DomainMediumSignal 64/100
cherryartist.com
Location
United StatesFirst Seen
Feb 23, 2026
Last Seen
Jun 7, 2026
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
64%
Signal Score
64 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
9 reports64% confidence
9
Source reports
64%
Confidence score
Category tags
abusech-threatfox-c2cactive scanactive scanninganalytics.dugganusa.com/api/v1/stix/masterautomated analysisautomated attackautomated detectionautomated scanautomated threatautomated threat detectionautomated_attackbad reputationblock-or-filter-listbot_activitybot_communicationbotnetbotnet activitybotnet_c2brute forcebrute force attackbrute force attemptbrute_forcec2c2 activityc2 communicationc2_activityc2_communicationcnc_servercnc_trafficcommand & controlcommand and controlcommand_and_controlcommunication protocolcompromised hostcompromised host investigationcompromised systemscredential accesscredential stuffingdata encryptiondata exfiltrationdata store exposureddosdenial of servicedistributed attacksdnsdns attackencryptionexploitation activityftpftp brute forceftp_brute_forceftp_bruteforcegithub.com/pduggusa/dugganusa-researchhttp probinghttp scannerhttp_scanninghttpsidentity & access exploitationindicatorindicatorsinfected systeminfostealerinfrastructure acquisitionreconnaissanceinjection activityiociot securityircknown malicious iplateral movementmacsyncmalicious linksmalicious network activitymalicious softwaremalwaremalware activitymalware communicationmalware detectionmalware distributionnetworknetwork activitynetwork attacksnetwork communicationnetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork_reconnaissancenetwork_trafficnorth americanovel iocnovel threat indicatornovel-iocnovel_iocpassword attacksphishingpossible botnet activitypossible initial accesspossible malware activitypossible_malwarepotential compromisepotential data exfiltrationpotential malwarepotential_malwareprecogprecog sweepprocess injectionprotocol exploitationprotocol: tcpprotocol: udprecon activityreconnaissanceremote accessremote servicesresearchedssh attackssh_brute_forcessh_bruteforcestealert1005t1016t1018t1021t1021.001t1021.002t1040t1041t1046t1047t1055t1059t1068t1071t1071.001t1076t1077t1078t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1204.001t1486t1496t1499.002t1499.003t1563t1565t1566.003t1573t1573.001t1587.001t1590.001t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat actortor nodeunauthorized access attemptunited statesunknown stealerweb securityweb traffic
Activity Timeline
Jun 7Jun 7
Threat Activity Heatmap
· Peak: 2026-06-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated
The domain cherryartist.com has emerged as a significant indicator of compromise (IOC) associated with multiple cyber threats originating from the United States. First observed on February
Threat ScoreMedium Risk
64
SIGNAL
Signal Score
64%
Confidence
9
Reports
First seenFeb 23, 2026
Last seenJun 7, 2026
VirusTotal
Not checked
WHOIS
- description
- Novel IOC detected by PreCog Sweep. First seen: 2026-02-23 07:37:42 UTC
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 months ago · Last seen 4 days ago
Appeared in 9 threat reports