URLhaus Database

You are currently viewing the URLhaus database entry for http://butterflyllp.com/wp-content/payment/awroi7wvs0wldtxnpszh8cnzl6rm3/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:726289
URL: http://butterflyllp.com/wp-content/payment/awroi7wvs0wldtxnpszh8cnzl6rm3/
URL Status:Offline
Host: butterflyllp.com
Date added:2020-10-21 00:22:03 UTC
Last online:2020-10-22 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU003024874 created on 2020-10-21 00:24:05 UTC)
Takedown time:1 day, 16 hours, 37 minutes Poor (down since 2020-10-22 17:01:12 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-22NX2609237261YE.docdoc fe5ff5b44dde8df916f46992574027192d8a8bf4ab36091fcb25905c0afa6afbVirustotal results 40.38%Heodo
2020-10-22PO_10222020EX.docdoc efa1d7a9bc5b3024e086cf73856ad6e8d6c6b5ee6f1d643e259cc6c864b3ddaeVirustotal results 38.89%Heodo
2020-10-22829299193567.docdoc 1398dfcbea47214d59bb327957bac69b2db7c06a50da13399c63aa797fa5fa9bVirustotal results 40.38%Heodo
2020-10-22BAL_QAH_100120_QYF_102220.docdoc 7c71fafca986099769e2024c6dee88d63a8153f7f0b7504bab1b8bf8d9d01724n/aHeodo
2020-10-22REP_AML_100120_GEW_102220.docdoc 5f797ffdf10fea5ee7b50bc74647cac73cfc4cef96e92d346c842e6cf3df339aVirustotal results 52.73%Heodo
2020-10-22FILE_75741500.docdoc dbaabade31310d7ea19505af37f499cb847fd738eda162ddc261e6b75951d8ceVirustotal results 48.33%Heodo
2020-10-22GHI_76858772.docdoc 06dc08ea7da16ee44235f6f6009c538b3db08f6198613fbf8c66be4446da7e6aVirustotal results 47.54%Heodo
2020-10-2267510983.docdoc 81212e2cfa49f33852afa0465e2c4c9fd4a245340e8847009dd5d40bbb0f6751Virustotal results 45.00%Heodo
2020-10-22HZW_3606725569445116.docdoc 281fcb9e82a55c60840b10818420ddbe066733d18c4c275c38d01280d171c8b6Virustotal results 45.90%Heodo
2020-10-22GHGD5U3EC76.docdoc 7eaf0df9dd2a33ee958384a9472366f58f1c0a204360efea6a7f8b0d298560d0Virustotal results 45.00%Heodo
2020-10-22BAL_4006019468998843050.docdoc b86c1f13c4ef248f41ef298808f6597bdda3ad15541943eb545deaee02f4b849Virustotal results 45.16%Heodo
2020-10-22INV_HJ1463659231CN.docdoc e2e2fc35c9bd68222d8b6d5f8956a22d89314dd8c3eab9686f3b069b37602520Virustotal results 44.64%Heodo
2020-10-22N_OOY_100120_CZS_102220.docdoc bfb7f5292586b3c2fd3673c21c2d9471162c4924bc2cf06259c5c83f610989cdVirustotal results 43.10%Heodo
2020-10-22P_3190809442973619.docdoc f3bdfdeda759d384ba2dfe4792bab80ad4aa7354badad324c69e0f4c095cdef2Virustotal results 45.16%Heodo
2020-10-22RN8092833755CC.docdoc 4f927bd188b87a47398f9e9fe9bc9d4ba4d56d813e1c3183c1b5818a82696076Virustotal results 44.26%Heodo
2020-10-22BAL_9Z8QGPG6J1PVCYI.docdoc bb66afe308a4f9aac368840effb767d5fec62db675e7d03e6f7d4b9dc52fd30eVirustotal results 43.33%Heodo
2020-10-22FILE_550316849001875698414.docdoc 0962178a6edd34473ee5ac0f0dcd4ebd1ab30286664db2bbe2782ddbc4f7477dn/aHeodo
2020-10-22Z_HKPD32ECGTI.docdoc a0243a4563a80af248dbb0edb4edf460e9d05ee25685c8ab335a423379b7cbb9n/aHeodo
2020-10-22REP_PO_10222020EX.docdoc 7ea7e8e50ed5f1d982d9e997b05f46be02dd03e44b514e6b214f687eb011605eVirustotal results 45.28%Heodo
2020-10-22FILE_2038316653980.docdoc 79eac1acb26ebc7de50c343fc40ea055096be22d66ee6769c4180cff5a20468fVirustotal results 51.67%Heodo
2020-10-22BAL_557887423116769.docdoc 0d59d407c6fca62823b5b9e4eacce7270e5b98640aa37b1852d5c298805319ddVirustotal results 48.33%Heodo
2020-10-22GS5930021343OC.docdoc 56126f16e90d28b3bc7e4a1460c71bd6ffb7763f79d17ecc274e8c6988c8531an/aHeodo
2020-10-22JLMV9LD57F.docdoc 34b4f674b3fb2522db0c058e836245655b4588f4bd0b35b5c2bbfcc3bc75916dVirustotal results 49.06%Heodo
2020-10-22INV_KGC_100120_JDZ_102220.docdoc ef3eda0a0ce827c44632df7b430f082bf54965ce02293734e942776bbfd2b1fcVirustotal results 49.06%Heodo
2020-10-22H_41847603.docdoc 056f25e8944119ad3d9d651d77cc32cef6621c5cb3498b47161738be7aff416eVirustotal results 49.06%Heodo
2020-10-22PO_10222020EX.docdoc 486ec0b6be1825886bf09579218543b12ad5ee75da313f4aefe0f9ad0b027f89Virustotal results 47.54%Heodo
2020-10-22INV_IDU_100120_PVC_102220.docdoc ff7bc571e097d09b02234d6bef98da4468da5c7dfc197e2cb20f1a00eb85f61eVirustotal results 45.90%Heodo
2020-10-22H_25685989.docdoc 00be3474f86c64b8ed871822ccfe02e7bdcbb4b5132682ee36915e8553952648Virustotal results 48.33%Heodo
2020-10-22BAL_MW1021028811QP.docdoc 9fe7e239b00579f78275ddcdb282bf2b112dad4d3a0bbc7f183e800244486bb9Virustotal results 48.08%Heodo
2020-10-22DOC_PO_10222020EX.docdoc 4876b24f79e4db4a3df03efb480f32506ce94c7c60c1410d47b6722a66765552Virustotal results 45.00%Heodo
2020-10-22INV_91623480.docdoc 7a9d24e23c3cd1701c2de8826db43aa1dc7d2b73c6c4fd50f491276725a2ad4bVirustotal results 46.77%Heodo
2020-10-22REP_5663008624425074.docdoc d6a01afe9b81e65f663d1e158125f608fabf18a1b663d705398cf817f9a95c21Virustotal results 45.90%Heodo
2020-10-2248744721.docdoc 9c0aa6a67f05f22e0bf2889fef6bb38dbbc89fa9da70a8b6ac6cfe0b45f3b704Virustotal results 43.33%Heodo
2020-10-22BAL_PO_10222020EX.docdoc 2da1ed7b630f4a606c6c65a41dc9c852015d64174113023eff5a63c64f5eac0dVirustotal results 40.68%Heodo
2020-10-21FOHBF5XG8KC8K.docdoc 0ff220d90538db68f12796da43439ff4b8cfa6fe238bf19c8da81c8463f2c4ebVirustotal results 40.00%Heodo
2020-10-21PO_10212020EX.docdoc 890535144da2084ee8e9431e6521be9719100cc5bec7679a4d7bdce3763a692cVirustotal results 41.51%Heodo
2020-10-21BAL_8X4SYM7PI3L3SRC.docdoc 00121862d5519145af1bd9333cebd569ac5843527b581dedcb4505cbd9488c0cVirustotal results 39.62%Heodo
2020-10-2136844904.docdoc 45624f05bc4fd26e7a1d0263d25d177e1296ffbc6c459542f3e64709f517f1ddVirustotal results 40.74%Heodo
2020-10-21DOC_PO_10212020EX.docdoc 0a5d824ca0ad50ddefe5b2ec81f933ffdbcdbe615da5a32ae460f4ae70a85be5Virustotal results 42.31%Heodo
2020-10-21Y_EN2624064402XS.docdoc 8e3cc05fdd4cd3001e044f7a7bedd7908cffdeb65bc906bd214a483ac4dff96cn/aHeodo
2020-10-21INV_6334754114820209944957678.docdoc 7606c587c9a22687f99deb394aedd9be63d066c53c44d9cb78dc3a03319f670cVirustotal results 29.51%Heodo
2020-10-21FILE_27725550.docdoc 8ce534c1cab5a87f1d3b7962eca1fc801060b44f8e8869701afc0c011604d317n/aHeodo
2020-10-21DOC_ISK_100120_ZPK_102120.docdoc a25f6b18acb33e6fcd32f81d686d793d38c299f1b42e561612c3ea67679975d4n/aHeodo
2020-10-21DOC_HPE_100120_CKC_102120.docdoc 638d2c28c891f1eb997a450dbdc2f6f1a83b000d7b617d3000cf2b937275de99Virustotal results 21.67%Heodo
2020-10-21REP_56199877.docdoc e6f5d10a926ef5f57f49e7b9f0aaa1b4a094e51ed21175e2485db666725bc3den/aHeodo
2020-10-21R71UF9XWBRHO5B.docdoc fe647619aa21d737e9f948fb92a9286a5f03bac06ab881535069fe060bfd622cn/aHeodo
2020-10-21K_HYX_100120_WPT_102120.docdoc 726fe6b07eb73d6068f54ed6a6d61d76252af6ae080d1e41194e36dba8106a4fn/aHeodo
2020-10-21Q_PO_10212020EX.docdoc 52caf1a070aa97f41dee32688e691efd22f50efe87a8f77d4a36a28281c19136Virustotal results 32.08%Heodo
2020-10-21REP_UA1612580793GK.docdoc fc956fdcb712699a094490c10177653c5df72d2913d775aeb75d9c676f04e31bn/aHeodo
2020-10-21NXS_8DXVGMHIZ713M.docdoc ce72abdb386adab53d71d068388c21107144e7d9c1acfa2f898d0ce6d7b2acefn/aHeodo
2020-10-21INV_ZVX_100120_SEU_102120.docdoc 7fd4239f8f25bb0287746f554cbdffc534ced3346467f2a882722772a9d44d34n/aHeodo
2020-10-21REP_B882JERT2KGK.docdoc 9c9beac25f445712c09a5b1f4601068d13ec9a374405fdd9e37c07dd6d189201Virustotal results 28.33%Heodo
2020-10-21INV_14933154.docdoc 88c45b613e6367cbb58e012779f1cd95ff6a44efc175b2163185aa309e18573fn/aHeodo
2020-10-21INV_423395169.docdoc 07dbb0f511ef2ce6007a7b576be51073b953253a7e7182b361b06036e6a82f84Virustotal results 29.63%Heodo
2020-10-21FILE_PO_10212020EX.docdoc a2ff9d64e27e7cf089d0bfa4d9bae935db0cc9881bf6767dd311ccf653fe64b6n/aHeodo
2020-10-21DOC_NX1LFHARM990IA8.docdoc 442199396365c09418756cb80ff20ce46129c4a0cc2cfc6dabf5e8bb2cc42437n/aHeodo
2020-10-21BAL_IK3278195290XC.docdoc af36ad567085faaef5425d233641e227fdf842e426001e855103b942dde705efVirustotal results 46.55%Heodo
2020-10-2191GDGV26EL6KGQS.docdoc e6335af6ecbbb9d05de5332fb55088045d8066babe6f9fb4cb05e7097ce44046n/aHeodo
2020-10-21LAAUTH43BLLPX.docdoc 389ad5d9d72b446e4ea03160b107fdc48402bcc7c9f664d73851ebe4d4c7b660n/aHeodo
2020-10-21JLQ_HAO_100120_TKR_102120.docdoc c8b17ac2998849beb6bb8ea8fbb40c2457402574ec8c6768a54a0db63c8ecb8cn/aHeodo
2020-10-21FILE_VV8313310121WY.docdoc f6ca28aa0ec1ee28ce246d787de062e5b78554ec2cfc62fbf00db085c177b074Virustotal results 40.74%Heodo
2020-10-212668761663754595529.docdoc 1c69c8db95ce9e60d2cd1b61601b96a3a5bca68602f2da10fb5cbcfd2e354401Virustotal results 37.74%Heodo
2020-10-21REP_82823704.docdoc 85a0100950655dd48b3789ac075bbca0e9b4d1ba0e1a4fbc29ee363cc23da4f9n/aHeodo
2020-10-21DD4967480019ER.docdoc 192d1f4fdc36c10af1e2e207ca659c5b7549c01b189257a12f226c42a6c6b4cfn/aHeodo
2020-10-21PO_10212020EX.docdoc ff560f270317afc9d31e1eae55c277c99bdd45f9fbd3a2dc44e8929a25ff065cn/aHeodo
2020-10-21IQN39T0GK0TO.docdoc 56074bdd23c71846faa6ab17e8fc8485ce763ae329af8573a9e877dd6ec6513cVirustotal results 49.18%Heodo
2020-10-21PO_10212020EX.docdoc d0337f9e3f826764678ff11fd7e2b49a84db21bd33615cd0cc63e6654c502d9an/aHeodo
2020-10-21W6A8PZDU962Q.docdoc 25d12cabe3d39e681a0b8c9ac88206110f66071089e92667ee0fed7bc917e918Virustotal results 46.15%Heodo
2020-10-21PNZ_90687425849335078803.docdoc 8ea38c51f8926ffa9ee61be53fc7ee3e4f968f2c7683bbc3b9320d14a2443067Virustotal results 42.31%Heodo
2020-10-21INV_ATY_100120_ZCL_102120.docdoc d6053ab1f8a8801a71b22ecf5257f4cdfee7138eb99345ad33ff208e175aac0fVirustotal results 42.59%Heodo
2020-10-21WG_36862733.docdoc 1704417eb4662953f9c73cd7ef716872d3a364dd78aeb7418219a4960968a592n/aHeodo
2020-10-21R_PO_10212020EX.docdoc b0e434b1de80d97737347fcf4a28a60aad479593c4dde9c9611296cef08185e8n/aHeodo
2020-10-21F_PO_10212020EX.docdoc b5f8485da1270855c2866456988ce8010f5c32c69fb19f324859d685e719fa3eVirustotal results 40.00%Heodo
2020-10-21FILE_XJE_100120_ZTZ_102120.docdoc 7b59e4314d2b1bbefd045815d54be5bd19315bcd13e3de6816a36bfd0930e032Virustotal results 39.62%Heodo
2020-10-21PO_10212020EX.docdoc fb83f2eec33aadc1229efe5c44276c92fbf59ce6dfab221071a61ca25c694a82Virustotal results 39.62%Heodo
2020-10-21INV_267245987497047263844.docdoc 17ac0ed02b6127efefaa0cc936604bc12947c394e902bb8bf88e37b6f0829d9fn/aHeodo