DomainMediumSignal 17/100
followbright.net
First Seen
Mar 4, 2025
Last Seen
Apr 30, 2025
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
17%
Signal Score
17 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
3 reports17% confidence
3
Source reports
17%
Confidence score
Category tags
anna paulabotnetbotnet activitybotnet communicationc2c2 communicationc2 domainc2 domainsc2 infrastructurecommand and controldata exfiltrationdgadistributed attacksdomain-based iocdomain-based iocsfrom emailindicatorinfrastructure acquisitionreconnaissanceiocs: domainsmachine learning detectionmalicious softwaremalspam emailmalwaremalware communicationmalware distributionmalware family: nivdortmalware trafficmsi filenetworknivdortpotential-c2process injectionresearchedt1001t1001.001t1005t1016t1041t1055t1071t1071.001t1105t1486t1496t1499.002t1499.003t1565t1568t1568.002t1571t1573t1573.001t1587.001t1590.001w32.bayrobzip archive
Activity Timeline
Apr 30Apr 30
Threat Activity Heatmap
LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated
The domain **followbright.net** has emerged as a significant indicator of compromise (IOC) associated with botnet and command-and-control (C
Threat ScoreLow Risk
17
SIGNAL
Signal Score
17%
Confidence
3
Reports
First seenMar 4, 2025
Last seenApr 30, 2025
VirusTotal
Not checked
WHOIS
- description
- Command and Control domains for malware known as Nivdort. These domains are extracted from malware sandbox reports using a Machine Learning model trained on a corpus of good and bad domains.
- domain rank
- -1
- references
- 2021-09-21-Curriculo-IOCs.txt
- subdomains count
- 0
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 year ago
Appeared in 3 threat reports