DomainMediumSignal 0/100

`rarecrew.com`

First Seen

Sep 25, 2025

Last Seen

Sep 27, 2025

Sep 25

First Seen

270d ago

Sep 27

Last Seen

269d ago

Reports

source reports

Confidence

medium

Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

Signal Score

0 / 100

IDS Rule

Threat Context

Feed Intelligence Summary

2 reports0% confidence

Source reports

Confidence score

Category tags

indicatornetworkresearched

Activity Timeline

1 total obs

Sep 27Sep 27

Threat Activity Heatmap

· Peak: 2025-09-27

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Intelligence SummaryAI Generated

The domain **rarecrew.com** has emerged as a significant indicator of compromise (IOC) in recent threat intelligence reports, first observed on September

Threat ScoreLow Risk

SIGNAL

Signal Score

Confidence

Reports

First seenSep 25, 2025

Last seenSep 27, 2025

VirusTotal

Not checked

WHOIS

description: Downloads to targeted person’s networks, Smart TV, and other devices , Win.Trojan.Emotet-9850453-0 , Worm:Win32/AutoRun!atmn IDS Detections W32.Bloat-A Checkin Suspicious Dynamic DNS Update Request Suspicious User-Agent (MyApp) DYNAMIC_DNS Query to Abused Domain *.mooo.com Yara Detections Zeppelin_30 , Zeppelin_19 , ConventionEngine_Term_Desktop , ConventionEngine_Term_Users , Delphi Alerts: procmem_yara process_creation_suspicious_location multiple_useragents network_bind network_cnc_https_socialmedia persistence_autorun cape_detected_threat network_cnc_https_socialmedia antivm_generic_disk infostealer_cookies infostealer_keylog , File Win.Trojan.Emotet-9850453-0 , Worm:Win32/AutoRun!atmn IDS Detections : W32.Bloat-A Checkin | Suspicious Dynamic DNS Update Request | Suspicious User-Agent (MyApp) | DYNAMIC_DNS Query to Abused Domain | *.mooo.com BobSoft Mini Delphi -> BoB / BobSoft

`rarecrew.com`

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey