DomainHighVerifiedSignal 26/100

`nsoftgetpc.com`

Location

United States

First Seen

Jul 8, 2025

Last Seen

Mar 24, 2026

Jul 8

First Seen

341d ago

Mar 24

Last Seen

82d ago

Reports

source reports

26%

Confidence

high

Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

26%

Signal Score

26 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

159 techniques

Feed Intelligence Summary

5 reports26% confidence

Source reports

26%

Confidence score

Category tags

abuseadvanced persistent threatamazonappleaptapt groupberbewbingbotnetcaretocivilcivil servicescivilian targetingcode injectioncommand and controlcommunication technologiescompromised routercompromised softwarecredential harvestingcrimedata exfiltrationdata theftddos attacksdefense evasiondefense-evasiondistributed attacksdnselectronic health recordsencrypted connectionsendgameenterprise securityeu cyber policieseuropeexploitfirmware infectionfirmware modificationformbook stealergooglegovernment technologyhackershealth care and social assistancehealth information technologyhealthcare information systemshospital managementhtml smugglinghtml_smugglingindicatorinformation technologyingress tool transferintelligence agency surveillanceinternet of thingsiosios malwareiot botnetiot/ics attackit infrastructureitop vpnjavalaw enforcement surveillancelazarus grouplinklinuxlinux malwaremacmalicious softwaremalwaremalware campaignmalware distributionmass surveillancemedical servicesmirai botnetmobilemobile carriersmobile malwaremobile networksmobile securitymobile spywarenetworknorth americansonso groupoperating systemparagonpatch managementpatient carepdfpdf exploitpegasuspegasus projectpeoplephishingphishing attackpoliceprocess injectionpublic administrationpublic infrastructurepublic policyregional securityregulatory agenciesremote accessremote access trojanresearchedsamsungsecurity operationsskynetsmssms exploitsocial engineeringsoftware developmentsoftware piracysoftware vulnerabilitiessonystatestate-promovedstate-sponsoredstealersupply chain attackt1001t1003t1003.001t1003.004t1004t1005t1011t1016t1018t1019t1020t1021.001t1021.006t1027t1036t1037t1037.003t1041t1053t1055t1055.001t1056t1059t1059.001t1059.004t1059.007t1062t1064t1068t1069.001t1070t1071t1071.001t1071.004t1076t1078t1078.004t1082t1084t1087t1088t1094t1105t1110t1113t1114.002t1130t1133t1156t1185t1187t1189t1190t1192t1193t1195t1199t1202t1204t1204.001t1204.002t1205t1210t1211t1212t1218.001t1485t1486t1490t1491t1495t1496t1497t1499.002t1499.003t1505t1529t1530t1539t1543t1546t1547t1552t1553t1553.003t1553.004t1555t1556t1557t1562t1563.002t1564t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1568t1569t1571t1573t1574t1578t1580t1583t1584t1585t1586t1587t1587.003t1588t1588.002t1588.006t1589t1590t1591t1592t1593t1594t1595t1596t1596.001t1596.004t1597t1598t1599t1600t1601t1602t1602.001t1602.002t1606t1608t1609t1610t1611t1612t1613t1614t1615t1619t1620t1621t1622t1647t1648t1649t1650t1651t1652t1653t1654t1656t1657t1659t1665t1666targeted spyware campaigntargeted-attackstelecom servicestelecommunicationsthreat intelligencetraffic maskingtrojan distributiontrojan downloadertrojan malwareunited statesweb exploitationwindows malwarewixzero click exploitzero-day exploit

Activity Timeline

1 total obs

Mar 24Mar 24

Threat Activity Heatmap

· Peak: 2026-03-24

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Intelligence SummaryAI Generated

The domain **nsoftgetpc.com** has been identified as a critical indicator of compromise (IOC) associated with advanced persistent threat (APT) activities originating from the United States. First observed on July

Threat ScoreLow Risk

SIGNAL

Signal Score

26%

Confidence

Reports

First seenJul 8, 2025

Last seenMar 24, 2026

Verified IOC

VirusTotal

Not checked

WHOIS

description: Operation Endgame 2: Mass, permanent surveillance targeting civilians without warrants. Advanced tools infect devices via malicious links (WhatsApp/SMS/email) or PDFs with zero-day exploits. Clicking executes malware: Pegasus (Android/iOS) or Mirai (Linux/Windows), enrolling devices into a botnet. Infections are persistent, often replacing device/router firmware, requiring hardware changes. Malicious traffic hides via Google/Cloudflare DNS. Thousands of companies collaborate (Amazon, Google, Microsoft, Facebook, WhatsApp, Apple, etc.), providing servers, domains, and websites to mask attacks. This enables agencies to infect targets even when accessing legitimate services (e.g., logging into Amazon) if the browser is vulnerable. Attacks are targeted, evading firewalls, and expose private data, risking targets' physical safety. The operation involves multiple allied states.
domain rank: -1
raw: Administrative city: Reykjavik Administrative country: Iceland Administrative email: [email protected] Administrative state: Capital Region Create date: 2024-11-21 00:00:00 Domain name: nsoftgetpc.com Domain registrar id: 1068 Domain registrar url: http://www.namecheap.com Expiry date: 2025-11-21 00:00:00 Name server 1: tiffany.ns.cloudflare.com Name server 2: leonard.ns.cloudflare.com Query time: 2024-11-22 14:45:33 Registrant city: ddbf76e4e8cee320 Registrant company: 4b7a0912c26a13e2 Registrant country: Iceland Registrant email: [email protected] Registrant name: 37bfbc24cafea5d2 Registrant phone: 8887f09f69a004c2 Registrant state: 3e0204199d8ebf9c Registrant zip: f206c9d9737ad45d Technical city: Reykjavik Technical country: Iceland Technical email: [email protected] Technical state: Capital Region Update date: 2024-11-21 00:00:00
subdomains count: 0

`nsoftgetpc.com`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy