DomainHighVerifiedSignal 58/100

`signspace.cloud`

First Seen

Jun 2, 2026

Last Seen

Jun 2, 2026

Jun 2

First Seen

7d ago

Jun 2

Last Seen

7d ago

Reports

source reports

80%

Confidence

high

Found in 1 report. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

80%

Signal Score

58 / 100

IDS Rule

Yes

Threat Context

Threat Actors2

AAkira MMuddyWater

Malware Families4

AAkira LLumma RRhysida VVidar

Feed Intelligence Summary

1 report80% confidence

Microsoft Threat Intelligence

May 19, 2026

Exposing Fox Tempest: A malware-signing service operation

8 IOCs in report

Activity Timeline

1 total obs

May 19May 19

Threat Activity Heatmap

· Peak: 2026-05-19

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Intelligence SummaryAI Generated

The domain **signspace.cloud** has been identified as a critical indicator of compromise (IOC) associated with advanced persistent threat (APT) activities. First observed on June

Threat ScoreMedium Risk

SIGNAL

Signal Score

80%

Confidence

Reports

First seenJun 2, 2026

Last seenJun 2, 2026

Verified IOC

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

high

First detected 7 days ago · Last seen 7 days ago

Appeared in 1 threat report from 1 source

Associated with: Akira, MuddyWater

Used by malware: Akira, Lumma, Rhysida, Vidar

signspace.cloud

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

Related Reports

VirusTotal

Export & API

IOC Journey

`signspace.cloud`