IOC Radar
DomainMediumSignal 41/100

027sn.com

Location
South AfricaSouth Africa
First Seen
Jun 5, 2020
Last Seen
Jun 7, 2026
Jun 5
First Seen
2198d ago
Jun 7
Last Seen
5d ago
7
Reports
source reports
41%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
41%
Signal Score
41 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

27 techniques

Feed Intelligence Summary

7 reports41% confidence
7
Source reports
41%
Confidence score
Category tags
account discoveryaccount profilingaccount takeoveractive scanafricaattachment based phishingattachment phishingbecbec attackbrand impersonationbrand_impersonationbrowsebrute forcebusiness email compromisecode issuescommunication protocolcredential accesscredential harvestingcredential phishingcredential stuffingcredential theftcredential_harvestingcredential_theftdata exfiltrationdata store exposuredigital signatureemail-borne threatexploitation activityfinancefooterfraudgithubhttp scannerhttpsidentity & access exploitationindicatorindicators of compromiseinfrastructure acquisitionreconnaissanceinitial accessinjection activityintrusion detectionioclink injectionlink manipulationlink obfuscationmalicious attachmentmalicious domainmalicious linkmalicious linksmalwaremalware deliverymalware distributionmalware signingmalware_vectornetworknetwork securityphishingphishing attackphishing campaignphishing kitphishing-databaseproduct actionspullransomwareresearchedsastscamscams & fraudscannersearchsecurity operationssender addressskipsmtpsocial engineeringsoftware integritysouth africaspamstarstrongsubject linet1040t1056.001t1071.001t1078t1189t1190t1192t1204t1204.001t1204.002t1499.001t1499.002t1539t1554.001t1554.003t1566t1566.001t1566.002t1566.003t1566.004t1567t1567.001t1583t1587.001t1590.001t1598t1598.003threat actorthreat actor: unknownthreat indicatorsthreat intelligencethreat intelligence reportthreat_feedtor nodeurl-based attackweb securityweb trafficwhaling attack

Activity Timeline

1 total obs
Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
41
SIGNAL
Signal Score
41%
Confidence
7
Reports
First seenJun 5, 2020
Last seenJun 7, 2026

VirusTotal

Not checked

WHOIS

description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 6 years ago · Last seen 5 days ago
Appeared in 7 threat reports