DomainMediumSignal 88/100
vcopp.com
Location
South AfricaFirst Seen
Feb 15, 2026
Last Seen
May 11, 2026
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
88%
Signal Score
88 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
11 reports88% confidence
11
Source reports
88%
Confidence score
Category tags
abuse.ch threatfoxabusech-threatfox-c2cactive scanningafricaanomalous network trafficasyncratattempted compromiseautomated analysisautomated detectionautomated osintautomated scanautomated threatautomated-huntblock-or-filter-listbotnetbotnet_c2brute forcebrute force attackbrute force attemptbrute force attemptsbrute_forcec2c2 activityc2 communicationc2 infrastructurec2 serverc2-activityc2-infrastructurec2_activitycnccnc communicationcnc servercobalt strikecobalt-strikecobaltstrikecommand and controlcommand-and-controlcommunication protocolcompromised hostcompromised systemcredential accesscredential stuffingdata encryptiondata exfiltrationdata-theftddos attackddos preparationdistributed attacksdugganusa researchexfiltrationfeodo-trackerftpftp brute forcehttp activityhttp brute forcehttp probinghttp requestshttp scanhttp scannerhttp scanninghttpshttps probinghttps scanhttps scanningindicatorindicators of compromiseinfected hostinfostealerinfrastructure acquisitionreconnaissanceingress tool transferintrusion detectioniociocslateral movementlumma stealermacosmacsyncmalicious network activitymalicious payloadmalicious softwaremalwaremalware analysismalware c2 activitymalware campaign activitymalware campaign detectionmalware campaign osintmalware communicationmalware detectedmalware detectionmalware distributionmalware distribution campaignmalware indicatormalware indicatorsmalware infectionmalware relatednetworknetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnovel iocnovel-iocnovel-threatopen source intelligenceosintosint-volleypassword attackspattern-49phantompulsepossible botnetpossible botnet activitypossible compromisepossible malware infectionpotential compromisepotential data exfiltrationpotential exploitpotential malware infectionpotential-malwarepotential_malwareprecogprecog detectedprecog engineprecog-detectedprocess injectionprotocol exploitationratreconnaissanceremote accessremote access toolremote access trojanremote servicesresearchedsalatstealerscannersecurity operationsself-signed certificateself-signed certificatesshub stealersmtp scanningsouth africassh attacksslssl certificatessl certificatesssl enriched ipsssl enrichmentstealcstealerstealer malware activityt1003t1005t1016t1018t1021t1021.001t1021.002t1027t1036t1040t1041t1046t1047t1053.005t1055t1056.001t1059t1059.001t1059.002t1059.004t1059.007t1068t1071t1071.001t1071.004t1076t1077t1078t1082t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1140t1189t1190t1204t1204.002t1219t1486t1496t1499.001t1499.002t1499.003t1528t1539t1543.001t1543.004t1547t1552.001t1555.001t1555.003t1560t1563t1565t1566t1566.001t1566.002t1569.002t1573t1573.001t1574t1587.001t1588t1589t1590.001t1595t1595.001t1595.002t1595.003t1614telnet threatthreat intelligencethreatfox apitrojan malwareunauthorized access attemptunauthorized-accessunknown stealerunknown threat actorunknown-stealerweb trafficxworm
Activity Timeline
May 11May 11
Threat Activity Heatmap
· Peak: 2026-05-11LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
88
SIGNAL
Signal Score
88%
Confidence
11
Reports
First seenFeb 15, 2026
Last seenMay 11, 2026
VirusTotal
Not checked
WHOIS
- description
- Command and Control domains for Malware. These domains are extracted from a number of sources, and are suspicious.
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 4 months ago · Last seen 1 month ago
Appeared in 11 threat reports