IOC Radar
DomainHighVerifiedSignal 80/100

shampobiskworld.nl

Location
GermanyGermany
First Seen
Jun 16, 2026
Last Seen
Jun 18, 2026
Jun 16
First Seen
12d ago
Jun 18
Last Seen
9d ago
6
Reports
source reports
80%
Confidence
high
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
80%
Signal Score
80 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

23 techniques

Feed Intelligence Summary

6 reports80% confidence
6
Source reports
80%
Confidence score
Category tags
ai-themed luresasyncratchinese threat actoreuropegermanyindicatorinjection activitymalwaremulti-stage infectionnetworkphishingprocess hollowingreflective injectionresearchedscheduled taskst1027t1036t1053.005t1055.012t1059t1059.001t1059.003t1059.005t1070.004t1071.001t1082t1095t1106t1112t1113t1140t1204t1204.001t1218.011t1497t1562.001t1566t1573.001threat actortor nodetrojan

Activity Timeline

1 total obs
Jun 18Jun 18

Threat Activity Heatmap

· Peak: 2026-06-18
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

This indicator of compromise (IOC), `shampobiskworld.nl`, represents a critical threat to organizational security, evidenced by its high threat score of 79.96 and explicit association with malicious activity. The domain is implicated in a documented campaign where threat actors weaponize AI hype to distribute the `AsyncRAT` malware. If left unaddressed, this IOC poses a severe risk of facilitating unauthorized remote access, extensive data exfiltration, and the establishment of persistent footho…

Threat ScoreHigh Risk
80
SIGNAL
Signal Score
80%
Confidence
6
Reports
First seenJun 16, 2026
Last seenJun 18, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

domain rank
-1
raw
Creation Date: 2026-03-30 DNSSEC: no Domain name: shampobiskworld.nl Status: active Updated Date: 2026-04-18 ns1.sedoparking.com ns2.sedoparking.com
references
https://www.fortinet.com/blog/threat-research/threat-actors-weaponize-ai-hype-to-deliver-asyncrat
subdomains count
4

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 12 days ago · Last seen 9 days ago
Appeared in 6 threat reports