This panel is only visible for Phishing, C&C, Malware, Spam and Mining incidents
The Blacklist Timeline section displays information regarding the period of time when Maltiverse and other sources marked the IoC as suspicious and/or malicious and which types of threats it was associated with, as well as the date when it stopped being malicious for Maltiverse.
The Whois Information section shows all available identifying information of the IoC. It will show origin and geographic information for IPs, and hosting and registration information for domains.
The Threat Triggers area lists the IoCs pertaining to this particular incident. These can be gathered by Maltiverse or third party sources. You can also download them as a .csv file for your convenience.
Under Related Files, you can see the checksums of files involved in the incident. You can also download them as a .csv file for your convenience.
This section lists all domains that have resolved to this IP to date. It is only applicable to IP-type IoCs.
List of IPs the domain has resolved up to the present. This section is exclusive to domain-type IoCs.
List of URLs that have been linked to this IP alongside the reason why each was blacklisted and their status. This section is exclusive of IP-type IOCs.
List of URLs that have linked to this domain up to the present along the reason why they have been blacklisted. This section is exclusive of domain-type IoCs.
Classification of all the IP addresses in the same IP group based on Maltiverse’s and other aggregators’ criteria. They’ll be categorized as neutral, whitelist, suspicious and/or malicious. This section is exclusive of IP-type IoCs.
List of malware associated with the IP or domain. You will find the filename associated and the reason why it was blacklisted. This section exists for both IP and domain-type IoCs; however, it will show relevant information differently for each.
Under this section, you can find related articles (both internal and external) and resources that may be useful to create an effective response strategy for this incident.