IOC Radar
DomainMediumSignal 63/100

nerdlabsoftware.com

Location
CanadaCanada
First Seen
Oct 20, 2025
Last Seen
May 24, 2026
Oct 20
First Seen
229d ago
May 24
Last Seen
13d ago
7
Reports
source reports
63%
Confidence
medium
15/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
63%
Signal Score
63 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Feed Intelligence Summary

7 reports63% confidence
7
Source reports
63%
Confidence score
Category tags
brute forcecanadacompromised infrastructurecredential harvestingcredential stuffingeuropeidentity & access exploitationindicatormalicious domain disseminationmalwaremalware hostingnetworknorth americaphishphishingphishing attackpolandpolcertresearchedsocial engineeringt1105t1566t1566.001t1566.002t1566.003t1588t1588.002

Activity Timeline

1 total obs
May 24May 24

Threat Activity Heatmap

· Peak: 2026-05-24
Less
More
Mon
Wed
Fri
Jun
·
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), the domain `nerdlabsoftware.com`, represents a significant and immediate threat to organizational security. Its high threat score and inclusion in multiple reputable phishing and malicious domain lists underscore its potential involvement in active malicious campaigns. The domain is strongly associated with phishing techniques, suggesting its use in attempts to acquire sensitive information or gain initial access to target systems. If left unaddressed, communi…

Threat ScoreMedium Risk
63
SIGNAL
Signal Score
63%
Confidence
7
Reports
First seenOct 20, 2025
Last seenMay 24, 2026

VirusTotal

15/ 91vendors flagged
16% detection rateJun 3, 2026

WHOIS

registrar
TUCOWS.COM, CO.
creation date
2017-04-07T17:00:01
expiration date
2027-04-07T17:00:01
updated date
2025-12-28T17:30:26
name servers
NS1.HOVER.COM, NS2.HOVER.COM
country
CA
emails
[email protected], [email protected], [email protected]
org
Contact Privacy Inc. Customer 0147962233
status
clientTransferProhibited https://icann.org/epp#clientTransferProhibited, clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 7 months ago · Last seen 13 days ago
Appeared in 7 threat reports