IOC Radar
DomainMediumSignal 83/100

ollx.65465377.xyz

First Seen
Apr 9, 2025
Last Seen
Apr 6, 2026
Apr 9
First Seen
430d ago
Apr 6
Last Seen
68d ago
8
Reports
source reports
83%
Confidence
medium
14/91
VirusTotal
detections
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
83%
Signal Score
83 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

20 techniques

Feed Intelligence Summary

8 reports83% confidence
8
Source reports
83%
Confidence score
Category tags
botnetbotnet activitybrand impersonationbrute forcecommand and controlcredential harvestingcredential stuffingdata exfiltrationdata store exposuredeceptive contentdgadistributed attacksexploitation activityhexidentity & access exploitationindicatorinjection activitylink injectionmalicious domainsmalicious softwaremalwaremalware distributionnetworkphishphishingphishing attackphishing campaign detectedphishing campaign detectionpolcertprocess injectionresearchedsocial engineeringt1048t1055t1071t1071.001t1189t1192t1204t1204.001t1486t1496t1499.002t1499.003t1534t1565t1566t1566.001t1566.002t1566.003t1598t1598.003

Activity Timeline

1 total obs
Apr 6Apr 6

Threat Activity Heatmap

· Peak: 2026-04-06
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), the domain ollx.65465377.xyz, represents a significant and active threat to organizational security. With a high score of 82.9 and no whitelist status, it is strongly associated with malicious activities, particularly phishing and potential command and control operations. Its presence within an environment could serve as an initial entry point for attackers, leading to credential theft, malware deployment, or the establishment of persistent access. Such compro…

Threat ScoreHigh Risk
83
SIGNAL
Signal Score
83%
Confidence
8
Reports
First seenApr 9, 2025
Last seenApr 6, 2026

VirusTotal

14/ 91vendors flagged
15% detection rateJun 3, 2026

WHOIS

raw
Create date: 2025-04-08 00:00:00 Domain name: 65465377.xyz Domain registrar id: 1606 Domain registrar url: https://www.reg.ru/ Expiry date: 2026-04-08 00:00:00 Name server 1: jerome.ns.cloudflare.com Name server 2: gabriella.ns.cloudflare.com Query time: 2025-04-09 13:05:21 Registrant company: d1cc1d1ae958d014 Registrant country: Poland Registrant email: 29e2c061f3c9524es@ Registrant state: 1e9acc27bbce341a

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 8 threat reports