IOC Radar
DomainMediumSignal 62/100

ykgmqooyusggyyya.xyz

Location
BrazilBrazil
First Seen
Nov 13, 2025
Last Seen
Jun 6, 2026
Nov 13
First Seen
214d ago
Jun 6
Last Seen
8d ago
8
Reports
source reports
62%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
62%
Signal Score
62 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

26 techniques

Feed Intelligence Summary

8 reports62% confidence
8
Source reports
62%
Confidence score
Category tags
account discoveryaccount profilingaccount takeoverapt activitybrand impersonationbrazilbrute forcebusiness email compromisecisa kevcommand executioncredential accesscredential harvestingcredential stealingcredential stuffingcredential theftcredential theft attemptdata exfiltrationdata store exposuredeceptive contentdefense evasiondgadragonforceemail-based attackenterprise data theftexecutable fileexploit availableexploit avaliableexploitation activityfraudidentity & access exploitationin the wildindicatorindicators of compromiseinfostealerinjection activitylnkmalicious attachmentmalicious domainmalicious emailmalicious linkmalicious linksmalicious powershell activitymalicious softwaremalwaremalware deliverymalware distributionmastastealermobile banking trojanmobile threatnetworkngate android malwareoperating systemphatom ravenphishingphishing attackphishing campaignphishing urlprocess injectionransomwareresearchedscamscams & fraudscripting attackssecurity operationssneaky malwaresocial engineeringsocial engineering attacksorvepotel malwaresouth americaspearphishingt1021.001t1055t1059t1059.001t1069.001t1071t1071.001t1078t1083t1086t1105t1192t1204t1204.001t1204.002t1486t1555t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1598t1598.003threat actorthreat indicatorsthreat intelligencetor nodeweb securityxloader

Activity Timeline

1 total obs
Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain ykgmqooyusggyyya.xyz, originating from Brazil, has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats. First observed on November

Threat ScoreMedium Risk
62
SIGNAL
Signal Score
62%
Confidence
8
Reports
First seenNov 13, 2025
Last seenJun 6, 2026

VirusTotal

Not checked

WHOIS

description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 7 months ago · Last seen 8 days ago
Appeared in 8 threat reports