An analysis of DNS and WHOIS data tied to the PeckBirdy C&C framework uncovers expanded infrastructure, linking known IoCs to malicious domains, IPs, and email-connected assets across years of activity.