DomainHighVerifiedSignal 49/100
stmod.net
Location
United StatesFirst Seen
Jan 19, 2024
Last Seen
May 30, 2026
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
49%
Signal Score
49 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
5 reports49% confidence
5
Source reports
49%
Confidence score
Category tags
access attaccess controlaccount compromiseaddressafraidagent teslaamerica flagapanasappdataarialascii textbackdoorblacklisted urlsbodyck idck idsclick-based attackcloud servicescloud storagecode executioncode injectioncommandcommand and controlcommand executioncompromised websitescontactcorecreation datecredential accesscredential harvestingcredential theftdata accessdata breachdata copyingdata exfiltrationdata transferdefense evasiondelphidevice driverdynamic dnsdynamicloaderebayencryptenougherrorexploit kitexploit kitsexternal systemfastfilesfiles ipfinancefontform grabbingfraudfyfdzguardhighhosthostinghostname addhostname enumerationhostshttp headerhttp outboundhybridiepgqindicatorinformation gatheringinfrastructure acquisitionreconnaissanceingress tool transferinput validation bypassinternet ltdipurl artifactipv4 addlaptoplaw firmslearnlocallookmalicious domainsmalicious downloadmalicious file downloadmalicious linksmalicious powershell activitymalicious softwaremalicious url blacklistmalwaremalware distributionmalwarexgen attmedia centermediummetadata analysismitre attmodrgmovedmsiemsilmyappname serversname tacticsnetworknetwork relatednetwork scanningnetwork trafficnevernidsnorth americaok serverpalantir abusepassive dnspath traversalpattern matchphishingphishing attackpremiumpresent augpresent julpresent marpresent octpresent sepprivate investigatorsprocess injectionreconnaissancerefreshremote accessremote servicesresearchedrestartreverse dnssabeyscripting attackssearchsecurity policysends trafficshow techniquesizeslcc2social engineeringsocial media securitysoftware exploitationsokolove lawspamspanspawnsstringssystems foundt1003t1005t1021t1027t1030t1040t1041t1045t1053t1055t1056t1057t1059t1059.001t1060t1069t1070t1071t1071.001t1078t1086t1096t1105t1106t1112t1113t1119t1129t1132t1133t1140t1189t1190t1199t1203t1204t1204.001t1204.002t1480t1480 executiont1486t1499.001t1528t1553t1555t1565t1566t1566 phishingt1566.001t1566.002t1566.003t1567.001t1573t1587.001t1589.001t1590t1590.001t1598tablettempthreat preventiontitletoolstrlewtrojan malwaretrojandroppertwitterunitedunited statesurlsuser executionverifyweb application exploitationweb securitywebsitewelcomewin32 malwarewindows malwarewindows ntwormwritewrite cyara rulezegost
Activity Timeline
May 30May 30
Threat Activity Heatmap
· Peak: 2026-05-30LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated
The domain **stmod.net**, originating from the United States, has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats. First observed on January
Threat ScoreMedium Risk
49
SIGNAL
Signal Score
49%
Confidence
5
Reports
First seenJan 19, 2024
Last seenMay 30, 2026
Verified IOC
VirusTotal
Not checked
WHOIS
- registrar
- HOSTINGER operations, UAB
- domain rank
- -1
- raw
- Creation Date: 2020-12-25T21:37:33Z DNSSEC: unsigned Domain Name: STMOD.NET Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: NS1.DNS-PARKING.COM Name Server: NS2.DNS-PARKING.COM Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +37064503378 Registrar IANA ID: 1636 Registrar URL: http://www.hostinger.com Registrar WHOIS Server: whois.hostinger.com Registrar: HOSTINGER operations, UAB Registry Domain ID: 2580870717_DOMAIN_NET-VRSN Registry Expiry Date: 2025-12-25T21:37:33Z Updated Date: 2025-04-24T07:56:41Z
- subdomains count
- 4
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
highFirst detected 2 years ago · Last seen 11 days ago
Appeared in 5 threat reports