IOC Radar
DomainMediumSignal 37/100

crescentegramas.com.br

Location
BrazilBrazil
First Seen
Aug 14, 2025
Last Seen
Jun 5, 2026
Aug 14
First Seen
303d ago
Jun 5
Last Seen
8d ago
13
Reports
source reports
37%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
37%
Signal Score
37 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

15 techniques

Feed Intelligence Summary

13 reports37% confidence
13
Source reports
37%
Confidence score
Category tags
armasyncratbotnetbotnet activitybrazilbrute forcecommand and controlcredential harvestingcredential stuffingdata exfiltrationdata store exposuredistributed attacksdropped-by-amadeydropped-by-phorpiexelfexeexecutable fileexploitation activityfueryhajimeidentity & access exploitationindicatorinfostealerinjection activitylummastealerm68kmalicious softwaremalwaremalware deliverymalware_distributionmipsmiraimozinetworkopendirphishingphishing attackphishing campaignphishing campaign detectionphishing domainpowerpcprocess injectionpureratratremcosratresearchedscams & fraudshsocial engineeringsouth americasparcsuperht1055t1071.001t1189t1204.001t1486t1496t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1598t1598.003targeting databaseua-wgetwebsite phishingx86

Activity Timeline

1 total obs
Jun 5Jun 5

Threat Activity Heatmap

· Peak: 2026-06-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain crescentegramas.com.br has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats originating from Brazil. First observed on August

Threat ScoreLow Risk
37
SIGNAL
Signal Score
37%
Confidence
13
Reports
First seenAug 14, 2025
Last seenJun 5, 2026

VirusTotal

Not checked

WHOIS

description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber
domain rank
-1
raw
changed: 20180409 changed: 20230626 changed: 20250425 country: BR created: 20140509 created: 20140509 #12873052 created: 20170413 domain: crescentegramas.com.br e-mail: [email protected] e-mail: [email protected] expires: 20260509 nic-hdl-br: GUSBE16 nic-hdl-br: MIOBR12 nserver: ns1.fw1host.com.br nserver: ns2.fw1host.com.br nserver: ns3.fw1host.com.br status: published
references
https://ltna.com.au/cyber, https://urlhaus.abuse.ch/browse/, https://malware-filter.gitlab.io/malware-filter/phishing-filter-domains.txt
subdomains count
10

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 10 months ago · Last seen 8 days ago
Appeared in 13 threat reports