Further analysis of the infrastructure related to tetragulf@yahoo[.]com
revealed that in 2019 only four domains were registered to this email address, two of which were registered in late February and were involved in one campaign distributing malicious documents.
List of registered domains (those confirmed as malicious are underlined):
The first files associated with these domains were first uploaded to public sandboxes on June 18, 2019.