DomainMediumSignal 0/100
mcafee-upgrade.com
Location
CubaFirst Seen
Oct 2, 2021
Last Seen
Jun 7, 2026
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags
Feed Intelligence Summary
3 reports0% confidence
3
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched
Activity Timeline
Jun 7Jun 7
Threat Activity Heatmap
· Peak: 2026-06-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated
The domain **mcafee-upgrade.com** has been identified as a potential indicator of compromise (IOC) linked to malicious activities originating from Cuba. First observed on October
Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
3
Reports
First seenOct 2, 2021
Last seenJun 7, 2026
VirusTotal
Not checked
WHOIS
- registrar
- Dynadot Inc
- description
- Thor Lite Scan - 2026-04-28 SCANID: S-YEFfQ7C4AkQ https://www.virustotal.com/graph/embed/g88c761645ba94ab89e2c7519f789d32264aa4d80eb1a47f597c7e3deb4979e5f?theme=dark
- domain rank
- -1
- raw
- Creation Date: 2022-12-19T12:01:00Z DNSSEC: unsigned Domain Name: MCAFEE-UPGRADE.COM Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: NS1.HWRN.NET Name Server: NS2.HWRN.NET Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +16502620100 Registrar IANA ID: 472 Registrar URL: http://www.dynadot.com Registrar WHOIS Server: whois.dynadot.com Registrar: Dynadot Inc Registry Domain ID: 2745719536_DOMAIN_COM-VRSN Registry Expiry Date: 2025-12-19T12:01:00Z Updated Date: 2024-12-20T03:03:38Z
- references
- https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/new-apt-group-chamelgang/, Bitch-On-Wheels_files_md5s.csv, 832dde85e22a6de8081cdb46fcc7d8f2ae104bbdae54c5dc75d2a6272a0bd431, f66f2b730bec1c6927aa86503dfb22fc8d03a2f9e871ae6269d2a3ed29dc48e5, 902574c9ffd06678d769ae3db96b3957269c45617ad8e2feead4d02f5f3da106, https://hybrid-analysis.com/sample/9c8ee51b61019f9820cd151b3f3a5a9a0309787a46bd37fa877c5c95b633b5cb, https://tria.ge/250729-s1vysaywgy, https://www.filescan.io/uploads/6888ec9fa16348d835f2f6d3, https://polyswarm.network/scan/results/file/9c8ee51b61019f9820cd151b3f3a5a9a0309787a46bd37fa877c5c95b633b5cb, https://www.filescan.io/uploads/6888ec9fa16348d835f2f6d3/reports/a3528542-a121-4351-91fe-de5aab327fe2/overview, https://www.filescan.io/uploads/6888ec9fa16348d835f2f6d3/reports/3c22777d-9fa3-4d67-a00a-8aa505154874/overview, https://metadefender.com/results/file/bzI1MDcyOV9QRkdmNWZwSkhvMG11YWczRVZMRw_mdaas, https://www.filescan.io/uploads/6888ec9fa16348d835f2f6d3/reports/5fdda54a-0164-4d4e-a248-d07ec3780d8a/overview, https://app.threat.zone/submission/ef60d9bd-bd97-4859-8e58-4f670d1f1783/overview, https://www.filescan.io/uploads/6888ec9fa16348d835f2f6d3/reports/21f7ed2c-7815-49f0-8697-998b341df34a/overview, https://tip.neiki.dev/file/9c8ee51b61019f9820cd151b3f3a5a9a0309787a46bd37fa877c5c95b633b5cb, https://hybrid-analysis.com/sample/f66f2b730bec1c6927aa86503dfb22fc8d03a2f9e871ae6269d2a3ed29dc48e5, https://hybrid-analysis.com/sample/902574c9ffd06678d769ae3db96b3957269c45617ad8e2feead4d02f5f3da106/6888ec5bd7a73585560d2ddd, https://hybrid-analysis.com/sample/832dde85e22a6de8081cdb46fcc7d8f2ae104bbdae54c5dc75d2a6272a0bd431/6888ec5cfd974c2a5b0f1cfa, https://hybrid-analysis.com/sample/12f05b32365a6fc40b30d108ea0dc730f662c6ee48c0feccf7cb43263a0a8166/6888ec5d423dabf7de0872d7, https://hybrid-analysis.com/sample/81a2725b94bf9f6cf0efae1c32731d59521da6d16cff43025a1fdf1856922423/68a4968f55899ebf7f05e3ec, https://hybrid-analysis.com/sample/81a2725b94bf9f6cf0efae1c32731d59521da6d16cff43025a1fdf1856922423, https://www.filescan.io/uploads/68a490a2a4bdac9f5b9e8513/reports/5e92a183-d74e-494c-8e7a-f40606b3915b/overview, https://metadefender.com/results/file/bzI1MDgxOTZFa0hhbjliVzliaVdYM0dwTnZ0_mdaas, https://metadefender.com/results/file/bzI1MDgxOWtoRHVibTFqTWN4VktZUEl6VWJr_mdaas, https://polyswarm.network/scan/results/file/015c834dc13c1a1a0a5a698a7f6fe539495a2408ba1ee7c1bda8dadf614b8415, https://metadefender.com/results/file/bzI1MDMwMVFWaXRDS0hpWElYcnV0QllCYlB1, https://mwdb.cert.pl/file/efb45096e24a61b488eb809bd8edf874d15bb498dd75ced8b888b020c87e5c6c, https://n0paste.eu/UH6n5pD/, https://www.trendmicro.com/en_us/research/24/a/pawn-storm-uses-brute-force-and-stealth.html, https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/l/pawn-storm-uses-brute-force-and-stealth-against-high-value-targets-/iocs-pawn-storm-uses-brute-force-and-stealth-against-high-value-targets.txt, .ICE-unix, .org.chromium.Chromium.12ZdF3, .vbox-mrkd-ipc, @tmp, .org.chromium.Chromium.T2jdbS, .X11-unix, albert_yt_ynb2tftv, fish.root, 20230816_202710-scantemp.b14ff4bc3a, plasma-csd-generator.LTvjbT, pytest-of-mrkd, runtime-root, systemd-private-28f1c54986a24a4fa12e1cfe0bb09aa0-ananicy-cpp.service-U5RKxp, .org.chromium.Chromium.coQnti, systemd-private-28f1c54986a24a4fa12e1cfe0bb09aa0-bluetooth.service-7fh2tg, bauh@mrkd, systemd-private-28f1c54986a24a4fa12e1cfe0bb09aa0-iwd.service-jnpcHR, .org.chromium.Chromium.8GBhMA, systemd-private-28f1c54986a24a4fa12e1cfe0bb09aa0-polkit.service-CfCUQZ, systemd-private-28f1c54986a24a4fa12e1cfe0bb09aa0-systemd-logind.service-Q9OYbj, systemd-private-28f1c54986a24a4fa12e1cfe0bb09aa0-power-profiles-daemon.service-hSCDr7, .org.chromium.Chromium.HMzFxo, Temp-0c3dc677-7d66-4234-b14e-f604605b2d0c, tmp.D4NXyZ3U4J, systemd-private-28f1c54986a24a4fa12e1cfe0bb09aa0-uksmd.service-oAjI9s, Temp-0148ee46-b3e0-4c4b-aa55-b60c6b63eb6f, tmp.ziktUZeKXL, v8-compile-cache-0, tmp90lfbdek, tst-bz26353KOtJVp, v8-compile-cache-1000, .X0-lock, gitstatus.POWERLEVEL9K.1000.6339.1692232717.2.xtrace.log, Temp-4d7e99a7-2d45-4347-a3b6-b64e3ae65e2e, gitstatus.POWERLEVEL9K.1000.6339.1692232717.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.8928.1692232861.2.xtrace.log, gitstatus.POWERLEVEL9K.1000.8928.1692232861.1.daemon.log, gitstatus.POWERLEVEL9K.1000.6339.1692232717.1.daemon.log, gitstatus.POWERLEVEL9K.1000.6339.1692232717.2.daemon.log, gitstatus.POWERLEVEL9K.1000.9950.1692233029.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.10525.1692233087.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.10291.1692217508.1.daemon.log, gitstatus.POWERLEVEL9K.1000.9950.1692233029.1.daemon.log, gitstatus.POWERLEVEL9K.1000.10858.1692217566.1.daemon.log, gitstatus.POWERLEVEL9K.1000.11926.1692233325.1.daemon.log, gitstatus.POWERLEVEL9K.1000.11270.1692217597.1.daemon.log, gitstatus.POWERLEVEL9K.1000.12470.1692233381.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.8928.1692232861.2.daemon.log, gitstatus.POWERLEVEL9K.1000.10858.1692217566.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.11926.1692233325.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.12928.1692233448.1.daemon.log, gitstatus.POWERLEVEL9K.1000.10525.1692233087.1.daemon.log, gitstatus.POWERLEVEL9K.1000.13309.1692233456.1.daemon.log, gitstatus.POWERLEVEL9K.1000.13878.1692218150.1.daemon.log, gitstatus.POWERLEVEL9K.1000.28823.1692223670.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.12470.1692233381.1.daemon.log, gitstatus.POWERLEVEL9K.1000.23930.1692220492.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.13878.1692218150.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.28463.1692223667.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.75659.1692225165.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.28463.1692223667.1.daemon.log, gitstatus.POWERLEVEL9K.1000.78332.1692225277.1.daemon.log, gitstatus.POWERLEVEL9K.1000.82162.1692225750.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.81737.1692225737.1.daemon.log, gitstatus.POWERLEVEL9K.1000.75659.1692225165.1.daemon.log, gitstatus.POWERLEVEL9K.1000.81737.1692225737.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.78332.1692225277.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.82565.1692225764.1.daemon.log, gitstatus.POWERLEVEL9K.1000.82565.1692225764.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.82162.1692225750.1.daemon.log, gitstatus.POWERLEVEL9K.1000.83486.1692225808.1.daemon.log, gitstatus.POWERLEVEL9K.1000.83486.1692225808.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.83038.1692225779.1.daemon.log, gitstatus.POWERLEVEL9K.1000.83896.1692225820.1.daemon.log, gitstatus.POWERLEVEL9K.1000.83038.1692225779.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.84305.1692225848.1.daemon.log, gitstatus.POWERLEVEL9K.1000.84754.1692225891.1.daemon.log, gitstatus.POWERLEVEL9K.1000.122089.1692235219.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.84305.1692225848.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.154521.1692237692.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.84754.1692225891.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.122089.1692235219.1.daemon.log, gitstatus.POWERLEVEL9K.1000.155609.1692237756.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.83896.1692225820.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.237594.1692238521.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.154521.1692237692.1.daemon.log, gitstatus.POWERLEVEL9K.1000.155609.1692237756.1.daemon.log, gitstatus.POWERLEVEL9K.1000.237594.1692238521.1.daemon.log, gitstatus.POWERLEVEL9K.1000.240024.1692238828.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.237952.1692238535.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.240024.1692238828.1.daemon.log, gitstatus.POWERLEVEL9K.1000.241161.1692238939.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.240792.1692238921.1.daemon.log, gitstatus.POWERLEVEL9K.1000.247194.1692239163.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.237952.1692238535.1.daemon.log, gitstatus.POWERLEVEL9K.1000.248323.1692239206.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.247194.1692239163.1.daemon.log, gitstatus.POWERLEVEL9K.1000.253137.1692239505.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.248323.1692239206.1.daemon.log, gitstatus.POWERLEVEL9K.1000.263981.1692240121.1.daemon.log, gitstatus.POWERLEVEL9K.1000.253137.1692239505.1.daemon.log, gitstatus.POWERLEVEL9K.1000.263981.1692240117.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.263981.1692240121.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.267109.1692240136.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.267109.1692240136.1.daemon.log, gitstatus.POWERLEVEL9K.1000.267109.1692240155.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.267109.1692240155.1.daemon.log, gitstatus.POWERLEVEL9K.1000.267442.1692240150.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.267442.1692240143.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.263981.1692240117.1.daemon.log, gitstatus.POWERLEVEL9K.1000.268412.1692240156.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.317097.1692240795.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.267442.1692240150.1.daemon.log, gitstatus.POWERLEVEL9K.1000.268412.1692240179.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.2586196.1692243336.1.xtrace.log, gitstatus.POWERLEVEL9K.1000.268412.1692240179.1.daemon.log, gitstatus.POWERLEVEL9K.1000.345673.1692241474.1.daemon.log, gitstatus.POWERLEVEL9K.1000.2703415.1692243471.1.daemon.log, qtsingleapp-Notifi-4c42-3e8, gitstatus.POWERLEVEL9K.1000.2588447.1692243345.1.xtrace.log, memmemY_2MMv.c, gitstatus.POWERLEVEL9K.1000.2586196.1692243336.1.daemon.log, gitstatus.POWERLEVEL9K.1000.2703415.1692243471.1.xtrace.log, qtsingleapp-Notifi-4c42-3e8-lockfile, stdbool.hcc0B2j.c, strlcatmMvE1V.c, qtsingleapp-Octopi-1d88-3e8-lockfile, strlcpydb8x03.c, stdbool.ht64kj6qw.c, qtsingleapp-Octopi-1d88-3e8, gitstatus.POWERLEVEL9K.1000.267442.1692240143.1.daemon.log, https://hybrid-analysis.com/sample/43b03483bf2b292ebb1b33469ab4b19e2ac84b1c86c0f34f60adab4bc64176b9, https://hybrid-analysis.com/sample/320a60044adeccec22937423e859d2b095e976698133e37a83e019ce08c8bc0c, https://hybrid-analysis.com/file-collection/64dfee6a3329552c91026445, https://hybrid-analysis.com/sample/79e3317a07b12a977f7fda3463779055bbfec748e7fae4c2c1d1cb9bb8e408ca, https://hybrid-analysis.com/sample/8c7c7246468ffeffe01617b597622cd237fa334fb24dc4977fcac398bbe0df80, https://hybrid-analysis.com/sample/79e3317a07b12a977f7fda3463779055bbfec748e7fae4c2c1d1cb9bb8e408ca/64dff1fbeab7dc252b0e56a6, https://www.virustotal.com/gui/file/79e3317a07b12a977f7fda3463779055bbfec748e7fae4c2c1d1cb9bb8e408ca/details, https://otx.alienvault.com/indicator/file/5820da0bbae4f091dc0248e566d8f1076fd81485d1893effa14cdc1dc122f1fd, https://raw.githubusercontent.com/ShadowWhisperer/BlockLists/master/Lists/Malware
- subdomains count
- 17
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 4 years ago · Last seen 13 days ago
Appeared in 3 threat reports