IOC Radar
DomainMediumSignal 15/100

tiktokus.info

Location
JapanJapan
First Seen
Jul 8, 2025
Last Seen
Aug 8, 2025
Jul 8
First Seen
353d ago
Aug 8
Last Seen
322d ago
3
Reports
source reports
15%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
15%
Signal Score
15 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Feed Intelligence Summary

3 reports15% confidence
3
Source reports
15%
Confidence score
Category tags
active relatedafricaagentalertsanalysis dateasiaav detectionsbackdoorbotnetchinacode executioncode injectioncommand and controlcommand executioncomments createconnected devicescputype i386credential accessdata accessdata copyingdata encryptiondata exfiltrationdata transferddosddos attacksdelphidevice managementdistributed attackselfelf infoelf32 cryptoentrieseuropeexif dataextortionhostname enumerationhttp attacki386ids detectionsindicatorindustrial iotinformation gatheringinfrastructure acquisitionreconnaissanceingress tool transferinternet of thingsiot analyticsiot applicationsiot botnetiot platformsiot securityiot/ics attackipv4japankey valuekingdomlinuxmalicious linksmalicious softwaremalwaremalware distributionmedium riskmirai botnetmozillamtb descriptionnetworknetwork scanningoperating systemphishingpostprocess injectionproperty valuepulse pulsespwsransomwareransomware activity detectedransomx-genreconnaissanceremote accessremote servicesresearchedsearchshowshowingsmart devicessouth africasystem disruptiont1005t1021t1021.001t1027t1030t1053.005t1055t1059t1059.004t1069.001t1071t1071.001t1071.004t1078t1105t1133t1190t1204.001t1204.002t1486t1490t1496t1499.002t1499.003t1565t1566t1566.001t1566.003t1587.001t1589.001t1590.001tiktoktitle addedtrojan malwaretypes ofunitedunited kingdomweb securitywin32 malwarewindows malwarex86 baddrxoryarayara detectionszombie

Activity Timeline

1 total obs
Aug 8Aug 8

Threat Activity Heatmap

· Peak: 2025-08-08
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **tiktokus.info** has emerged as a significant indicator of compromise (IOC) linked to multiple cyber threats originating from Japan. First observed on July

Threat ScoreLow Risk
15
SIGNAL
Signal Score
15%
Confidence
3
Reports
First seenJul 8, 2025
Last seenAug 8, 2025

VirusTotal

Not checked

WHOIS

registrar
GANDI SAS
description
Yara Detections Mirai_Botnet_Malware | SUSP_XORed_Mozilla {*/dev/misc/watchdog {o-o}} Trojan.PWS.Agent-53 Retry - Difficult- 0 yield Pulse | Cannot annotate
domain rank
-1
raw
Admin City: REDACTED FOR PRIVACY Admin Country: REDACTED FOR PRIVACY Admin Email: [email protected] Admin Organization: REDACTED FOR PRIVACY Admin Postal Code: REDACTED FOR PRIVACY Admin State/Province: REDACTED FOR PRIVACY Creation Date: 2020-08-12T13:56:40Z Creation Date: 2020-08-12T15:56:40Z DNSSEC: Unsigned DNSSEC: unsigned Domain Name: tiktokus.info Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: A1-156.AKAM.NET Name Server: A12-65.AKAM.NET Name Server: A16-66.AKAM.NET Name Server: A2-67.AKAM.NET Name Server: A3-64.AKAM.NET Name Server: A7-65.AKAM.NET Name Server: a1-156.akam.net Name Server: a12-65.akam.net Name Server: a16-66.akam.net Name Server: a2-67.akam.net Name Server: a3-64.akam.net Name Server: a7-65.akam.net Registrant City: 1f8f4166599d23ee Registrant Country: KY Registrant Email: [email protected] Registrant Email: f651612a2f356ad3s@ Registrant Fax Ext: 1f8f4166599d23ee Registrant Fax Ext: 3432650ec337c945 Registrant Fax: 1f8f4166599d23ee Registrant Name: 1f8f4166599d23ee Registrant Organization: ca00243dd184ed9d Registrant Phone Ext: 1f8f4166599d23ee Registrant Phone Ext: 3432650ec337c945 Registrant Phone: 1f8f4166599d23ee Registrant Postal Code: 1f8f4166599d23ee Registrant State/Province: 3432650ec337c945 Registrant Street: 1f8f4166599d23ee Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +33.170377661 Registrar IANA ID: 81 Registrar Registration Expiration Date: 2025-08-12T15:56:40Z Registrar URL: http://www.gandi.net Registrar URL: https://www.gandi.net Registrar WHOIS Server: whois.gandi.net Registrar: GANDI SAS Registrar: Gandi SAS Registry Admin ID: REDACTED FOR PRIVACY Registry Domain ID: 82e41b757a64499590b71b243cabd42e-DONUTS Registry Domain ID: D503300001186213625-LRMS Registry Expiry Date: 2025-08-12T15:56:40Z Registry Registrant ID: REDACTED FOR PRIVACY Registry Tech ID: REDACTED FOR PRIVACY Tech City: REDACTED FOR PRIVACY Tech Country: REDACTED FOR PRIVACY Tech Email: [email protected] Tech Organization: REDACTED FOR PRIVACY Tech Postal Code: REDACTED FOR PRIVACY Tech State/Province: REDACTED FOR PRIVACY Updated Date: 2024-08-20T11:05:35Z Updated Date: 2024-08-20T11:05:36Z
subdomains count
1

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 11 months ago · Last seen 10 months ago
Appeared in 3 threat reports