IOC Radar
DomainHighVerifiedSignal 47/100

vcrui.cn

Location
United StatesUnited States
First Seen
Apr 10, 2025
Last Seen
Mar 28, 2026
Apr 10
First Seen
428d ago
Mar 28
Last Seen
76d ago
5
Reports
source reports
47%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

19 techniques

Feed Intelligence Summary

5 reports47% confidence
5
Source reports
47%
Confidence score
Category tags
account compromiseaccount takeover attemptsbotnetbotnet activitybrute forcecommand and controlcredential harvestingcredential phishingcredential stuffingcredential theftdata exfiltrationdata store exposuredistributed attacksexploitation activityfake news distributionidentity & access exploitationindicatorinformation gatheringinjection activitymalicious linksmalicious softwaremalicious urlsmalwarenetworknorth americaphishingphishing attackphishing campaignprocess injectionresearchedscams & fraudsocial engineeringsocial media phishingspamt1041t1055t1071t1071.001t1189t1192t1486t1496t1499.002t1499.003t1534t1565t1566t1566.001t1566.002t1566.003t1593t1598t1598.003twitterunited states

Activity Timeline

1 total obs
Mar 28Mar 28

Threat Activity Heatmap

· Peak: 2026-03-28
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), `vcrui.cn`, represents a significant and active threat to organizational security, evidenced by its elevated risk score and numerous associations with malicious activity. Its primary implication points towards involvement in sophisticated phishing campaigns designed to compromise user credentials, deploy malware, or facilitate initial access for further exploitation. If this domain is accessed within the environment, it could lead to severe consequences such a…

Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
5
Reports
First seenApr 10, 2025
Last seenMar 28, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

domain rank
-1
raw
DNSSEC: unsigned Domain Name: vcrui.cn Domain Status: ok Expiration Time: 2025-06-18 22:40:11 Name Server: martha.ns.cloudflare.com Name Server: maxim.ns.cloudflare.com Registrant Contact Email: [email protected] Registrant: 12ad5870ed2db721 Registration Time: 2024-06-18 22:40:11 Sponsoring Registrar: 阿里云计算有限公司(万网)
references
https://x.com/harugasumi/status/1910129989242253391, https://x.com/harugasumi/status/1910212296900477200, https://x.com/harugasumi/status/1910217420649984415, https://x.com/harugasumi/status/1910226389669908747, https://x.com/harugasumi/status/1910230242465382626, https://x.com/harugasumi/status/1910236375607398655, https://x.com/harugasumi/status/1910238047792406630, https://x.com/harugasumi/status/1910238942013903347, https://x.com/harugasumi/status/1910295253057462482, https://x.com/harugasumi/status/1910324031955571103, https://x.com/harugasumi/status/1910336602842517983, https://x.com/harugasumi/status/1910357811512660167
subdomains count
0

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 2 months ago
Appeared in 5 threat reports