DomainMediumSignal 100/100

`ms.wsupdatecloud.net`

Location

Canada

First Seen

Jul 5, 2025

Last Seen

Jun 20, 2026

Jul 5

First Seen

357d ago

Jun 20

Last Seen

7d ago

Reports

source reports

99%

Confidence

medium

Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

99%

Signal Score

100 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

53 techniques

Feed Intelligence Summary

9 reports99% confidence

Source reports

99%

Confidence score

Category tags

active scanningaisocaisoc dnsakamaiaptaptq95asp.net backdoorassessment blogattack targetsbackdoorblogbotnetbuilding constructioncanadacanada daychamd5 blogchiselchisel malwarecommand and controlcommunications networksconstruction materialsconstruction safetyconstruction technologycontactcredential accesscredential harvestingcritical infrastructurecustom malwaredata exfiltrationdefense systemsdetection tooldistributed attacksdll injectionemergency servicesenergyenergy distributionenergy systemsexchange serverexploitationfileless malwarefilesfinancial systemsfraud riskgogovernment facilitiesgrouphigh-tech sectorindicatoriot icslateral movementmalicious dllmalicious softwaremalwarememory injectionmicrosoft exchangenetworknetwork probingnighteaglenighteagle aptnorth americaoil & gasowa/authpathsphishingphishing attackpost-exploitationpower generationpower systemsprocess injectionr1090reconnaissanceremote accessrenewable energyresearchedsoarsocial engineeringstringssupply chain attackt1003t1003.003t1005t1008t1027t1027.002t1041t1053.005t1055t1059t1059.001t1059.003t1059.004t1068t1070t1071t1071.001t1071.004t1078t1083t1090t1090.001t1090.003t1105t1114.002t1133t1189t1190t1204.002t1205.001t1486t1496t1499.002t1499.003t1505.003t1518.001t1552.001t1555t1565t1565.001t1566t1566.001t1566.002t1566.003t1566.004t1567.002t1568.002t1573.001t1583.001t1584.004t1595.001t1595.002t1595.003the constant companytransportation networkstucowsus-based c2water systemsweb shellzero-day exploit

Activity Timeline

1 total obs

Jun 20Jun 20

Threat Activity Heatmap

· Peak: 2026-06-20

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Intelligence SummaryAI Generated

The domain ms.wsupdatecloud.net has emerged as a significant indicator of compromise (IOC) associated with multiple cyber threats, including botnet activity, malware distribution, and phishing campaigns. First observed on July

Threat ScoreHigh Risk

100

SIGNAL

Signal Score

99%

Confidence

Reports

First seenJul 5, 2025

Last seenJun 20, 2026

VirusTotal

Not checked

WHOIS

registrar: Dynadot Inc
raw: Creation Date: 2025-07-04T09:47:44Z DNSSEC: unsigned Domain Name: WSUPDATECLOUD.NET Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: CHIP.NS.CLOUDFLARE.COM Name Server: SANDY.NS.CLOUDFLARE.COM Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +16502620100 Registrar IANA ID: 472 Registrar URL: http://www.dynadot.com Registrar WHOIS Server: whois.dynadot.com Registrar: Dynadot Inc Registry Domain ID: 2997371443_DOMAIN_NET-VRSN Registry Expiry Date: 2026-07-04T09:47:44Z Updated Date: 2025-07-04T09:52:38Z

`ms.wsupdatecloud.net`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey