IOC Radar
DomainMediumSignal 75/100

check.mojtf.icu

Location
ParaguayParaguay
First Seen
Feb 16, 2025
Last Seen
Apr 12, 2026
Feb 16
First Seen
492d ago
Apr 12
Last Seen
72d ago
10
Reports
source reports
75%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
75%
Signal Score
75 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

27 techniques

Feed Intelligence Summary

10 reports75% confidence
10
Source reports
75%
Confidence score
Category tags
abuseactive scanahmythapkarmasyncratattackbackdoorbad reputationbitbucketbotnetbotnet activitybotnetdomainc2censyscobaltstrikecoinminercommand & controlcommand and controlcryptocurrencyctadata encryptiondata exfiltrationdata store exposureddosddos attacksdistributed attacksdlldropped-by-amadeyelfencryptionexeexecutable fileexploitation activityextortiongafgythajimehavochijackloaderindicatorinfostealerinjection activityinternet of thingsiot botnetiot securityiot/ics attackjava-bytecodekaijil3monloaderlummastealermachomalicious activitymalicious softwaremalwaremeduzastealermeterpretermipsmirai botnetmobile threatmozimultiratnetworkopendirparaguaypdfpinkprocess injectionps1qbotransomwareratredlinestealerremote accessresearchedsaint helena, ascension and tristan da cunhascams & fraudshellcodesliversmoke loadersshdkitstealcsystem disruptionsystembct1005t1027t1055t1059t1071t1071.001t1078t1105t1133t1189t1190t1204t1204.002t1486t1490t1496t1499.002t1499.003t1547t1565t1566t1566.001t1583t1584t1588t1588.002t1608threat actortor nodeua-wgetvidarwsgidavxmrigxorbotzip

Activity Timeline

1 total obs
Apr 12Apr 12

Threat Activity Heatmap

· Peak: 2026-04-12
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **check.mojtf.icu** has been identified as a critical indicator of compromise (IOC) associated with multiple cyber threats, including botnet activity, command and control (C

Threat ScoreHigh Risk
75
SIGNAL
Signal Score
75%
Confidence
10
Reports
First seenFeb 16, 2025
Last seenApr 12, 2026

VirusTotal

Not checked

WHOIS

raw
Create date: 2025-02-15 00:00:00 Domain name: mojtf.icu Domain registrar id: 303 Domain registrar url: https://publicdomainregistry.com Expiry date: 2026-02-15 00:00:00 Name server 1: elmo.ns.cloudflare.com Name server 2: aleena.ns.cloudflare.com Query time: 2025-02-16 11:51:42 Registrant company: 7bc26f5a5e70d417 Registrant country: United Kingdom Registrant email: 29e2c061f3c9524es@ Registrant state: d52286edfb6c6247 Update date: 2025-02-15 00:00:00

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 10 threat reports