DomainHighVerifiedSignal 78/100

`www.galapagosdesign.com`

Location

Anguilla

First Seen

Sep 16, 2024

Last Seen

May 14, 2026

Sep 16

First Seen

637d ago

May 14

Last Seen

31d ago

Reports

source reports

78%

Confidence

high

Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

78%

Signal Score

78 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

47 techniques

Feed Intelligence Summary

5 reports78% confidence

Source reports

78%

Confidence score

Category tags

abuseacceptaccessactiveactive scanagentaigalienvault_ransomwareall domainall ipv4america flaganguillaas2497 internetas9714 vocusascii textasiaaslraspackattack networkaustraliaaustralia asnbad reputationbazaarbodybotnetbotnet activityc0 a0c4 d8cachecalls clearchristopher ahmannck idclickcodecommandcommand and controlcommand linecommerce industrycontent typecookiecopycre pulcrlf linedarkcometdatadata exfiltrationdata store exposuredata uploaddbatloaderdefense evasiondeletedelphidenverdenver courtsdes moinesdistributed attacksdns attackdomaindomains topdougcodr wifidrops pedynamicloaderee fcemailsenricenterenter scerrorerror resumeexclude suggesexecutable fileexploitexploitation activityextraextra dataextra infoextraction datafailedff d5filefilesfiles ipfindfind sformatfoundrypalantirfraudfull pathgeneratorguardguest systemhackinghighhtmlhybridid logininclude reviewincluded iocsindicatorindustry commerceinfinitylockinfo fileinfo processesinitial accessinjection activityinjusticeinteliocsiot securityipv4japan asnjapan unknownjavadropperjeffrey reimerkevinkillmbrlearnlegallevelloaderlocallokibotlookloopmalicious softwaremalwaremediamediummetamitm_attacksmitre attmitre attackmonoms windowsmsiemusicmwdbnamename serversname tacticsnetworknetwork infonextnext dimnext urnjratnorth americantgraph xeoceaniaoverview zenboxpageparent pidpassive dnspathpattern matchpayloadpe filepegasuspetyaphilippinesphishingpoleasspornhubportpostpowershellprocess injectionprocesses extraprogramquasiransomwarereadredlinereferenrefreshregistrant namereimer gropesrelated pulsesremcosresearchedrestartrevengeratreview iocssabeysc datascams & fraudscriptscript scriptsearchserviceset cookieshellshhhshibuyasigmaspanspawnsssdeepstatestate coloradostringssurface webt1010t1012t1018t1027t1036t1045t1047t1053t1055t1056t1057t1059t1059.001t1060t1064t1069t1069.002t1070t1071t1071.001t1071.004t1082t1083t1091t1095t1105t1112t1120t1219t1480t1486t1490t1496t1497t1499.002t1499.003t1518t1529t1542t1547t1553t1553.002t1560t1562t1565t1573t1574telecommunicationsthreat actortitletoolstop destinationtop sourcetor nodetrackertrojantrojanransomtsara brashearstt trtulachtypetype olultimate fileultradns clientunitedunited statesupatreurlsvaluevbcrlfvbs scriptverdictverifywifiwifi datawifi idwindows ntwindows sandboxworkers compensationworld mediawritewrite cxportyarayara detectionsyara rulezenbox verdict

Activity Timeline

1 total obs

May 14May 14

Threat Activity Heatmap

· Peak: 2026-05-14

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Threat ScoreHigh Risk

SIGNAL

Signal Score

78%

Confidence

Reports

First seenSep 16, 2024

Last seenMay 14, 2026

Verified IOC

VirusTotal

Not checked

WHOIS

registrar: Network Solutions, LLC
description: <<Anomalous binary characteristics have been identified in a file that is being used to compile a Windows operating system for the first time in the history of the software, as well as an unauthorised virus>> Darkgate. Links wouldnt attach. User does not have whatsapp.
raw: Creation Date: 1997-06-10T04:00:00Z DNSSEC: unsigned Domain Name: GALAPAGOSDESIGN.COM Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: DNS1.EARTHLINK.NET Name Server: DNS2.EARTHLINK.NET Name Server: DNS3.EARTHLINK.NET Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.8777228662 Registrar IANA ID: 2 Registrar URL: http://networksolutions.com Registrar WHOIS Server: whois.networksolutions.com Registrar: Network Solutions, LLC Registry Domain ID: 1472494_DOMAIN_COM-VRSN Registry Expiry Date: 2031-06-09T04:00:00Z Updated Date: 2026-04-12T06:24:08Z

`www.galapagosdesign.com`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy