IOC Radar
DomainMediumSignal 85/100

lestagames.world

Location
United StatesUnited States
First Seen
Feb 19, 2025
Last Seen
Jun 14, 2026
Feb 19
First Seen
492d ago
Jun 14
Last Seen
12d ago
13
Reports
source reports
85%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
85%
Signal Score
85 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

26 techniques

Feed Intelligence Summary

13 reports85% confidence
13
Source reports
85%
Confidence score
Category tags
active scanaptattackbotnetbotnet activitybrute forcec2command & controlcommand and controlcredential harvestingcredential stealingcredential stuffingdata exfiltrationdata store exposuredata theftdistributed attacksexploitation activityidentity & access exploitationindicatorinfostealerinfrastructure acquisitionreconnaissanceinjection activityioclummalumma stealermalicious activitymalicious softwaremalwaremalware distributionmanualnetworknorth americaoperating systemphishingphishing attackprocess injectionremote servicesresearchedsocial engineeringt1005t1016t1021t1021.001t1036t1041t1055t1059t1069.001t1071t1071.001t1078t1105t1486t1496t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1571t1573t1587.001t1590.001threat actortor nodeunited stateswin32 malwarewindows malware

Activity Timeline

1 total obs
Jun 14Jun 14

Threat Activity Heatmap

· Peak: 2026-06-14
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **lestagames.world** has emerged as a significant indicator of compromise (IOC) associated with multiple cyber threats originating from the United States. First observed on February

Threat ScoreHigh Risk
85
SIGNAL
Signal Score
85%
Confidence
13
Reports
First seenFeb 19, 2025
Last seenJun 14, 2026

VirusTotal

Not checked

WHOIS

registrar
PDR Ltd. d/b/a PublicDomainRegistry.com
description
Command and Control domains for Win32.Lumma. These domains are extracted from a number of sources, and are suspicious.
domain rank
-1
raw
Admin City: GDPR Masked Admin City: REDACTED Admin Country: GDPR Masked Admin Country: REDACTED Admin Email: [email protected] Admin Organization: GDPR Masked Admin Organization: REDACTED Admin Postal Code: GDPR Masked Admin Postal Code: REDACTED Admin State/Province: GDPR Masked Admin State/Province: REDACTED Creation Date: 2024-03-29T13:09:56Z DNSSEC: Unsigned DNSSEC: unsigned Domain Name: LESTAGAMES.WORLD Domain Name: lestagames.world Domain Status: autoRenewPeriod https://icann.org/epp#autoRenewPeriod Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientHold https://icann.org/epp#clientHold Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: dns10.parkpage.foundationapi.com Name Server: dns9.parkpage.foundationapi.com Registrant City: 3495bcf1839c6374 Registrant City: 7bc26f5a5e70d417 Registrant Country: SE Registrant Email: [email protected] Registrant Email: fb6ff66ef97c0518s@ Registrant Fax Ext: 3432650ec337c945 Registrant Fax Ext: 3495bcf1839c6374 Registrant Fax: 3495bcf1839c6374 Registrant Fax: 7bc26f5a5e70d417 Registrant Name: 3495bcf1839c6374 Registrant Name: 7bc26f5a5e70d417 Registrant Organization: 7bc26f5a5e70d417 Registrant Phone Ext: 3432650ec337c945 Registrant Phone Ext: 3495bcf1839c6374 Registrant Phone: 3495bcf1839c6374 Registrant Phone: 7bc26f5a5e70d417 Registrant Postal Code: 3495bcf1839c6374 Registrant Postal Code: 7bc26f5a5e70d417 Registrant State/Province: b3d814cc6972537b Registrant Street: 3495bcf1839c6374 Registrant Street: 7bc26f5a5e70d417 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.2013775952 Registrar Abuse Contact Phone: +91.2230797500 Registrar IANA ID: 303 Registrar Registration Expiration Date: 2025-03-29T13:09:56Z Registrar URL: http://www.PublicDomainRegistry.com Registrar URL: www.publicdomainregistry.com Registrar WHOIS Server: whois.PublicDomainRegistry.com Registrar WHOIS Server: whois.publicdomainregistry.com Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com Registry Admin ID: GDPR Masked Registry Admin ID: REDACTED Registry Domain ID: Not Available From Registry Registry Domain ID: f0f035eff57f45fbb2fc7a0b09936879-DONUTS Registry Expiry Date: 2026-03-29T13:09:56Z Registry Registrant ID: GDPR Masked Registry Registrant ID: REDACTED Registry Tech ID: GDPR Masked Registry Tech ID: REDACTED Tech City: GDPR Masked Tech City: REDACTED Tech Country: GDPR Masked Tech Country: REDACTED Tech Email: [email protected] Tech Organization: GDPR Masked Tech Organization: REDACTED Tech Postal Code: GDPR Masked Tech Postal Code: REDACTED Tech State/Province: GDPR Masked Tech State/Province: REDACTED Updated Date: 2025-03-29T14:33:51Z Updated Date: 2025-03-29T14:33:52Z
references
https://threatfox.abuse.ch/export/csv/recent/
subdomains count
0

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 12 days ago
Appeared in 13 threat reports