697fbfecc43edb76419d9e4a8928492d01b548cd7d6804226d6b2a593	37.10%
2020-02-04	mes_A82291.doc	doc	786563efb876e891aa804967d96e0a176417ad2c731e93a1fd788cc7d15d57a7	37.70%
2020-02-04	FILE_20200204.doc	doc	b12a41580ad93b35de12d010debbbec2825ebb5154ffc8142ca41497ec0fad7d	n/a
2020-02-04	file 365.docm	docx	8abe3476f2e6ec41653192f2adc6b6095371ddb2fa46044e4e8644c6e5d9694e	36.51%	Heodo
2020-02-04	Mes-2020_02_04-L269526.doc	doc	167323f590c8eea01e897581a3de8e00606c176ff6518fd3ac0a3d64dd2e7d9a	36.07%
2020-02-04	FILE QYF557654.rtf	docx	4797cddac2f4b88206c147e98842f78fb081f26db474df81a02a7a05c59865be	n/a
2020-02-04	rep_20200204_732.docm	docx	66fbfabc52fac899652f0e490be589ec3d3c5d3cf233ca24171ab6d8ff55a50d	34.92%	Heodo
2020-02-04	Rep-20200204-UU542803.rtf	docx	29d71c405f029109b5b6a5eb51f5f957a706b5130105c3abd7e3e97cccc66c2d	36.67%	Heodo
2020-02-04	rep_2020_02_04_43638.rtf	docx	7b505f95b1d52aa65fc1d39522a6928b5978d4f8c24b435ee76f64a411fd0404	34.43%