DomainMediumSignal 42/100
global.sharedfilescorps.com
Location
Iran, Islamic Republic ofFirst Seen
Apr 17, 2026
Last Seen
Apr 23, 2026
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
42%
Signal Score
42 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
3 reports42% confidence
3
Source reports
42%
Confidence score
Category tags
active scanasiacofensedefense centerfigureharsh patelindicatoripv4iranmiddle eastnetworkphishmeqr coderesearchedt1036t1056t1566united
Activity Timeline
Apr 23Apr 23
Threat Activity Heatmap
· Peak: 2026-04-23LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
42
SIGNAL
Signal Score
42%
Confidence
3
Reports
First seenApr 17, 2026
Last seenApr 23, 2026
VirusTotal
Not checked
WHOIS
- description
- A recent phishing campaign has been identified that exploits the ongoing geopolitical tension involving Iran, leveraging fear to manipulate individuals into divulging sensitive information. The Cofense Phishing Defense Center detected an email masquerading as an emergency alert from government entities like the Ministry of Interior and Civil Defense. This phishing message, labeled as a SEVERE / ACTIVE public safety advisory, instigates panic by warning recipients of imminent threats related to missile attacks, and urges immediate action.
- raw
- Create date: 2026-03-29 00:00:00 Domain name: sharedfilescorps.com Domain registrar id: 609.0 Domain registrar url: http://sav.com Expiry date: 2027-03-29 00:00:00 Name server 1: yadiel.ns.cloudflare.com Name server 2: beth.ns.cloudflare.com Query time: 2026-03-30 13:12:23 Update date: 2026-03-29 00:00:00
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 month ago · Last seen 1 month ago
Appeared in 3 threat reports