DomainMediumSignal 100/100

`moufflcmgz.run`

Location

Estonia

First Seen

Jun 6, 2025

Last Seen

Feb 23, 2026

Jun 6

First Seen

373d ago

Feb 23

Last Seen

111d ago

Reports

source reports

99%

Confidence

medium

Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

99%

Signal Score

100 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

33 techniques

Feed Intelligence Summary

11 reports99% confidence

Source reports

99%

Confidence score

Category tags

attackbotnetbrowser infectionc2c2 communicationclipboard data theftcobalt strikecommand and controlcommunity managementcompromised accountcontent sharingcookie theftcookies stealercredential accesscredential stealingcrypto wallet stealercrypto wallet theftdata exfiltrationdata theftdgadigital platformsdistributed attacksestoniaeuropeform grabbinghavochavokiz havocindicatorinformation stealerinfostealerlummalumma infostealer activitylumma stealerlumma stealer activitylummastealermalicious activitymalicious softwaremalwaremalware distributionnetworknone vidarpassword stealerprocess injectionresearchedsocial analyticssocial mediasocial media attacksocial media marketingsocial media securitysocial networkingstealert1003t1005t1041t1055t1059t1059.001t1059.004t1071t1071.001t1071.004t1078t1081t1105t1115t1189t1483t1486t1496t1499.002t1499.003t1539t1552t1555t1555.001t1555.002t1555.003t1560t1565t1566t1566.001t1569.002t1573t1583.001threat actorthreat actor activitytwittertwitter malwareuser engagementvidarweb data theftx.com malware

Activity Timeline

1 total obs

Feb 23Feb 23

Threat Activity Heatmap

· Peak: 2026-02-23

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Intelligence SummaryAI Generated

The domain **moufflcmgz.run**, originating from Estonia, has been identified as a critical indicator of compromise (IOC) associated with botnet and command-and-control (C

Threat ScoreHigh Risk

100

SIGNAL

Signal Score

99%

Confidence

Reports

First seenJun 6, 2025

Last seenFeb 23, 2026

VirusTotal

Not checked

WHOIS

domain rank: -1
raw: Administrative city: REDACTED Administrative country: REDACTED Administrative state: REDACTED Create date: 2025-06-02 00:00:00 Domain name: moufflcmgz.run Domain registrar id: 303 Domain registrar url: http://www.PublicDomainRegistry.com Expiry date: 2026-06-02 00:00:00 Name server 1: dns3.regway.com Name server 2: dns2.regway.com Name server 3: dns4.regway.com Name server 4: dns1.regway.com Query time: 2025-06-03 11:11:12 Registrant city: 3495bcf1839c6374 Registrant company: cbb79ffb8659d8c8 Registrant country: Russia Registrant email: fb6ff66ef97c0518s@ Registrant fax: 3495bcf1839c6374 Registrant name: 3495bcf1839c6374 Registrant phone: 3495bcf1839c6374 Registrant state: 1c83644886e854ce Registrant zip: 3495bcf1839c6374 Technical city: REDACTED Technical country: REDACTED Technical state: REDACTED Update date: 2025-06-03 00:00:00
references: https://www.virustotal.com/graph/embed/gc46a4e8056a7450da632babf7573164dae8ee12a0f86421596e775d0067a6c81?theme=light, https://www.virustotal.com/gui/collection/88240b6df014a6ccd3077a3fee4605c3f4884451867f79d2516fb3f409bc0ba2, https://x.com/FABO97662188/status/1932118778625532413
subdomains count: 0

`moufflcmgz.run`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy