IOC Radar
DomainHighVerifiedSignal 39/100

amelicen.com

Location
Hong KongHong Kong
First Seen
Jan 11, 2025
Last Seen
Feb 19, 2026
Jan 11
First Seen
526d ago
Feb 19
Last Seen
122d ago
6
Reports
source reports
39%
Confidence
high
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
39%
Signal Score
39 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

46 techniques

Feed Intelligence Summary

6 reports39% confidence
6
Source reports
39%
Confidence score
Category tags
aptapt campaignapt group: famoussparrowbackdoorbackdoor deploymentbankingbotnetc2 communicationcivil servicescommand and controlcredential accesscredit card servicescyber espionagedata exfiltrationdistributed attacksdynamic configurationearth estriesexchange exploitationfamoussparrowfamoussparrow aptfinancefinancial sector attackfinancial servicesfinancial technologygovernment technologyhong kongindicatorlateral movementmalicious softwaremalwaremalware analysismalware variantsmalware: famoussparrow backdoormalware: hemigatemalware: shadowpadmalware: sparrowdoormanualmodular malwaremodule loadingnetworknetwork intrusionpayment processingpersistence mechanismsprocess injectionpublic administrationpublic infrastructurepublic policyreflective code loadingregulatory agenciesremote accessresearch institution attackresearchedsupply chain attackt1005t1027t1027.002t1047t1053.005t1055t1055.001t1059.001t1059.003t1059.005t1068t1071t1071.001t1078t1078.002t1095t1105t1106t1133t1190t1195.002t1204t1204.002t1210t1486t1496t1499.002t1499.003t1505.003t1543.003t1547t1547.001t1555t1555.003t1565t1573.001t1574.002t1583.004t1584t1587.001t1588t1588.001t1588.002t1588.005t1608.001t1608.002targeted attackthreat actor: famoussparrowundocumented malwareundocumented malware versionswealth managementweb shellwebshell deploymentwindows exploitation

Activity Timeline

1 total obs
Feb 19Feb 19

Threat Activity Heatmap

· Peak: 2026-02-19
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **amelicen.com**, originating from Hong Kong, has been identified as a critical indicator of compromise (IOC) associated with advanced persistent threat (APT) activities. First observed on January

Threat ScoreLow Risk
39
SIGNAL
Signal Score
39%
Confidence
6
Reports
First seenJan 11, 2025
Last seenFeb 19, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
The FamousSparrow cyber-espionage group was active between 2022 and 2024, according to ESET Research, but was still active during this period and deployed two previously undocumented versions of its signature backdoor.

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 4 months ago
Appeared in 6 threat reports