IOC Radar
DomainMediumSignal 82/100

serverlogs37.xyz

Location
GermanyGermany
First Seen
Jun 19, 2023
Last Seen
Feb 19, 2026
Jun 19
First Seen
1090d ago
Feb 19
Last Seen
114d ago
10
Reports
source reports
82%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
82%
Signal Score
82 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

2 techniques

Feed Intelligence Summary

10 reports82% confidence
10
Source reports
82%
Confidence score
Category tags
8baseaptautomotive manufacturingbankingbelleza equiposbewareblackciudadcredit card servicesdata encryptionelectronics manufacturingencryptioneuropeextortionfinancefinance and insurancefinancial servicesfinancial technologygermanyget requestindicatorindustrial automationindustrial iotindustrial productioninformation technologyiot securityit infrastructureleer mslocalmalwaremanufacturing technologymobile threatnetworkpayment processingphobosphobos variantpolticaprocess manufacturingquality controlraasransom groupransomhouseransomwareresearchedsalaservicesmokeloadersoftware developmentsummersupply chain attacksupply chain managementsystem disruptionsystembct1486t1490threat actortor nodetwitterutensiliosvaporalvistavmware carbonwealth managementwishlist vistawordxyz data

Activity Timeline

1 total obs
Feb 19Feb 19

Threat Activity Heatmap

· Peak: 2026-02-19
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
82
SIGNAL
Signal Score
82%
Confidence
10
Reports
First seenJun 19, 2023
Last seenFeb 19, 2026

VirusTotal

Not checked

WHOIS

registrar
Stichting Registrar of Last Resort Foundation
domain rank
-1
raw
Creation Date: 2023-06-09T14:58:51.0Z DNSSEC: unsigned Domain Name: SERVERLOGS37.XYZ Domain Status: pendingDelete https://icann.org/epp#pendingDelete Domain Status: redemptionPeriod https://icann.org/epp#redemptionPeriod Domain Status: serverHold https://icann.org/epp#serverHold Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited Name Server: DE-A.SINKHOLE.SHADOWSERVER.ORG Name Server: DE-B.SINKHOLE.SHADOWSERVER.ORG Registrant Country: US Registrant Email: f651612a2f356ad3s@ Registrant Organization: 92ce981a2b124200 Registrant State/Province: b1952dfc047df18a Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +31.206717452 Registrar IANA ID: 2482 Registrar URL: https://www.rolr.eu Registrar WHOIS Server: whois.rolr.eu Registrar: Stichting Registrar of Last Resort Foundation Registry Domain ID: D373725804-CNIC Registry Expiry Date: 2025-06-09T23:59:59.0Z Updated Date: 2024-08-14T13:03:37.0Z
references
https://blogs.vmware.com/security/2023/06/8base-ransomware-a-heavy-hitting-player.html
subdomains count
2

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 3 months ago
Appeared in 10 threat reports