IOC Radar
DomainMediumSignal 51/100

beinfo.net

Location
NetherlandsNetherlands
First Seen
Jan 19, 2025
Last Seen
Feb 19, 2026
Jan 19
First Seen
519d ago
Feb 19
Last Seen
123d ago
3
Reports
source reports
51%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Feed Intelligence Summary

3 reports51% confidence
3
Source reports
51%
Confidence score
Category tags
botnetbrute forcebrute force attackcommand and controlcredential accesscredential harvestingcredential stuffingdata exfiltrationdistributed attacksftp brute forcehttp brute forceindicatorinfrastructure acquisitionreconnaissancemalicious softwaremalwaremanualnetherlandsnetworknetwork reconnaissancenetwork scanpassword attackpassword attacksphishing attackpotential intrusion attemptprocess injectionremote accessremote servicesresearchedsocial engineeringssh attackt1021t1021.001t1021.002t1046t1055t1059t1059.001t1059.004t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1587.001t1589t1589.002t1590.001t1595tcp scanudp scan

Activity Timeline

1 total obs
Feb 19Feb 19

Threat Activity Heatmap

· Peak: 2026-02-19
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **beinfo.net**, originating from the Netherlands, has been identified as a significant indicator of compromise (IOC) associated with botnet and malware activities. First observed on January

Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
3
Reports
First seenJan 19, 2025
Last seenFeb 19, 2026

VirusTotal

Not checked

WHOIS

registrar
Hongkong Kouming International Limited
creation date
2025-06-21T08:42:11
expiration date
2026-06-21T08:42:11
updated date
2025-06-22T09:52:33
name servers
REESE.NS.CLOUDFLARE.COM, SURINA.NS.CLOUDFLARE.COM
country
CN
emails
[email protected]
status
clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited), clientTransferProhibited https://icann.org/epp#clientTransferProhibited

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 3 threat reports