IOC Radar
DomainMediumSignal 74/100

palgong-cc.co.kr

Location
Korea, Republic ofKorea, Republic of
First Seen
Oct 22, 2025
Last Seen
Mar 5, 2026
Oct 22
First Seen
235d ago
Mar 5
Last Seen
101d ago
7
Reports
source reports
74%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
74%
Signal Score
74 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

27 techniques

Feed Intelligence Summary

7 reports74% confidence
7
Source reports
74%
Confidence score
Category tags
aerospace & defenseaptapt38 activitybangladesh bank heistbankingbitcoinblockchainbluenoroffcisa kevcivil servicescommodity contracts intermediationcommunications networkscredit card servicescritical infrastructurecrypto exchangecrypto miningcrypto walletcryptocurrencycryptocurrency threatscryptojackingcyber threatsdecentralized financedefensedefense contractingdefense logisticsdefense systemsdefense technologydiamond sleetdigital currencydtrackelectronic health recordsemergency servicesenergy systemsexploit availablefastcashfilesfinancefinancial motivationfinancial servicesfinancial systemsfinancial technologygovernment facilitiesgovernment technologygroup campaignguardians of peacehaobaohealth care and social assistancehealth information technologyhealthcare information systemshidden cobrahospital managementimpactin the wildindicatorkeyloggerkorea, republic oflazaruslazarus grouplazarus threatmajormalware emailmatamediamedical servicesmilitary operationsnational securitynetworknickel academyoperating systemoperation dreampatient carepayment processingpublic administrationpublic infrastructurepublic policyransomwareratsregulatory agenciesresearchedresource hijackingsabotageserviceshadow brokersslowsony pictures attackswiftt1021.001t1027.002t1041t1047t1048.003t1053t1055t1059t1068t1069.001t1071t1074t1078t1095t1134.002t1189t1204.002t1486t1496t1499.001t1547.001t1561.001t1566t1566.001t1567.002t1574.001t1574.012teamtflowerthemidathreattradertraitortransportation networkswannacrywater systemswealth managementzinc

Activity Timeline

1 total obs
Mar 5Mar 5

Threat Activity Heatmap

· Peak: 2026-03-05
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
74
SIGNAL
Signal Score
74%
Confidence
7
Reports
First seenOct 22, 2025
Last seenMar 5, 2026

VirusTotal

Not checked

WHOIS

registrar
Whois Corp.(http://whois.co.kr)
creation date
2008-07-02T00:00:00
expiration date
2028-07-02T00:00:00
updated date
2022-03-11T00:00:00
name servers
ns1.whoisdomain.kr, ns2.whoisdomain.kr, ns3.whoisdomain.kr, ns4.whoisdomain.kr

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 7 months ago · Last seen 3 months ago
Appeared in 7 threat reports