DomainMediumSignal 0/100
j.6sc.co
Location
MexicoFirst Seen
Mar 3, 2025
Last Seen
May 30, 2026
Found in 1 report. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags
Feed Intelligence Summary
1 report0% confidence
1
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched
Activity Timeline
May 30May 30
Threat Activity Heatmap
· Peak: 2026-05-30LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
1
Reports
First seenMar 3, 2025
Last seenMay 30, 2026
VirusTotal
Not checked
WHOIS
- description
- "Living off the Land" Takeover (LogMeIn.com)“ INCIDENT REPORT: HIGH-VALUE TARGET NETWORK INTRUSION Threat Profile: Human-operated corporate-grade attack chain targeting an isolated device.Vector: Local network exposure (compromised router/neighboring device) or physical media (USB).Attack Chain Stages:Quant Script: Obfuscated entry file bypassing network filters.SystemBC RAT: Creates a silent, persistent SOCKS5/Tor tunnel for attacker commands.LogMeIn Abuse: Attackers use legitimate remote software to control the device undetected.Crowti (CryptoWall): Final ransomware payload to encrypt high-value data.Key Observations: Because the target device lacked direct internet access, adversaries are actively abusing the local network infrastructure or physical proximity to bridge the gap. I’m open to other opinions regarding this report. I have been unwell and my thinking has been unclear and even off as I focus on getting well. Thank you.
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 22 days ago
Appeared in 1 threat report