IOC Radar
DomainHighVerifiedSignal 47/100

vzwpix.com

Location
United KingdomUnited Kingdom
First Seen
Apr 7, 2021
Last Seen
Jan 11, 2025
Apr 7
First Seen
1900d ago
Jan 11
Last Seen
525d ago
4
Reports
source reports
47%
Confidence
high
Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

18 techniques

Feed Intelligence Summary

4 reports47% confidence
4
Source reports
47%
Confidence score
Category tags
aaaaaaaa nxdomainabbasaccount securityaccount stealeraddpoaddportmappingagenaahmedalertsalexalisaall scoreblueandisonarisasherasnoneasnone unitedate hashbachbaixuebaranbarrybellabianbinsh binshblackbladebonebredobrian sabeybrickbrute forcecalgarycapecardinalcaseycassidychanchenchengchincitycivil servicescivilian societycnamecococode executioncode injectioncommand executioncoronacountrycreation datecrowcry killdadadanieldata accessdata copyingdata exfiltrationdata transferdaumdaviddavisddos attacksdelfsdennisdevsda1 devsda2dingdockdonalddorndukee procselffd9eddieelectronic health recordsemailsemailverifiedentrieset exploitet trojaneuropeeva120expiration dateexploitexploit nonefaisalfilesfiles deletedfisherfloodgafgytgenericget httpgibbongloriagoligoodwingovernment technologygraphgreengrewalguesth devsda2hackhammerharehashesheader intelhealth care and social assistancehealth information technologyhealthcare information systemsheckhighhillhitmenholehonghopehornhospital managementhosthostname enumerationhttp requestshuanghuawei hg532huawei remotehunterhustlerhwangindicatorinfo compilerinformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceintelinternet of thingsiot botnetiot/ics attackipv4ireland unknownit infrastructurejaberjacksonjainjamesjarvisjasonjeanjody alaskajody huffinesjohnsonjoshijsonkaneriakingkremplambertleonlibmultipathlink librarylittlelogicloudoun countylunalyndamadromalicious softwaremalwaremalware wormmarkmartinmattamatthewmcicsmedical servicesmembermemory patternmendozamesinamillminiigd upnpminimomirai botnetmisamitmmitre attmodimodify systemmodulesmoranmotilms visualmsiemurphymurrayname md5name serversnetworknetwork scanningnextnguyennicholsnidsnorth americaoperating system securityorgdnshandleorgdnsrefottoowumip m0755panditparadisparkpassive dnspassword bypasspatelpatient carepe resourcepe32 executablepedropegasus relatedpepperperezpinoportpostspotential-c2process injectionprocess t1543processes treeproducts idpublic administrationpublic infrastructurepublic policypulse submitqueryr englishranaransomransomwormrasimrcerealtek sdkreconreconnaissanceregistry keysregulatory agenciesreidrepkarequestresearchedromaroyceruntime modulesrushsalmscan endpointssearchserviceshahshangshell commandsshenshowshowingsinghskynetsmbds ipcsmithsmugglers gambitsoa nxdomainsoap commandsoftware developmentsoftware exploitationsohanasoodsp6 buildstackstangstarkstarrstatusstepanstonestopsummarysupportsweetswippswipp9-arinswipperswitch dnssystemd servicet1005t1027t1030t1055t1059t1059.007t1064 executest1071.001t1078t1190t1203t1204.001t1486t1496t1499.002t1565t1587.001t1589.001t1590.001ta0002 commandta0004 createtacktangtexttoaltrinitytruetypeunitedunited kingdomunited statesurlsverizonvictorwagnerwalkerwangwannacrywannacry killweb exploitationwhois lookupswin16 newin32 dynamicwin32 exewindows ntwirelessdatanetworkwolfwongwritexenayangyara detectionsyara ruleyurkiwzhangzhaozhen

Activity Timeline

1 total obs
Jan 11Jan 11

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **vzwpix.com** has been identified as a significant indicator of compromise (IOC) associated with malicious activities originating from the United Kingdom. First observed on April

Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
4
Reports
First seenApr 7, 2021
Last seenJan 11, 2025
Verified IOC

VirusTotal

Not checked

WHOIS

registrar
CSC Corporate Domains, Inc.
creation date
2003-02-17T17:25:05
expiration date
2027-02-17T17:25:05
updated date
2026-02-13T06:03:52
name servers
NS1.VZWDOMAIN.COM, NS2.VZWDOMAIN.COM
emails
[email protected]
status
clientTransferProhibited https://icann.org/epp#clientTransferProhibited

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 5 years ago · Last seen 1 year ago
Appeared in 4 threat reports