DomainHighVerifiedSignal 58/100

`load.auraria.org`

First Seen

Jun 2, 2026

Last Seen

Jun 9, 2026

Jun 2

First Seen

10d ago

Jun 9

Last Seen

3d ago

Reports

source reports

80%

Confidence

high

Found in 1 report. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

80%

Signal Score

58 / 100

IDS Rule

Yes

Threat Context

Threat Actors3

LLazarus Group KKimsuky AAPT43

Feed Intelligence Summary

1 report80% confidence

Securelist

May 14, 2026

Kimsuky targets organizations with PebbleDash-based tools

42 IOCs in report

Activity Timeline

1 total obs

May 14May 14

Threat Activity Heatmap

· Peak: 2026-05-14

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Intelligence SummaryAI Generated

The domain **load.auraria.org** has been identified as a critical indicator of compromise (IOC) associated with multiple advanced persistent threat (APT) groups, including the Lazarus Group, Kimsuky, and APT

Threat ScoreMedium Risk

SIGNAL

Signal Score

80%

Confidence

Reports

First seenJun 2, 2026

Last seenJun 9, 2026

Verified IOC

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

high

First detected 10 days ago · Last seen 3 days ago

Appeared in 1 threat report from 1 source

Associated with: Lazarus Group, Kimsuky, APT43

load.auraria.org

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

Related Reports

VirusTotal

Export & API

IOC Journey

`load.auraria.org`