DomainHighVerifiedSignal 86/100

`deeplsetupwin.zip`

First Seen

Jun 8, 2026

Last Seen

Jun 13, 2026

Jun 8

First Seen

4d ago

Jun 13

Last Seen

today

133

Reports

source reports

95%

Confidence

high

Found in 133 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

95%

Signal Score

86 / 100

IDS Rule

Yes

Threat Context

Threat Actors3

AAPT10 KKimsuky TTurla

Malware Families14

SStealc XXMRig FFormBook AAgentTesla QQuasarRAT NNanocore MMozi MMirai VVidar FFscan SSliver CCobalt Strike XXWorm AAsyncRAT

Feed Intelligence Summary

133 reports95% confidence

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

4964 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

4964 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

4962 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

4961 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

4961 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

4961 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

4961 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

4963 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

4963 IOCs in report

Abuse.ch URLhaus

Abuse.ch URLhaus (5000 entries)

4964 IOCs in report

Activity Timeline

133 total obs

Jun 13Jun 8

Threat Activity Heatmap

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Elevated

133

Critical

30d

133

Critical

3mo

133

Critical

Threat ScoreHigh Risk

SIGNAL

Signal Score

95%

Confidence

133

Reports

First seenJun 8, 2026

Last seenJun 13, 2026

Verified IOC

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

high

First detected 4 days ago · Last seen today

Appeared in 133 threat reports from 10 sources

Associated with: APT10, Kimsuky, Turla

Used by malware: Stealc, XMRig, FormBook, AgentTesla, QuasarRAT, Nanocore, Mozi, Mirai, Vidar, Fscan, Sliver, Cobalt Strike, XWorm, AsyncRAT

deeplsetupwin.zip

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

Related Reports

VirusTotal

Export & API

IOC Journey

`deeplsetupwin.zip`