ID RST:C1C3BF6C-2AA3-3433-9C31-BBBF3C9CAA17 Type rst Reporter RST Threat Feed Modified 2020-01-02T00:00:00
Description
Found malyshevgi[.]temp.swtest.ru in RST Threat Feed with score 20.
First seen: 2020-01-02T03:00:00, Last seen: 2021-01-14T03:00:00.
IOC tags: malware. and CNAME records: sinkhole.paloaltonetworks.com.
Whois:
Created: 2013-12-13 11:31:08,
Registrar: RUCENTERRU,
Registrant: SpaceWeb LLC.
IOC could be a False Positive (Domain not resolved, but Whois records found).
https://rstcloud.net/
{"id": "RST:C1C3BF6C-2AA3-3433-9C31-BBBF3C9CAA17", "bulletinFamily": "ioc", "title": "RST Threat feed. IOC: malyshevgi.temp.swtest.ru", "description": "Found **malyshevgi[.]temp.swtest.ru** in [RST Threat Feed](https://rstcloud.net/profeed) with score **20**.\n First seen: 2020-01-02T03:00:00, Last seen: 2021-01-14T03:00:00.\n IOC tags: **malware**. and CNAME records: sinkhole.paloaltonetworks.com.\nWhois:\n Created: 2013-12-13 11:31:08, \n Registrar: RUCENTERRU, \n Registrant: SpaceWeb LLC.\nIOC could be a **False Positive** (Domain not resolved, but Whois records found).\n[https://rstcloud.net/](https://rstcloud.net/)", "published": "2021-01-15T00:00:00", "modified": "2020-01-02T00:00:00", "cvss": {}, "href": "", "reporter": "RST Threat Feed", "references": [], "cvelist": [], "type": "rst", "lastseen": "2021-01-14T00:00:00", "edition": 1, "viewCount": 0, "enchantments": {"vulnersScore": "PENDING"}, "iocType": "domain", "ip": [], "domain": ["malyshevgi.temp.swtest.ru"], "url": [], "iocScore": {"ioc_frequency": 0.06, "ioc_src": 60.2, "ioc_tags": 0.89, "ioc_total": 20.0}, "tags": ["malware"], "fp": {"alarm": "possible", "descr": "Domain not resolved, but Whois records found"}, "whois": {}, "geodata": {}, "asn": {}, "threat": []}
