IOC Radar
DomainHighVerifiedSignal 81/100

www.flygram.org

Location
ChinaChina
First Seen
Sep 23, 2023
Last Seen
Jun 4, 2025
Sep 23
First Seen
994d ago
Jun 4
Last Seen
374d ago
5
Reports
source reports
81%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
81%
Signal Score
81 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

183 techniques

Feed Intelligence Summary

5 reports81% confidence
5
Source reports
81%
Confidence score
Category tags
106_t1056activity: intelligence gatheringaerospace and defenseasiachinacountry: barbadoscountry: cubacountry: czech republiccountry: dominican republiccountry: el salvadorcountry: saudi arabiacountry: south africacountry: sri lankacountry: united kingdomcountry: united statescyber espionage campaigndata exfiltrationindicatorintelligence gatheringmalicious softwaremalwaremalware: custom malwarenetworkprocess injectionresearchedt1001t1001.001t1001.003t1003t1003.001t1003.002t1003.003t1003.004t1005t1007t1008t1010t1011t1012t1014t1016t1017t1018t1020t1021t1021.001t1021.002t1027t1027.009t1027.013t1031t1033t1036t1036.002t1036.004t1036.005t1038t1040t1041t1046t1047t1048t1049t1053t1053.001t1053.002t1053.003t1053.006t1053.007t1055t1055.001t1055.002t1055.003t1055.004t1055.008t1056t1056.001t1056.003t1057t1059t1059.001t1059.003t1059.006t1059.007t1060t1068t1069t1069.002t1070t1071t1071.001t1071.003t1071.004t1074t1074.001t1078t1078.002t1078.004t1081t1082t1083t1085t1087t1087.001t1087.002t1087.003t1088t1090t1094t1095t1102t1102.002t1105t1106t1110.002t1111t1112t1113t1114t1114.001t1114.002t1114.003t1115t1119t1120t1124t1125t1129t1130t1133t1134t1137t1140t1155t1156t1170t1189t1190t1192t1193t1194t1199t1201t1202t1204.t1204.001t1204.002t1210t1213t1213.002t1217t1218t1222t1486t1489t1490t1491t1493t1495t1496t1497t1497.003t1503t1518t1530t1534t1539t1543t1543.003t1547t1547.001t1548.002t1552t1553t1558t1558.001t1560t1560.001t1562.001t1565t1566t1566.001t1566.002t1566.003t1569t1569.002t1571t1574t1574.006t1583.002t1583.003t1587t1587.001t1588t1588.002t1589t1592t1592.004t1595.002t1598t1598.001t1598.002t1598.003t1602t1602.002t1608.001t1608.005t1614t1614.001targeted sector: aerospacetargeted sector: defensetargeted sector: governmenttargeted sector: manufacturingtargeted sector: researchtargeted sector: utilitiesthreat actor: mirage

Activity Timeline

1 total obs
Jun 4Jun 4

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
81
SIGNAL
Signal Score
81%
Confidence
5
Reports
First seenSep 23, 2023
Last seenJun 4, 2025
Verified IOC

VirusTotal

Not checked

WHOIS

registrar
eNom, LLC
raw
Admin City: REDACTED Admin Country: REDACTED Admin Organization: REDACTED Admin Postal Code: REDACTED Admin State/Province: REDACTED Creation Date: 2020-04-26T03:00:20Z DNSSEC: unsigned Domain Name: flygram.org Domain Status: redemptionPeriod https://icann.org/epp#redemptionPeriod Name Server: dns1.name-services.com Name Server: dns2.name-services.com Name Server: dns3.name-services.com Name Server: dns4.name-services.com Name Server: dns5.name-services.com Registrant City: 3495bcf1839c6374 Registrant Country: CN Registrant Email: fb6ff66ef97c0518s@ Registrant Fax Ext: 3495bcf1839c6374 Registrant Fax: 3495bcf1839c6374 Registrant Name: 3495bcf1839c6374 Registrant Organization: c874927586d3d109 Registrant Phone Ext: 3495bcf1839c6374 Registrant Phone: 3495bcf1839c6374 Registrant Postal Code: 3495bcf1839c6374 Registrant State/Province: 54d0a591138021b8 Registrant Street: 3495bcf1839c6374 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.4165350123 Registrar IANA ID: 48 Registrar URL: http://www.enom.com Registrar WHOIS Server: http://whois.enom.com Registrar: eNom, LLC Registry Admin ID: REDACTED Registry Domain ID: cd0956fbfb8849b4a6f8b7acce40a69d-LROR Registry Expiry Date: 2025-04-26T03:00:20Z Registry Registrant ID: REDACTED Registry Tech ID: REDACTED Tech City: REDACTED Tech Country: REDACTED Tech Organization: REDACTED Tech Postal Code: REDACTED Tech State/Province: REDACTED Updated Date: 2025-06-07T12:27:16Z

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 2 years ago · Last seen 1 year ago
Appeared in 5 threat reports