URLhaus Database

You are currently viewing the URLhaus database entry for https://buildersoncall.com/miu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2629014
URL: https://buildersoncall.com/miu/
URL Status:Offline
Host: buildersoncall.com
Date added:2023-05-10 17:11:11 UTC
Last online:2023-05-13 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-05-10 17:12:39 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 12 hours, 5 minutes Poor (down since 2023-05-13 05:18:38 UTC)
Tags:BB27 geofenced js Qakbot link qbot link Quakbot link TR USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-12Npkbw.jsjs c8566b3dbfc62da1a00456c6eba73aa2bf1156c0f490144542197695981796c2n/a Quakbot
2023-05-12Oamgf.jsjs 3b6f9c857b098185572417b77f56fc66d9fdea89c1261720a46b11e532192d32n/a Quakbot
2023-05-11Ptxf.jsjs d94c93bc30811d7d4b36216feb904456dc5134ae12a58f2bd3989a5166fa1ad9n/a Quakbot
2023-05-11Yjvixw.jsjs 40a8c46ba12bdf34287425d87470b91bc4aa7d50718833d98d22e9d7316e0a1en/a 
2023-05-10Gtdosmn.jsjs 23c3680dc9c3679b721570d55a49b887b476d0e78770caf7382e8816b6b027d3n/a Quakbot
2023-05-10Rfkssgw.jsjs 291b4b83c5ca2bbfc61c5429c848e78b24d890f4bcba17680cc2f8b95c12ec15n/a Quakbot