IOC Radar
DomainMediumSignal 65/100

zgkcar.com

Location
Hong KongHong Kong
First Seen
Sep 15, 2020
Last Seen
Jul 7, 2025
Sep 15
First Seen
2109d ago
Jul 7
Last Seen
353d ago
4
Reports
source reports
65%
Confidence
medium
Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Feed Intelligence Summary

4 reports65% confidence
4
Source reports
65%
Confidence score
Category tags
.net.net malwareantivirus evasionaptapt-q-27asiaauto-generated securitybotnetc++c++ malwarecommand and controlcommand executionconfig.inicryptocurrency miningdata exfiltrationddosddos attackdelphidelphi malwaredgadistributed attacksframework ngengogo malwaregolden eye doggrouphong kongindicatoringress tool transferkuailian vpnmalicious payload deliverymalicious powershell activitymalicious softwaremalwaremalware obfuscationmiuutinetworkollvmpersistence mechanismprocess injectionpuddleregsvr32remote access trojanremote controlresearchedscripting attacksshellcodeshellcode executionsilver foxsilver fox trojansoutheast asiat1027t1027.004t1053t1053.005t1055t1055.001t1056.001t1059t1059.001t1059.003t1071t1071.001t1072t1078t1082t1086t1105t1189t1195t1204t1204.002t1486t1490t1496t1499.002t1499.003t1505t1547t1565t1566t1566.001targeted malware campaigntodesktodesk impersonationtodesk malwaretrojan builtintrojan malwarevfpowervfpower dllwatering holewatering hole attackwinos4.0winos4.0 trojan

Activity Timeline

1 total obs
Jul 7Jul 7

Threat Activity Heatmap

· Peak: 2025-07-07
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
4
Reports
First seenSep 15, 2020
Last seenJul 7, 2025

VirusTotal

Not checked

WHOIS

description
The Golden Eye Dog gang, also known as APT-Q-27, is a cybercriminal group that targets individuals involved in gambling and dog promotion, primarily in Southeast Asia, as well as overseas Chinese communities. Their operations utilize sophisticated techniques that involve distributing malware disguised as legitimate software, such as Todesk and Kuailian VPN, via water hole attacks. The gang has been known to host malicious installation packages on websites optimized for search engines, which tricks victims into downloading harmful software.
domain rank
-1
raw
Administrative city: Shibuya-ku Administrative country: Japan Administrative email: [email protected] Administrative state: Tokyo Create date: 2023-12-25 00:00:00 Domain name: zgkcar.com Domain registrar id: 49 Domain registrar url: http://www.onamae.com Expiry date: 2024-12-25 00:00:00 Query time: 2023-12-26 10:40:49 Registrant city: e47fc8ff184926e5 Registrant company: 5dfae26313ad55b7 Registrant country: Japan Registrant email: [email protected] Registrant name: 5dfae26313ad55b7 Registrant phone: a9cbdae875f1367f Registrant state: 163cbf82a12ec850 Registrant zip: 849ab04f1899cf7c Technical city: Shibuya-ku Technical country: Japan Technical email: [email protected] Technical state: Tokyo Update date: 2023-12-26 00:00:00
references
https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247515029&idx=1&sn=41ca43a966c86bed0a8229ada062a316&poc_token=HB0jSWijqB_Pg2UnJJWPRUHD_xi9Fdi-zc3ys5kJ, https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA%3D%3D&mid=2247515029&idx=1&sn=41ca43a966c86bed0a8229ada062a316
subdomains count
2

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 11 months ago
Appeared in 4 threat reports