IOC Radar
DomainMediumSignal 50/100

88tech.me

Location
DenmarkDenmark
First Seen
Mar 6, 2023
Last Seen
Mar 22, 2026
Mar 6
First Seen
1205d ago
Mar 22
Last Seen
93d ago
3
Reports
source reports
50%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
50%
Signal Score
50 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

59 techniques

Feed Intelligence Summary

3 reports50% confidence
3
Source reports
50%
Confidence score
Category tags
acceptaccess ta0001active scanningadded activealibaba cloudall domainall hostnameall reportanchoranchor httpsappleapt27artifacts vascioattackbackdoorbrian sabeysbrothbypasschecks creationchristopher ahmanncivil servicesck idck matrixclick-based attackcode integritycommandcommand and controlcommunication protocolcredential harvestingcrypdata manipulationdata uploaddelete servicedenmarkdnsdoin itdopple aidynadot llcemailsencryptenter sceuropeevidence destructionexclude suggesexpiration httpextr dataextr pleaseextra datafailedfilesfiles domainfiles relatedflagformfull reportsget httpgooglegovernment technologyhall evanshelp dnshichinahostname enumerationhtml documenthtml internethttp attackhttp scannerhttpshunterhybrididron anviframeinclude datainclude reviewindicatorindicators showinfo initialinformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceingress tool transferinitial accessinput validation bypassinquest labsiocsit infrastructurelearnlearn moreliberalliberal friendslink initiallucas achamalicious activitymalicious linksmalwaremalware deploymentmetadata analysismitre attname serversname tacticsnamecheap incnetworknetwork scanningnone googleotx descriptionotx logopackingpalantirian abusepassive dnspath traversalphishingphishing attackplease subpoemporkbun llcporn revengepresent decpresent febpresent janprocess injectionprotectpublic administrationpublic infrastructurepublic policyquasi governmentreconnaissancereferenregulatory agenciesreimerrelated pulsesrelated tagsremote accessremote servicesreport spamresearchedrl httprole titlesabeysabey data centerssabey pornsafe browsingsc datasc pulsescanscanning activityse httpsnitsocial engineeringsocial media securitysoftware developmentspam brianspam deletespawnsssl certificatestop showstringsswippert1021t1027t1036t1041t1045t1055t1057t1059t1059.002t1060t1068t1070t1071t1071.001t1071.004t1080t1082t1083t1105t1106t1113t1125t1129t1132t1132.001t1133t1140t1143t1176t1189t1189 networkt1190t1204 user executiont1204.001t1204.002t1210t1495t1499.002t1546t1553t1553.002t1566t1566 phishingt1566.001t1566.002t1566.003t1568t1568.002t1583t1583.001t1583.005t1584t1586t1586.001t1587.001t1589.001t1590.001t1593.001t1595.001t1595.002t1595.003t1608.001targeted harassmenttbmvidthe brother sabeythreat actortitletrojan malwaretyp domaintype indicatorunicode textunitedurlsuser executionutf8 textvessel statevictim won casevirtoolweb application exploitationweb securityweb trafficwin32 malwarewindows malwarewindows ntwormxxx videos

Activity Timeline

1 total obs
Mar 22Mar 22

Threat Activity Heatmap

· Peak: 2026-03-22
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
50
SIGNAL
Signal Score
50%
Confidence
3
Reports
First seenMar 6, 2023
Last seenMar 22, 2026

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 3 months ago
Appeared in 3 threat reports