IOC Radar
DomainMediumSignal 76/100

gm-sup.com

Location
TurkeyTurkey
First Seen
Oct 2, 2024
Last Seen
Apr 7, 2026
Oct 2
First Seen
617d ago
Apr 7
Last Seen
65d ago
10
Reports
source reports
76%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
76%
Signal Score
76 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Feed Intelligence Summary

10 reports76% confidence
10
Source reports
76%
Confidence score
Category tags
active scanactive scanningaptasiabelleza equiposbotnetbotnet activitybrute forcecertciudadcivil servicescommand and controlcommunication protocolcredential accesscredential harvestingcredential stuffingcredential theftdata encryptiondata exfiltrationdata store exposuredatabase securityddosdenial of servicedistributed attacksencryptionexploitation activityfinftpftp brute forcegovernment technologyhttp brute forcehttp scanneridentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinitial accessinjection activityinjection attacksintrusion detectioniranirgclateral movementleer msmalicious softwaremalwaremanualmediamobile threatnetworknetwork attacksnetwork intrusionnetwork probingnetwork protocolnetwork scanningnetwork securityngophishingphishing attackpolticaprocess injectionpublic administrationpublic infrastructurepublic policyreconnaissanceregulatory agenciesremote accessremote servicesresearchedsalascannersocial engineeringssh attacksynt1021t1021.001t1021.002t1040t1055t1059t1059.003t1059.004t1059.005t1071.001t1076t1077t1110t1110.001t1110.002t1110.003t1189t1190t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1587.001t1589t1589.002t1590t1590.001t1590.002t1590.003t1590.004t1592t1592.001t1592.002t1592.003t1595t1595.001t1595.002t1595.003tcp protocolthreat actorthreat intelligencetor nodeturkeytwo-factor authenticationunauthorized access attemptutensiliosvaporalvistaweb loginweb trafficwishlist vistaxmas

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
76
SIGNAL
Signal Score
76%
Confidence
10
Reports
First seenOct 2, 2024
Last seenApr 7, 2026

VirusTotal

Not checked

WHOIS

registrar
MarkMonitor Inc.
description
This is a pulse created to house CND internal IOCs that we want to monitor, please add title to explain what the IOC and a further description of if this is needed.
domain rank
-1
raw
Admin City: Redmond Admin Country: US Admin Email: [email protected] Admin Organization: Microsoft Corporation Admin Postal Code: 98052 Admin State/Province: WA Creation Date: 2019-07-06T03:49:52-0700 Creation Date: 2019-07-06T10:49:52Z DNSSEC: signedDelegation Domain Name: GM-SUP.COM Domain Name: gm-sup.com Domain Status: clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited) Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited) Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited) Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: NS151A.MICROSOFTINTERNETSAFETY.NET Name Server: NS151B.MICROSOFTINTERNETSAFETY.NET Name Server: ns151a.microsoftinternetsafety.net Name Server: ns151b.microsoftinternetsafety.net Registrant City: b6b1ba5f05367788 Registrant Country: US Registrant Email: [email protected] Registrant Fax Ext: 3432650ec337c945 Registrant Fax: 7d1f3c3fb96a62b3 Registrant Name: b94871993eab339b Registrant Organization: 628983377a05fb4c Registrant Phone Ext: 3432650ec337c945 Registrant Phone: 8f198ff1733e2d60 Registrant Postal Code: 2908382a58eb4969 Registrant State/Province: 163b5dbd6196f461 Registrant Street: 86c54a730ec120b0 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.2083895740 Registrar Abuse Contact Phone: +1.2083895770 Registrar IANA ID: 292 Registrar Registration Expiration Date: 2021-07-06T03:49:52-0700 Registrar URL: http://www.markmonitor.com Registrar WHOIS Server: whois.markmonitor.com Registrar: MarkMonitor Inc. Registrar: MarkMonitor, Inc. Registry Domain ID: 2409944596_DOMAIN_COM-VRSN Registry Expiry Date: 2021-07-06T10:49:52Z Tech City: Redmond Tech Country: US Tech Email: [email protected] Tech Organization: Microsoft Corporation Tech Postal Code: 98052 Tech State/Province: WA Updated Date: 2020-03-19T07:31:00-0700 Updated Date: 2020-03-19T14:31:01Z
references
https://www.ic3.gov/Media/News/2024/240927.pdf
subdomains count
3

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 10 threat reports