DomainHighVerifiedSignal 86/100

`payload.sh`

First Seen

Jun 2, 2026

Last Seen

Jun 22, 2026

Jun 2

First Seen

19d ago

Jun 22

Last Seen

today

281

Reports

source reports

95%

Confidence

high

Found in 281 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

95%

Signal Score

86 / 100

IDS Rule

Yes

Threat Context

Threat Actors3

AAPT10 KKimsuky TTurla

Malware Families19

XXMRig RRemcos LLumma NNanocore AAsyncRAT QQuasarRAT FFormBook AAgentTesla MMozi XXWorm GGh0st RAT MMirai SStealc CCobalt Strike VVidar MMetasploit HHavoc SSliver FFscan

Feed Intelligence Summary

281 reports95% confidence

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

5055 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

5048 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

5048 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

5048 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

5049 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

5048 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

5046 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

5055 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

5055 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

5046 IOCs in report

Activity Timeline

281 total obs

Jun 22Jun 2

Threat Activity Heatmap

· Peak: 2026-06-04

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Elevated

150

Critical

30d

281

Critical

3mo

281

Critical

Threat ScoreHigh Risk

SIGNAL

Signal Score

95%

Confidence

281

Reports

First seenJun 2, 2026

Last seenJun 22, 2026

Verified IOC

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

high

First detected 19 days ago · Last seen today

Appeared in 281 threat reports from 10 sources

Associated with: APT10, Kimsuky, Turla

Used by malware: XMRig, Remcos, Lumma, Nanocore, AsyncRAT, QuasarRAT, FormBook, AgentTesla, Mozi, XWorm, Gh0st RAT, Mirai, Stealc, Cobalt Strike, Vidar, Metasploit, Havoc, Sliver, Fscan

payload.sh

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

Related Reports

VirusTotal

Export & API

IOC Journey

`payload.sh`