IOC Radar
DomainHighVerifiedSignal 74/100

masterserver.top

Location
BulgariaBulgaria
First Seen
Jan 5, 2024
Last Seen
Jan 23, 2026
Jan 5
First Seen
899d ago
Jan 23
Last Seen
149d ago
5
Reports
source reports
74%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
74%
Signal Score
74 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

17 techniques

Feed Intelligence Summary

5 reports74% confidence
5
Source reports
74%
Confidence score
Category tags
botnetbotnet activitybulgariac2 domainscommand and controldata exfiltrationdistributed attackseuropeindicatorindicators of compromiseiocmachine learning detectionmalicious softwaremalwaremalware communicationmalware domainsnetworkprocess injectionresearchedt1001t1041t1055t1071t1071.001t1071.004t1105t1486t1496t1499.002t1499.003t1565t1568t1568.002t1573t1573.001t1573.002

Activity Timeline

1 total obs
Jan 23Jan 23

Threat Activity Heatmap

· Peak: 2026-01-23
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **masterserver.top**, originating from Bulgaria, has been identified as a critical indicator of compromise (IOC) associated with botnet and malware activities. First observed on January

Threat ScoreHigh Risk
74
SIGNAL
Signal Score
74%
Confidence
5
Reports
First seenJan 5, 2024
Last seenJan 23, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

registrar
Namecheap Inc.
description
Command and Control domains for malware known as Alphacrypt. These domains are extracted from malware sandbox reports using a Machine Learning model trained on a corpus of good and bad domains.
domain rank
-1
raw
Admin City: REDACTED FOR PRIVACY Admin Country: REDACTED FOR PRIVACY Admin Organization: REDACTED FOR PRIVACY Admin Postal Code: REDACTED FOR PRIVACY Admin State/Province: REDACTED FOR PRIVACY Creation Date: 2022-03-16T18:52:05Z DNSSEC: unsigned Domain Name: masterserver.top Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: dns1.registrar-servers.com Name Server: dns2.registrar-servers.com Registrant City: 1f8f4166599d23ee Registrant Country: IS Registrant Email: f651612a2f356ad3s@ Registrant Fax Ext: 1f8f4166599d23ee Registrant Fax: 1f8f4166599d23ee Registrant Name: 1f8f4166599d23ee Registrant Organization: 1f8f4166599d23ee Registrant Phone Ext: 1f8f4166599d23ee Registrant Phone: 1f8f4166599d23ee Registrant Postal Code: 1f8f4166599d23ee Registrant State/Province: 3e0204199d8ebf9c Registrant Street: 1f8f4166599d23ee Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +86.6613102107 Registrar IANA ID: 1068 Registrar URL: https://www.namecheap.com/ Registrar WHOIS Server: whois.namecheap.com Registrar: Namecheap Inc. Registry Admin ID: REDACTED FOR PRIVACY Registry Domain ID: D20220317G10001G_78065328-top Registry Expiry Date: 2026-03-16T18:52:05Z Registry Registrant ID: REDACTED FOR PRIVACY Registry Tech ID: REDACTED FOR PRIVACY Tech City: REDACTED FOR PRIVACY Tech Country: REDACTED FOR PRIVACY Tech Organization: REDACTED FOR PRIVACY Tech Postal Code: REDACTED FOR PRIVACY Tech State/Province: REDACTED FOR PRIVACY Updated Date: 2022-03-16T18:52:09Z
subdomains count
1

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 2 years ago · Last seen 4 months ago
Appeared in 5 threat reports