IOC Radar
DomainMediumSignal 17/100

cmp.lt

Location
IndonesiaIndonesia
First Seen
Mar 4, 2025
Last Seen
Apr 24, 2025
Mar 4
First Seen
474d ago
Apr 24
Last Seen
423d ago
3
Reports
source reports
17%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
17%
Signal Score
17 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Feed Intelligence Summary

3 reports17% confidence
3
Source reports
17%
Confidence score
Category tags
akamaiasn1babybestbest buybiosbios infectionbios malwarebluetooth attackbluetooth propagationbotnetbuycommand and controlcryptocurrency threatscryptojackingcryptominercryptominingcubadata exfiltrationdigital stalkingdistributed attackseducationeuifeuropefinancegeekgeoipghostgoogleindicatorindonesiakeyloggerlateral movementlevel3lithuaniamalicious softwaremalwaremark monitormexicomininetworknetwork spreadnetwork wormno helppersistence mechanismpre-boot executionpreboot executionpreboot infectionprocess injectionprotonpublic urlransomwareremote servicesresearchedresource hijackingrootkitseznamsquadsuckysupply chain attacksurvives reformatt1021t1021.004t1053t1053.005t1055t1059.001t1068t1071t1071.001t1078t1078.001t1113t1115t1189t1190t1202t1486t1496t1499.002t1499.003t1542t1542.001t1542.003t1543t1547t1547.001t1555t1555.003t1562t1565t1566t1566.001t1574.001telecomtelecommunicationstwitteruefiuefi malwareukraineviruswhinywin32 malwarewindows malware

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreLow Risk
17
SIGNAL
Signal Score
17%
Confidence
3
Reports
First seenMar 4, 2025
Last seenApr 24, 2025

VirusTotal

Not checked

WHOIS

description
Files from a Virus that has plagued my life for the past 7 months. Preboots Bios and spreads via bluetooth. Infected Best Buy's network, which they deny, causing me to call it The Best Buy Virus. Previously I referred to it everywhere as WhinySuckyBaby because of how childish the individual on the other side is.
domain rank
-1
raw
Create date: 2024-10-21 00:00:00 Domain name: cmp.lt Domain registrar url: https://www.netim.com/domain/ Expiry date: 2025-10-22 00:00:00 Name server 1: ns5.hosting.reg.ru Name server 2: ns6.hosting.reg.ru Query time: 2024-10-23 18:23:35
references
https://www.tiktok.com/@jeffersonultra/video/7404142059327687942?is_from_webapp=1&sender_device=pc&web_id=7408601050825868806, https://www.tiktok.com/@jeffersonultra/video/7401970649561894150, Https://BiosVir.us, Https://BluetoothVirus.com, https://www.virustotal.com/gui/collection/f3bb0fe192a7a669edd061, https://www.virustotal.com/graph/embed/g1313cfcd67d34e9c8d8438d6, https://metadefender.com/results/file/bzI1MDMwMVFWaXRDS0hpWElYcnV0QllCYlB1, https://mwdb.cert.pl/file/efb45096e24a61b488eb809bd8edf874d15bb498dd75ced8b888b020c87e5c6c, https://n0paste.eu/UH6n5pD/
subdomains count
1

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 year ago
Appeared in 3 threat reports