IOC Radar
DomainHighVerifiedSignal 64/100

com-angker98.com

Location
GermanyGermany
First Seen
Apr 25, 2021
Last Seen
Feb 2, 2026
Apr 25
First Seen
1884d ago
Feb 2
Last Seen
140d ago
5
Reports
source reports
64%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
64%
Signal Score
64 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

63 techniques

Feed Intelligence Summary

5 reports64% confidence
5
Source reports
64%
Confidence score
Category tags
aaaaactive relatedad tevdagadd indicatoradded activeagent teslaalerts idsall t8america malwareandroid10applearkei stealerasiaattacks saaustraliaavtratazorultbandit stealerbodybofabrashears lesbrashears pornbrazilcanadacanada unknowncapturechinachromecidrcnc beaconco sheriffcobalt strikecommand and controlcommunication protocolcomspecconfigcontroversial techcookiecostcpccreation datecyber threatsdailydarkdata accessdata analysisdata copyingdata exfiltrationdata mining softwaredata misusedata transferdata uploaddays agodgadicator roledicators japandiri typedishdjvudom hosdonedouglas countydownloaderdraiedron aewdynamicloaderemotetencryptenter senter scenter soenter soudcetdienter soufenter sourceentriesethical hackingeuropeeurope/asiaexcludeexclude dataexclude suggesexclude suggestexclude toosrouexcluded dataexcludel suggesexpiration dateextr dataextr extractextr pleaseextraextra dataextra pleaseextrac dataextractextraction dataextraction failextreextre dataextre pleaseextriextri dataextri includefailedfalcon sandboxfalse informationfanecfileh filehfilepath httpsfilesfiles domainfiles relatedfinancefinancial servicesfind sfind suggefirmipflubotfolderfoundryfoundry createdfoundry techfoundry twitterfrancefree porngermanygoogle safegovernment usegreenguardharmfulhigh priorityhostname addhostname datahostname enumerationhtmlhttp attackhttp scannerhttpshybridhybrid analysisic excludedidn1includeinclude datainclude failedinclude outroovinclude reviewincludec reviewincluded iocsincluded reviewindiaindicatorindicators hongindicators showinformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceingress tool transferinstalliocsipv4irelandit infrastructurejul allkeyloggerkhtmlkonglearn morelinuxlovelynn brashearsmafiamalicious downloadmalicious linksmalicious softwaremalwaremalware distributionmanaiv addmazemedia centermitre att&ck frameworkmonths agomost relevantmovedmsiename serversnetherlandsnetworknetwork scanningnextnext associatednjratno entdino entrienorth americaobjectoceaniaoctoseek publicofficeopen threatous upackingpassive dnspegasus attackspersonal dataphishingpleaseplease subplease subrpornporn videospornhub httpspornhub pagepresent augpresent junpresent seppriority alertsprivacyprocess injectionpulsepulse datapulse pulsespulse submitpulsespulses hostnamepulses otxpulses urlqakbotqbotquackbotransomransomexxreconnaissancerecord valueredacted forrefts0related pulsesrelated tagsremotereport externalreport spamreputation damageresearchedreviewreview datareview excludereview icreview iocsreview lacereview loccrole titlerun keysrussiasa victimsc datasc typescanscript domainsscript urlsse extrase extractionse reviewsearchsearchtsarsecure serverserver responseserversserviceshowshowingslcc2smear campaignsocial media abusesoftware developmentsouth americaspainspanspicestartupstatusstatus nostopstop datastop xstreamsuggessugges datasuggestsuggest dataswedent1005t1027t1030t1035t1036t1041t1043t1045t1051t1053t1055t1056t1057t1059t1059.001t1060t1065t1068t1071t1071.001t1078t1080t1082t1083t1085t1105t1106t1110t1114t1119t1123t1125t1129t1133t1140t1143t1155t1179t1190t1204.001t1210t1486t1499.001t1499.002t1506t1534t1546t1564t1565t1566t1566.001t1569.002t1583t1586t1587t1587.001t1588t1589t1589.001t1590.001t1592t1595t1598threat networktitletitle addedtmobiletop tsaratrojan malwaretsaratsara brashearstsara lynntwittertyp datatyp hosttypetype filehtype indicatortype notypestypes ofu extractioukraineuniteduniyunknown nsunruyuny inuuueur extractionurior exiragurlsurls showursnifuserosandroidvideosvirtoolwatch tsaraweb securityweb trafficwhitewhite keyloggerwindows ntwinverwritewrite cxportyears ago

Activity Timeline

1 total obs
Feb 2Feb 2

Threat Activity Heatmap

· Peak: 2026-02-02
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
64
SIGNAL
Signal Score
64%
Confidence
5
Reports
First seenApr 25, 2021
Last seenFeb 2, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

registrar
Google Inc.
domain rank
-1
raw
Domain Name: COM-ANGKER98.COM Registry Domain ID: 2297626336_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.google.com Registrar URL: http://domains.google.com Updated Date: 2018-09-26T09:19:06Z Creation Date: 2018-08-14T19:02:28Z Registry Expiry Date: 2019-08-14T19:02:28Z Registrar: Google Inc. Registrar IANA ID: 895 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.8772376466 Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientHold https://icann.org/epp#clientHold Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: NS-CLOUD-E1.GOOGLEDOMAINS.COM Name Server: NS-CLOUD-E2.GOOGLEDOMAINS.COM Name Server: NS-CLOUD-E3.GOOGLEDOMAINS.COM Name Server: NS-CLOUD-E4.GOOGLEDOMAINS.COM DNSSEC: unsigned
subdomains count
3

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 5 years ago · Last seen 4 months ago
Appeared in 5 threat reports