DomainMediumSignal 50/100

`yob.yrwebsdf.shop`

First Seen

Feb 21, 2025

Last Seen

Jun 6, 2026

Feb 21

First Seen

478d ago

Jun 6

Last Seen

8d ago

Reports

source reports

50%

Confidence

medium

13/91

VirusTotal

detections

Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

50%

Signal Score

50 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

48 techniques

Feed Intelligence Summary

8 reports50% confidence

Source reports

50%

Confidence score

Category tags

aerospace & defenseaes encryptionamadeyatomicbinance smartbinance smart chainbitcoinblockchainbnb smartbnb smart chainbotnetbotnet activitybrute forcec2 checkinchainclickfix lurecloud infrastructurecloudflare pagescode executioncode injectioncoinbasecommand & controlcommand and controlcommand executioncommodity contracts intermediationconductcredential harvestingcredential stuffingcredential theftcrypto exchangecrypto miningcrypto walletcryptocurrencycryptocurrency threatscryptojackingdata exfiltrationdata store exposuredecentralized financedefensedefense contractingdefense logisticsdefense systemsdefense technologydigital currencydistributed attacksdrive-by compromiseencryptionexecutable fileexploitation activityfinancegtighostinghtmlhttpsidentity & access exploitationindicatorinfostealerinfostealersingress tool transferinjection activityiocsiocs sha256iot securityjavascript code injectionlambdalevelloaderlumma stealerlummac.v2lummac2mainmain operatormalicious downloadmalicious linksmalicious powershell activitymalicious softwaremalwaremalware deliverymalware distributionmalware familymetamaskmilitary operationsnation-state activitynational securitynetworkoperating systemphishingphishing attackprocess injectionpythonransomwarerecaptcharesearchedresource hijackingrestartscams & fraudscripting attackssiemsmart contractsmart contractssocial engineeringstealcstealerstrategiessupply chain attackt1021.001t1027t1036t1053t1055t1059t1059.001t1059.005t1059.007t1069.001t1071t1071.001t1078t1086t1102.002t1104t1105t1140t1189t1190t1199t1204t1204.001t1204.002t1218t1486t1496t1499.002t1499.003t1539t1546t1547t1547.001t1555t1555.003t1560t1565t1566t1566.001t1566.002t1566.003t1573.001t1583.001t1588.002t1588.006t1598t1608t1608.001threat actorthreat defensetor nodeunc5142unc5142 c2unc5142 payloadupdate siemurlsvidarvidar c2web exploitationweb injectionweb security

Activity Timeline

1 total obs

Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Intelligence SummaryAI Generated

The domain **yob.yrwebsdf.shop** has emerged as a significant indicator of compromise (IOC) associated with multiple cyber threats, including botnets, malware, phishing, and ransomware. First observed on February

Threat ScoreMedium Risk

SIGNAL

Signal Score

50%

Confidence

Reports

First seenFeb 21, 2025

Last seenJun 6, 2026

VirusTotal

13/ 91vendors flagged

14% detection rateJun 7, 2026

WHOIS

raw: Create date: 2025-02-19 00:00:00 Domain name: yrwebsdf.shop Domain registrar id: 460 Domain registrar url: iwhois.webnic.cc Expiry date: 2026-02-19 00:00:00 Name server 1: TARA.NS.CLOUDFLARE.COM Name server 2: ARAGORN.NS.CLOUDFLARE.COM Query time: 2025-02-21 03:29:18 Registrant country: Malaysia Registrant state: f4e528a4fdf624a9 Update date: 2025-02-19 00:00:00

`yob.yrwebsdf.shop`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy