DomainMediumSignal 92/100
melbournedistillingco.com.au
Location
United StatesFirst Seen
Apr 14, 2025
Last Seen
Feb 5, 2026
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
92%
Signal Score
92 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
7 reports92% confidence
7
Source reports
92%
Confidence score
Category tags
acrstealeragenttesla malware activityamadeyasciiasyncratbackdoorbotnetbotnetdomainbraodocensyscobaltstrikecoinminercommand and controlcommand executioncredential theftdata exfiltrationdcratddos attacksdistributed attacksdropped-by-acrstealerdropped-by-amadeyelfencodedexegafgytguloaderhajimeindicatorinfostealeringress tool transferinternet of thingsiot botnetiot/ics attackjpg-base64-loaderlummastealermalicious powershell activitymalicious softwaremalwaremetastealermirai botnetmoobotmozimsinetworknorth americaopendirprocess injectionps1quasarratratremcosratremote accessresearchedrev-base64-loadersaint helena, ascension and tristan da cunhascripting attackssharksharkstealersshdkitstegot1005t1027t1055t1059t1059.001t1071t1071.001t1086t1105t1115t1133t1204.002t1486t1496t1499.002t1499.003t1565t1566t1573trojan malwareua-curlua-wgetunited statesvidarvipkeyloggerzip
Activity Timeline
Feb 5Feb 5
Threat Activity Heatmap
· Peak: 2026-02-05LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated
The domain **melbournedistillingco.com.au** has been identified as an active indicator of compromise (IOC) associated with botnet and malware activities. First observed on April
Threat ScoreHigh Risk
92
SIGNAL
Signal Score
92%
Confidence
7
Reports
First seenApr 14, 2025
Last seenFeb 5, 2026
VirusTotal
Not checked
WHOIS
- domain rank
- -1
- raw
- DNSSEC: unsigned Domain Name: melbournedistillingco.com.au Eligibility Type: Company Last Modified: 2025-08-17T10:51:25Z Name Server: ns71.domaincontrol.com Name Server: ns72.domaincontrol.com Registrant Contact ID: 789212cf82d91467 Registrant Contact Name: 9a7a480fbc5e7cb0 Registrant ID: 46e04dfb7cbc8921 Registrant: ff1db70295f1c4d0 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.4805058800 Registrar Name: GoDaddy.com LLC trading as GoDaddy.com Registrar URL: https://www.godaddy.com/en-au/contact-us Registrar WHOIS Server: whois.auda.org.au Registry Domain ID: 08db78d31c5340ed97b3951f51d56aa8-AU Status: clientHold https://identitydigital.au/get-au/whois-status-codes#clientHold Status: clientUpdateProhibited https://identitydigital.au/get-au/whois-status-codes#clientUpdateProhibited Status: pendingDelete https://identitydigital.au/get-au/whois-status-codes#pendingDelete Status: redemptionPeriod https://identitydigital.au/get-au/whois-status-codes#redemptionPeriod Status: serverRenewProhibited https://identitydigital.au/get-au/whois-status-codes#serverRenewProhibited Tech Contact ID: 577c5e8185724405803269a85d884b65-AU
- references
- https://urlhaus.abuse.ch/browse/, https://www.virustotal.com/graph/g256dbe5c638b43eaaedc6cdea6a5c47293c697915e984f63b1879ea874c72669
- subdomains count
- 8
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 4 months ago
Appeared in 7 threat reports