DomainMediumSignal 83/100

`longejh5gj5igfinj36rmqt2ydx2vun6zmditi3ij6hebawnn4xucqad.onion`

Location

Iran, Islamic Republic of

First Seen

Mar 11, 2026

Last Seen

Mar 25, 2026

Mar 11

First Seen

103d ago

Mar 25

Last Seen

89d ago

Reports

source reports

83%

Confidence

medium

Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

83%

Signal Score

83 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

16 techniques

Feed Intelligence Summary

7 reports83% confidence

Source reports

83%

Confidence score

Category tags

abuseakiraalienvault_ransomwareaptasiaasyncratbackdoorcajachatcloud computingcloud migrationcloud securitycloud servicescloud storagecobalt strikecommand and controlcredential harvestingcyber campaigndata encryptiondata exfiltrationdata leakdevmandgaeasyencryptextortionglasswormgroupindicatoriociranlockbitmalicious softwaremalwaremanual-collectionmedium-riskmegamulti-cloud managementmulti-vector threat campaignnetworkoperation camelclonephishing attackprocess injectionpsexecqakbotransom noteransomwareremote accessresearchedserviceshisasocial engineeringstatssystem disruptiont1027t1055t1059t1059.001t1071t1071.001t1105t1133t1486t1490t1565t1566t1566.001t1566.002t1566.003t1569.002tengutengu ransomwarethreat grouptype osintvoid#geistyarayara rule

Activity Timeline

1 total obs

Mar 25Mar 25

Threat Activity Heatmap

· Peak: 2026-03-25

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Threat ScoreHigh Risk

SIGNAL

Signal Score

83%

Confidence

Reports

First seenMar 11, 2026

Last seenMar 25, 2026

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

medium

First detected 3 months ago · Last seen 2 months ago

Appeared in 7 threat reports