IOC Radar
DomainMediumSignal 17/100

giga-dns.com

Location
PolandPoland
First Seen
Jul 18, 2025
Last Seen
May 5, 2026
Jul 18
First Seen
343d ago
May 5
Last Seen
52d ago
4
Reports
source reports
17%
Confidence
medium
Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
17%
Signal Score
17 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

54 techniques

Feed Intelligence Summary

4 reports17% confidence
4
Source reports
17%
Confidence score
Category tags
.plaaaaabuseacceptaccessaccess ta0001access ta0006account securityactive scanactivity miraiaddressaddress domainadware malwareafricaag albertoag ingoair forcealertsalienvault_ransomwareall quietall scoreblueall searchanalyzer pasteandarielandroidanomalous fileappleas35994 akamaiasiaasnone dnsasnone germanyasnone relatedasnone unitedaustraliaaustriaav detectionsavg clamavbackdoorbad reputationbelgiumbiosbitsbodybotnetbotnet activitybrazilbrian sabeyc2 checkincapecatalog treecharter communicationscheckinchilechina unknownchromeclickable urlscloud infrastructurecnamecnapple publiccnc beaconcodecode executioncode injectioncommandcommand & controlcommand and controlcommand executioncommunication protocolcontent typecontrol ta0011cookiecopycp buscreation datecrypcur conocyber folkscyber warfareczechia unknowndarkwatchmandata accessdata copyingdata exfiltrationdata redacteddata store exposuredata transferddosddos attacksdefense evasiondeletedelete cdelete shadowsdelphidemonbotdenverdenver coloradodetected m1discovery e1082distributed attacksdiv divdnsdns attackdockdomaindynamicloadere1203 datae1564 hiddenecho requestee edcje4jekyxeemailsemails infoencryptencryptionentrieseofaeerroretpro malwareeuropeeurope/asiaevasion ob0006expiration dateexpires thuexploitexploit noneexploitationexploitation activityfakedout threatfederation asnfilesfiles domainfiles ipfiles locationfiles matchingfin ivdoflag unitedfor privacyformatfoundgafgytgermanygoogle safegrumguardguatemalahashes capehelloworldhichinahide artifactshighhitmenholidaycheck aghome networkhondurashostinghostnamehostname enumerationhttphttp attackhttp headershttp hosthttp requesthttp scannerhuawei hg532huawei remotehungaryicmpicmp trafficidsids detectionsimmobilien agimpact ob0008impact ta0040inboundindicatorindonesiainformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceingress tool transferinjection activityinstallinternet of thingsiocsiosiot botnetiot securityiot/ics attackipv4irelandireland unknownissuing cait infrastructurejapankenyakraupakurt waltherlabs pulseslicesslinuxlnmplnmp alookm1magic pdfmail spammermainmalicious downloadmalicious linksmalicious powershell activitymalicious softwaremalwaremalware distributionmalware trafficmalware wormmedia centermediummemory patternmetametadata analysismethod statusmexicominiigd upnpmiraimirai botnetmirai variantmitmmitre attmobilemobile securitymobile threatmodule loadmoroccomovedms windowsmsdefender aprmsiename serversnation-state activitynetherlandsnetworknetwork scanningnextnidsnondnsnorth americaob0005 defenseoceaniaodigicert incopenoperating systemoperating system securityotx scoreblueoverview ippacking t1045passive dnspattern domainspayload hellopdb pathpdf documentpdf executionpe resourcepedrazperuphishingphy samopleasepolandpoland unknownpornportpostpowershellprocess injectionprocess32nextwproject pipulse pulsespulse submitpulsespuma sepushquantum fiberransomransomwareread crealtek sdkreconnaissancerecord typerecord valuerecycle binredacted forrelated nidsrelated pulsesremote accessremote servicesresearchedresolverrorreverse dnsrpcsrsa tlsrussiarussian federationsabeysamplessandboxscams & fraudscan endpointsscript domainsscript urlsscripting attackssearchserce internetuserverserver caserver errorserversshellshowshowingsingaporesinkhole cookieslcc2slovakiasoap commandsocial media securitysoftware developmentsoftware exploitationsouth americaspainspamspammerssdeepssl certificatestatusstreamsuspsweepswippert1003t1005t1012t1021t1021.001t1023t1027t1030t1036t1040t1045t1047t1053t1055t1057t1059t1059.001t1059.007t1060t1064t1069.001t1071t1071.001t1078t1082t1086t1089t1105t1106t1112t1119t1129t1133t1140t1143t1189t1189 foundt1190t1203t1204t1204.001t1204.002t1210t1485t1486t1496t1499.002t1499.003t1564t1565t1566t1573t1587.001t1589.001t1590.001taiwanthailandthreat actortimo salzsiedertitletofseetoolstor nodetotaltptjswtrid adobetrojantrojan featurestrojan malwaretrojandroppertrojanspytsara brashearsttl valuetulachtype getunitedunited kingdomunited statesupdated dateurlsurls httpurls httpsusersvalue snkzvhashvietnamvirtoolvirusweb exploitationweb securityweb trafficwhoiswin32 malwarewindowswindows malwarewindows ntworldwritewrite cwsasendx cachexe exportyarayara detectionsyara ruleyomi hunterzenbox

Activity Timeline

1 total obs
May 5May 5

Threat Activity Heatmap

· Peak: 2026-05-05
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **giga-dns.com** has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats originating from Poland. First observed on July

Threat ScoreLow Risk
17
SIGNAL
Signal Score
17%
Confidence
4
Reports
First seenJul 18, 2025
Last seenMay 5, 2026

VirusTotal

Not checked

WHOIS

registrar
RegistryGate GmbH
domain rank
-1
raw
Admin City: REDACTED FOR PRIVACY Admin Country: REDACTED FOR PRIVACY Admin Email: [email protected] Admin Organization: REDACTED FOR PRIVACY Admin Postal Code: REDACTED FOR PRIVACY Admin State/Province: REDACTED FOR PRIVACY Billing City: REDACTED FOR PRIVACY Billing Country: REDACTED FOR PRIVACY Billing Email: [email protected] Billing Organization: REDACTED FOR PRIVACY Billing Postal Code: REDACTED FOR PRIVACY Billing State/Province: REDACTED FOR PRIVACY Creation Date: 2003-05-01T13:48:50Z DNSSEC: unsigned Domain Name: GIGA-DNS.COM Domain Name: giga-dns.com Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: NS1.CONTABO.NET Name Server: NS2.CONTABO.NET Name Server: NS3.CONTABO.NET Name Server: ns1.contabo.net Name Server: ns2.contabo.net Name Server: ns3.contabo.net Registrant City: 1f8f4166599d23ee Registrant Country: DE Registrant Email: [email protected] Registrant Fax Ext: 1f8f4166599d23ee Registrant Fax: 1f8f4166599d23ee Registrant Name: 1f8f4166599d23ee Registrant Organization: 1f8f4166599d23ee Registrant Phone Ext: 1f8f4166599d23ee Registrant Phone: 1f8f4166599d23ee Registrant Postal Code: 1f8f4166599d23ee Registrant State/Province: 3432650ec337c945 Registrant Street: 1f8f4166599d23ee Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +49.1805734437 Registrar IANA ID: 1328 Registrar Registration Expiration Date: 2026-05-01T13:48:50Z Registrar URL: http://www.registrygate.com Registrar URL: www.registrygate.com Registrar WHOIS Server: whois.registrygate.com Registrar: RegistryGate GmbH Registry Admin ID: REDACTED FOR PRIVACY Registry Billing ID: REDACTED FOR PRIVACY Registry Domain ID: 97410004_DOMAIN_COM-VRSN Registry Expiry Date: 2026-05-01T13:48:50Z Registry Registrant ID: REDACTED FOR PRIVACY Registry Tech ID: REDACTED FOR PRIVACY Tech City: REDACTED FOR PRIVACY Tech Country: REDACTED FOR PRIVACY Tech Email: [email protected] Tech Organization: REDACTED FOR PRIVACY Tech Postal Code: REDACTED FOR PRIVACY Tech State/Province: REDACTED FOR PRIVACY Updated Date: 2025-05-02T07:16:36Z
subdomains count
101

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 11 months ago · Last seen 1 month ago
Appeared in 4 threat reports