{
  "type": "Domain",
  "indicator": "ence.com",
  "general": {
    "sections": [
      "general",
      "geo",
      "url_list",
      "passive_dns",
      "malware",
      "whois",
      "http_scans"
    ],
    "whois": "http://whois.domaintools.com/ence.com",
    "alexa": "http://www.alexa.com/siteinfo/ence.com",
    "indicator": "ence.com",
    "type": "domain",
    "type_title": "Domain",
    "validation": [],
    "base_indicator": {
      "id": 2890228003,
      "indicator": "ence.com",
      "type": "domain",
      "title": "",
      "description": "",
      "content": "",
      "access_type": "public",
      "access_reason": ""
    },
    "pulse_info": {
      "count": 1,
      "pulses": [
        {
          "id": "68d752a02fe9fb45e82adcee",
          "name": "TI Advisory No-ESAF-SOC-TI-320",
          "description": "\"The ransomware compromises confidentiality by encrypting sensitive files, while integrity is\nundermined by data tampering through forced extensions and ransom note injection.\nAvailability is critically affected when files are locked and, if ransom remains unpaid, the Master\nBoot Record is overwritten, rendering the system inoperable. Authentication mechanisms are\nbypassed via persistence and unauthorized scheduled tasks, ensuring continuous attacker\ncontrol.\"",
          "modified": "2025-09-27T02:57:36.979000",
          "created": "2025-09-27T02:57:36.979000",
          "tags": [],
          "references": [
            "Cyber Threat Advisory - New Ransomware Profile LokiLocker Ransomware.pdf"
          ],
          "public": 1,
          "adversary": "",
          "targeted_countries": [],
          "malware_families": [],
          "attack_ids": [],
          "industries": [],
          "TLP": "white",
          "cloned_from": null,
          "export_count": 1,
          "upvotes_count": 0,
          "downvotes_count": 0,
          "votes_count": 0,
          "locked": false,
          "pulse_source": "web",
          "validator_count": 0,
          "comment_count": 0,
          "follower_count": 0,
          "vote": 0,
          "author": {
            "username": "Abinsiby12345",
            "id": "358730",
            "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png",
            "is_subscribed": false,
            "is_following": false
          },
          "indicator_type_counts": {
            "FileHash-MD5": 45,
            "FileHash-SHA1": 42,
            "FileHash-SHA256": 39,
            "domain": 6,
            "email": 52
          },
          "indicator_count": 184,
          "is_author": false,
          "is_subscribing": null,
          "subscriber_count": 21,
          "modified_text": "248 days ago ",
          "is_modified": false,
          "groups": [],
          "in_group": false,
          "threat_hunter_scannable": true,
          "threat_hunter_has_agents": 1,
          "related_indicator_type": "domain",
          "related_indicator_is_active": 1
        }
      ],
      "references": [
        "Cyber Threat Advisory - New Ransomware Profile LokiLocker Ransomware.pdf"
      ],
      "related": {
        "alienvault": {
          "adversary": [],
          "malware_families": [],
          "industries": []
        },
        "other": {
          "adversary": [],
          "malware_families": [],
          "industries": []
        }
      }
    },
    "false_positive": []
  },
  "geo": {},
  "geo_ipapicom": {},
  "pulse_count": 1,
  "pulses": [
    {
      "id": "68d752a02fe9fb45e82adcee",
      "name": "TI Advisory No-ESAF-SOC-TI-320",
      "description": "\"The ransomware compromises confidentiality by encrypting sensitive files, while integrity is\nundermined by data tampering through forced extensions and ransom note injection.\nAvailability is critically affected when files are locked and, if ransom remains unpaid, the Master\nBoot Record is overwritten, rendering the system inoperable. Authentication mechanisms are\nbypassed via persistence and unauthorized scheduled tasks, ensuring continuous attacker\ncontrol.\"",
      "modified": "2025-09-27T02:57:36.979000",
      "created": "2025-09-27T02:57:36.979000",
      "tags": [],
      "references": [
        "Cyber Threat Advisory - New Ransomware Profile LokiLocker Ransomware.pdf"
      ],
      "public": 1,
      "adversary": "",
      "targeted_countries": [],
      "malware_families": [],
      "attack_ids": [],
      "industries": [],
      "TLP": "white",
      "cloned_from": null,
      "export_count": 1,
      "upvotes_count": 0,
      "downvotes_count": 0,
      "votes_count": 0,
      "locked": false,
      "pulse_source": "web",
      "validator_count": 0,
      "comment_count": 0,
      "follower_count": 0,
      "vote": 0,
      "author": {
        "username": "Abinsiby12345",
        "id": "358730",
        "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png",
        "is_subscribed": false,
        "is_following": false
      },
      "indicator_type_counts": {
        "FileHash-MD5": 45,
        "FileHash-SHA1": 42,
        "FileHash-SHA256": 39,
        "domain": 6,
        "email": 52
      },
      "indicator_count": 184,
      "is_author": false,
      "is_subscribing": null,
      "subscriber_count": 21,
      "modified_text": "248 days ago ",
      "is_modified": false,
      "groups": [],
      "in_group": false,
      "threat_hunter_scannable": true,
      "threat_hunter_has_agents": 1,
      "related_indicator_type": "domain",
      "related_indicator_is_active": 1
    }
  ],
  "error": null,
  "vt": {
    "error": "VirusTotal rate limit reached. Try again shortly.",
    "indicator": "ence.com",
    "type": "Domain"
  },
  "abuseipdb": null,
  "urlhaus": {
    "indicator": "ence.com",
    "found": false,
    "verdict": "clean",
    "urls": [],
    "error": null
  },
  "from_cache": true,
  "_cached_at": 1780441395.426393
}