DomainMediumSignal 86/100

`wrned.com`

Location

United States

First Seen

May 11, 2026

Last Seen

May 19, 2026

May 11

First Seen

31d ago

May 19

Last Seen

23d ago

Reports

source reports

86%

Confidence

medium

Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

86%

Signal Score

86 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

23 techniques

Feed Intelligence Summary

18 reports86% confidence

Source reports

86%

Confidence score

Category tags

abuseabusech-threatfox-c2cadministrationalienvault_ransomwarebackdoorbackdoor/ratbad reputationbotnetbotnet activitybotnet_c2brute forcec2command & controlcpanel exploitationcpanel-pythoncredential harvestingcredential stuffingcredential theftdata exfiltrationdata store exposuredata theftdefenseexecutable fileexploitation activityfilemanager ratidentity & access exploitationindicatorinfectorjs codelinuxmalwaremrrot13networknorth americaopencti_label ssh keyspayloadphpphp backdoorransomwareresearchedsoutheast asiassh backdoort1005t1027t1041t1056.003t1059.004t1059.007t1070.006t1071.001t1078t1083t1098t1098.004t1119t1136t1136.003t1140t1190t1219t1505.003t1543.002t1552.001t1552.003t1567.002tokentor nodeunited stateswebshellwordpress targetingyara

Activity Timeline

1 total obs

May 19May 19

Threat Activity Heatmap

· Peak: 2026-05-19

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Intelligence SummaryAI Generated

The domain **wrned.com** has emerged as a significant indicator of compromise (IOC) linked to multiple cyber threats originating from the United States. First observed on May

Threat ScoreHigh Risk

SIGNAL

Signal Score

86%

Confidence

Reports

First seenMay 11, 2026

Last seenMay 19, 2026

VirusTotal

Not checked

WHOIS

registrar: Name.com, Inc.
description: Domain that is used for botnet Command&control (C&C)
domain rank: -1
raw: Admin City: Denver Admin Country: US Admin Organization: Domain Protection Services, Inc. Admin Postal Code: 80201 Admin State/Province: CO Creation Date: 2020-10-23T18:56:28Z DNSSEC: unSigned DNSSEC: unsigned Domain Name: WRNED.COM Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited Name Server: ELLE.NS.CLOUDFLARE.COM Name Server: MIKE.NS.CLOUDFLARE.COM Name Server: elle.ns.cloudflare.com Name Server: mike.ns.cloudflare.com Registrant City: 7545cbbbc34dcb54 Registrant Country: US Registrant Email: 61fe1f919b8fc1e8s@ Registrant Fax: 9abdec4331ca5e22 Registrant Name: 1b8cf3baab8972aa Registrant Organization: cccc85dcc279c581 Registrant Phone: 4399b2e77c01640d Registrant Postal Code: a5466aaa575b5c98 Registrant State/Province: 5909b98f8d0e7f8a Registrant Street: 3356d3f1c1732560 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.7203101849 Registrar Abuse Contact Phone: 7202492374 Registrar IANA ID: 625 Registrar Registration Expiration Date: 2027-10-23T18:56:28Z Registrar URL: http://www.name.com Registrar WHOIS Server: whois.name.com Registrar: Name.com, Inc. Registry Admin ID: Not Available From Registry Registry Domain ID: 2567833554_DOMAIN_COM-VRSN Registry Expiry Date: 2027-10-23T18:56:28Z Registry Registrant ID: Not Available From Registry Registry Tech ID: Not Available From Registry Tech City: Denver Tech Country: US Tech Organization: Domain Protection Services, Inc. Tech Postal Code: 80201 Tech State/Province: CO Updated Date: 2026-01-10T14:12:30Z
references: https://blog.xlab.qianxin.com/mr_rot13-the-elusive-6-year-hacker-group-weaponizing-critical-cpanel-flaws-for-backdoor-deployment_cn/, https://ltna.com.au/cyber
subdomains count: 0

`wrned.com`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy