DomainMediumSignal 78/100

`mofa.ungov.org`

Location

Turkey

First Seen

Jul 2, 2021

Last Seen

Feb 19, 2026

Jul 2

First Seen

1819d ago

Feb 19

Last Seen

126d ago

Reports

source reports

78%

Confidence

medium

Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

78%

Signal Score

78 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

10 techniques

Feed Intelligence Summary

7 reports78% confidence

Source reports

78%

Confidence score

Category tags

botnetcertcommand and controlcredential harvestingdata exfiltrationdistributed attacksindicatormalicious softwaremalwarenetworkphishing attackprocess injectionresearchedsocial engineeringt1055t1071.001t1486t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003turkey

Activity Timeline

1 total obs

Feb 19Feb 19

Threat Activity Heatmap

· Peak: 2026-02-19

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Intelligence SummaryAI Generated

The domain **mofa.ungov.org** has been identified as a significant indicator of compromise (IOC) associated with botnet and malware activities, originating from Turkey. First observed on July

Threat ScoreHigh Risk

SIGNAL

Signal Score

78%

Confidence

Reports

First seenJul 2, 2021

Last seenFeb 19, 2026

VirusTotal

Not checked

WHOIS

registrar: IONOS SE
creation date: 2025-10-13T20:27:45
expiration date: 2026-10-13T20:27:45
updated date: 2025-10-18T20:28:07
name servers: ns1050.ui-dns.biz, ns1089.ui-dns.com, ns1089.ui-dns.org, ns1125.ui-dns.de
emails: [email protected]
status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited

`mofa.ungov.org`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey