# kra-24-cc.cc — SUSPICIOUS

> kra-24-cc.cc is a crypto drainer scam site flagged by 1/95 VirusTotal vendors. SSL via Let's Encrypt hides malicious redirects. Avoid transfers.

## Summary
kra-24-cc.cc is identified as an active crypto drainer scam site. The domain is currently classified with an elevated risk level and remains in active operation.

This domain was flagged by 1 of 95 VirusTotal security vendors, indicating limited but confirmed malicious intent. It resolves to IP 185.226.92.168 and utilizes a Let’s Encrypt SSL certificate. The domain was registered on July 15, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED, and appears on 1 security blocklist. Trust scores reflect poor reputation based on early detection metrics.

PhishDestroy and one additional blocklist provider currently flag kra-24-cc.cc as unsafe. Users should avoid interacting with this domain, especially for cryptocurrency transactions. If you suspect exposure, review wallet activity immediately, revoke unauthorized permissions, and report the domain to your threat intelligence platform.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-07-15 09:48:26
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 185.226.92.168

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5b5e6ccd-678b-43c7-87b8-7cce5741e59e
- PhishDestroy: https://phishdestroy.io/domain/kra-24-cc.cc/
- LLM endpoint: https://phishdestroy.io/domain/kra-24-cc.cc/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra-24-cc.cc/
Last updated: 2026-03-26