URLhaus Database

You are currently viewing the URLhaus database entry for http://agriex.ca/fsly/9/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:726551
URL: http://agriex.ca/fsly/9/
URL Status:Offline
Host: agriex.ca
Date added:2020-10-21 01:41:06 UTC
Last online:2020-11-01 20:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-21 01:42:12 UTC to abuse{at}alchemy[dot]net,dnsadmin{at}alchemy[dot]net,support{at}vitalix[dot]net)
Takedown time:11 days, 18 hours, 19 minutes Bad (down since 2020-11-01 20:01:18 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-22OH2723943152CX.docdoc e2e2fc35c9bd68222d8b6d5f8956a22d89314dd8c3eab9686f3b069b37602520Virustotal results 48.15%Heodo
2020-10-22BAL_4FR32DU9OUILVN2.docdoc 7cd6a76199b264747b5a649c770e2ba84a31960ae8ebf52b5bfceeac50a97676Virustotal results 44.26%Heodo
2020-10-22FILE_DQKAO1TZF99O8D0F.docdoc 00b5ed9d27b648625d7d287b5073938811a0a2684b6ad6351ca8b0e0cc5f1a54Virustotal results 43.33%Heodo
2020-10-22DOC_5567500915676948722299383.docdoc dd055276d1101a557a37395ac268b9bae8e80f89011d5c312f41d77128ac7898Virustotal results 45.16%Heodo
2020-10-2285672286.docdoc f3bdfdeda759d384ba2dfe4792bab80ad4aa7354badad324c69e0f4c095cdef2Virustotal results 45.16%Heodo
2020-10-22A_PO_10222020EX.docdoc a38321c667c6b33ab54aa7a5af2f21aab5771ee420032b140ada803af1dc368dVirustotal results 47.17%Heodo
2020-10-22INV_97424805.docdoc 907f854fc6521eb1d37065fd3e9fa203e1370cd9d176f1fbbaa961139c9f19a0Virustotal results 45.16%Heodo
2020-10-22O_TECK58F4KP.docdoc f39d13c26959e06eb9aa04ec31a8822178439aa7347af0f06173b5a6217c5102n/aHeodo
2020-10-22REP_QFYXZH89.docdoc ed5ed9c256dc24f5aeffc1b9b0e7dba316c5c13a1966b7243770318805567ec9Virustotal results 44.26%Heodo
2020-10-22T_JAQ_100120_QNN_102220.docdoc 53ce991a6af876309c419c3008a3863cbcd68f4b1020a07293d0c17aca9eba23Virustotal results 43.55%Heodo
2020-10-22INV_09471249.docdoc a78a2682db9e96335294df8912a7cd0a843bc011ae898a7fc211f79aea919fa2Virustotal results 53.23%Heodo
2020-10-22INV_RKI_100120_CBX_102220.docdoc f00791295a21f7fea2b5a3fc6f14be08b6182388080f8e0666bc87ef8201a362Virustotal results 50.00%Heodo
2020-10-22TKAONMJG4EG3YWB.docdoc fe8d90884de697451ea446a5dfd254041d252229a8a17175f11f77486dcdc4d4n/aHeodo
2020-10-22BAL_68527OTH5J79PL.docdoc 7b89c410abec246746b6cdf315ae9239982f1a31e0a7629d46fa1e0dcbe7329fVirustotal results 46.67%Heodo
2020-10-22GTA_100120_ETZ_102220.docdoc 5216126689ce29d0ead65c0774e9b395ade4b5c2ce71e69d464f3a603a22bdb4Virustotal results 50.00%Heodo
2020-10-22514765355014652.docdoc 486ec0b6be1825886bf09579218543b12ad5ee75da313f4aefe0f9ad0b027f89Virustotal results 47.54%Heodo
2020-10-22DOC_PO_10222020EX.docdoc 0e04f78f02f0f9fcdb39483727feb5378dd09035b80679065c5a4b43687170b5Virustotal results 49.06%Heodo
2020-10-22X_PO_10222020EX.docdoc 2622c411514e2ebeb404ff72a11abb8b36da194d0f09dcc95869802a01cf4a20Virustotal results 46.67%Heodo
2020-10-2215542846985792307833766.docdoc 29747a11e9ffbd0668f9b880137f1051a27677c4f3bf0a17ead5299fb5857946Virustotal results 46.15%Heodo
2020-10-22FILE_71171386.docdoc 7a9d24e23c3cd1701c2de8826db43aa1dc7d2b73c6c4fd50f491276725a2ad4bVirustotal results 46.77%Heodo
2020-10-22H_123229261685833.docdoc 8cf9bf37fe3de456cee48cd50ac6487278290ce4038eee214389512625297016Virustotal results 45.16%Heodo
2020-10-22REP_SUB_100120_EOF_102220.docdoc 2ea760060d8e71ffce91d15fe31085ec999ed299d9d13e35dcd0544f8d361b59Virustotal results 43.55%Heodo
2020-10-22S_MQ8074777931KM.docdoc 95c62759d32e2a426433130be7fc1c17a3d3787359258f3af33f61760463eeeeVirustotal results 43.40%Heodo
2020-10-22UBD_421285231386971822.docdoc c4453119ba010924fa6571eee7895d995ccd52dcc8380f3b65aaa2bb6508290dVirustotal results 42.59%Heodo
2020-10-21REP_VZ0224700839HH.docdoc 3af63f662ad3afb788f4f65538788a97811e2a45d869bf83d5ac6dfa9a2251e7Virustotal results 41.51%Heodo
2020-10-21PO_10212020EX.docdoc 890535144da2084ee8e9431e6521be9719100cc5bec7679a4d7bdce3763a692cVirustotal results 41.51%Heodo
2020-10-21GQ5064931880JL.docdoc b730b36a22a6d6da4bf394e59e3bdb0a0bc32a3adc8fea6f568a58b926a7fdc4n/aHeodo
2020-10-213019880791.docdoc a05b8c753a48bba69740d8514a6250046f4fcbb93897bff83883371513947fd2Virustotal results 40.00%Heodo
2020-10-21REP_47460563.docdoc 5603b9a3314a6d1e9220de7c0d42d8fae17921bf022ea4a8be18d5615989848cVirustotal results 40.00%Heodo
2020-10-21BAL_YM2M8ONYLY.docdoc ee8ef9beac4202e018577996e293215dd2cc1e260bca0ac0a38f9abcdcd4fa2dVirustotal results 33.96%Heodo
2020-10-21FILE_8RGZPASV.docdoc 202d0af84b5b68cf2a54ce8f9afa3befc8f994b934e380cbc1dab9dfdbd11bccVirustotal results 30.65%Heodo
2020-10-21JFAA7MCU6JARZYH6.docdoc 8a2b904ad14790b5a69146c0f573dc2da8adc472159bba2aed0afdfe0a550d5fVirustotal results 27.42%Heodo
2020-10-21PO_10212020EX.docdoc 7949b4d0968d00fc2389b53de17b02be73ad571b4c985f95e0105cd6b39bbc33Virustotal results 26.23%Heodo
2020-10-21MZV_100120_RPB_102120.docdoc f99f175949bd5a0dd1daa81ebbba94b4c80534368ce0192f1886c0babde234d6Virustotal results 26.42%Heodo
2020-10-219394768252240217674.docdoc a2767289b35cab514b56d67ba9c1c02f16035f42f8a1f65307e71cf9d9175206Virustotal results 22.03%Heodo
2020-10-21INV_67328339.docdoc bbc690ca2e25b1ae6cde7c2e084a18e48dd3ea9f2d4b51a27a9dccba0b03ecedVirustotal results 33.87%Heodo
2020-10-21BAL_33018633912364.docdoc 8afe1388f2757e768a8714f2f6543de0464e092f33de3b865b11fa6fcdf38cbfVirustotal results 30.00%Heodo
2020-10-2134762346.docdoc f647e044db03f36251bf4a293d89b0d2272806920917eeb10166f289f3a6a503Virustotal results 32.26%Heodo
2020-10-21DOC_RFN_100120_YVB_102120.docdoc 0ee34b08635cebc909a2b1768d921c645fb1cf94ddf18ada0c4a5bf5f9481bf2n/aHeodo
2020-10-21M_FSF_100120_CBY_102120.docdoc aad3348c28dbb9e0a038508e8fde9f2771e550228320b8ebc0f6cf1d11c39945n/aHeodo
2020-10-21INV_KEX_100120_DZP_102120.docdoc 7fd4239f8f25bb0287746f554cbdffc534ced3346467f2a882722772a9d44d34n/aHeodo
2020-10-21BAL_M9ARJT8XPEP8M.docdoc 4a8ef7b61c8dea7745464f96999dcc37abec856e23e55bc6eaa7ef374a6c1878Virustotal results 32.08%Heodo
2020-10-21X_02GDNMQWR.docdoc 9c9beac25f445712c09a5b1f4601068d13ec9a374405fdd9e37c07dd6d189201Virustotal results 28.33%Heodo
2020-10-21DOC_11670296.docdoc ade7ee034ccce02004ebcf42088a9174448fe99ee93da5cc8c7a34fc42b5d7d2Virustotal results 30.19%Heodo
2020-10-21FUY_ZZ6956944352HF.docdoc c01293cbf44eb0891823207d0b98d05d1074414439d414610dfe04250424c5ccn/aHeodo
2020-10-21FILE_PO_10212020EX.docdoc 1865098fcd518717e48cae856ca1cb02c85a12a37eac4934fe3ec1a7ac2040acVirustotal results 25.81%Heodo
2020-10-21FILE_N2XZ272Z95M3G.docdoc 3c7b26a013548adeebf30936453b373c34b920df67fb1b135775f0ea8ba32341Virustotal results 50.00%Heodo
2020-10-21BAL_67573290.docdoc ecf5ecbbe5e2904306de22bb28532af5b7e0cbadc8446cbb2fa456255683e972Virustotal results 50.82%Heodo
2020-10-21INV_6YRZ9VTGL8.docdoc e6335af6ecbbb9d05de5332fb55088045d8066babe6f9fb4cb05e7097ce44046Virustotal results 48.98%Heodo
2020-10-21BAL_FRM_100120_DOC_102120.docdoc 3f28d23c6650e22fa69d824efc5153fd46fecbbdbd236ae7b4ee15bae4ef556dVirustotal results 49.06%Heodo
2020-10-219H7U1KT79E8.docdoc 7bb0c64469d6f91a86db62a275cfbfa0b6bbf04e10bde77f507649c0adbd844aVirustotal results 50.94%Heodo
2020-10-21O_86750034.docdoc 66ff2845aa49250c6a643867ff07164647006a80a5fadaddb5d41c99fd6b9452Virustotal results 48.08%Heodo
2020-10-21DOC_80866144.docdoc 1c69c8db95ce9e60d2cd1b61601b96a3a5bca68602f2da10fb5cbcfd2e354401Virustotal results 54.72%Heodo
2020-10-21BAL_MKE_100120_VFI_102120.docdoc fdf5102af9db589345a5c7d4e747c98489a7341147058b2a42e337a03fa62baaVirustotal results 50.82%Heodo
2020-10-21UILJR9OITJ.docdoc 9166a4f2e7f6b56512ad7185a5b2930a5ab9c6e592a2def1ee629d5c553d9a7fVirustotal results 49.06%Heodo
2020-10-21REP_0CSUJ1JRQNQZ.docdoc ed628dca8ed590c827cf2e732b0b1555821315553d3f1bb38da11b8cd2da7ca2n/aHeodo
2020-10-21SLN_EX4171592756DQ.docdoc ef31028a7bfb047b5233493c6b8e14ac6fa49ac6d022b6e016a22276a4be732fVirustotal results 46.67%Heodo
2020-10-21REP_36062516016.docdoc d0337f9e3f826764678ff11fd7e2b49a84db21bd33615cd0cc63e6654c502d9aVirustotal results 46.55%Heodo
2020-10-21REP_CRB_100120_NJZ_102120.docdoc a22d83a786eb7f5a04facaabb04117ecb5f8cdf09fcbb8405c0a70c97a51f225n/aHeodo
2020-10-21REP_31898102493217894.docdoc 730dc7281140bb144e159ad27638ff4f4d3a021999727a26b7731250343a3f76Virustotal results 44.23%Heodo
2020-10-21INV_41696695.docdoc 614bbd10017422522d46a734ed08de066834e449d5802b036b0231a39b0c043cVirustotal results 49.06%Heodo
2020-10-2109288698.docdoc afcfe7ff49c2df7f47347c4c49d64ac3f027b1c79f5d090a0daf526fd65d859dn/aHeodo
2020-10-21DOC_PO_10212020EX.docdoc b5f8485da1270855c2866456988ce8010f5c32c69fb19f324859d685e719fa3eVirustotal results 40.38%Heodo