IOC Radar
DomainMediumSignal 68/100

arcsystem.rodopibg.net

First Seen
Oct 16, 2024
Last Seen
Apr 2, 2026
Oct 16
First Seen
603d ago
Apr 2
Last Seen
70d ago
10
Reports
source reports
68%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
68%
Signal Score
68 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

51 techniques

Feed Intelligence Summary

10 reports68% confidence
10
Source reports
68%
Confidence score
Category tags
abuseactive scanactive scanningamadeyapplication layer protocolarmasciiasyncratautoitavemariaratbad reputationbase64bitbucketbotnetbotnet activitybraodobraodo stealerbrute forcebrute force attackc2calls-wmichecks-user-inputcoinminercommand & controlcommand and controlcommand executioncommunication protocolcredential accesscredential stuffingcryptocurrencyctadata exfiltrationdata store exposureddosddos attacksdenial of servicedetect-debug-environmentdistributed attacksdllelfencodedexcelexeexecutable fileexploitexploitation activityflawedammyratflawedammyyratftpftp brute forcegh0stratguloaderhosts-modifierhtaidentity & access exploitationindicatorinfostealerinit-moduleinjection activityinternet of thingsiot botnetiot securityiot/ics attacklong-sleepsmacro-powershellmalicious powershell activitymalicious softwaremalwarematanbuchusmeterpretermipsmirai botnetmozinetsupportratnetworknetwork attacksnetwork enumerationnetwork intrusionnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnjratopendiroverlaypassword attackspeexeprocess injectionprotocol exploitationquasarratratreconnaissanceremcosratremote accessremote servicesresearchedrev-base64-loaderreverseshellscripting attacksservice scansliversmoke loadersnakekeyloggerssh attackstealcstealert1005t1016t1021t1021.001t1025t1027t1039t1040t1041t1046t1047t1053t1055t1059t1059.001t1068t1071t1071.001t1076t1078t1083t1086t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1134t1189t1190t1195t1204t1204.002t1486t1496t1499.002t1499.003t1535t1547t1563t1564t1565t1566t1589t1595t1595.001t1595.002t1595.003t1598tcp protocoltcp scantelnet threatthreat actortor nodetrojanua-wgetudp scanupxvbsvulnerability scanwindowsxlszip

Activity Timeline

1 total obs
Apr 2Apr 2

Threat Activity Heatmap

· Peak: 2026-04-02
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **arcsystem.rodopibg.net** has emerged as a significant indicator of compromise (IOC) associated with multiple cyber threats, including botnet activity, command and control (C

Threat ScoreMedium Risk
68
SIGNAL
Signal Score
68%
Confidence
10
Reports
First seenOct 16, 2024
Last seenApr 2, 2026

VirusTotal

Not checked

WHOIS

registrar
TUCOWS, INC.
raw
Admin City: REDACTED FOR PRIVACY Admin Country: REDACTED FOR PRIVACY Admin Organization: REDACTED FOR PRIVACY Admin Postal Code: REDACTED FOR PRIVACY Admin State/Province: REDACTED FOR PRIVACY Creation Date: 2005-08-06T08:55:45 Creation Date: 2005-08-06T08:55:45Z DNSSEC: unsigned Domain Name: RODOPIBG.NET Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: NS.RODOPIBG.NET Name Server: NS2.RODOPIBG.NET Name Server: ns.rodopibg.net Name Server: ns2.rodopibg.net Registrant City: 1f8f4166599d23ee Registrant Country: BG Registrant Email: fd5f85b6eb6baf81s@ Registrant Fax Ext: 3432650ec337c945 Registrant Fax: 1f8f4166599d23ee Registrant Name: 1f8f4166599d23ee Registrant Organization: 1f8f4166599d23ee Registrant Phone Ext: 3432650ec337c945 Registrant Phone: 1f8f4166599d23ee Registrant Postal Code: 1f8f4166599d23ee Registrant State/Province: f928994f445aefcf Registrant Street: 1f8f4166599d23ee Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.4165350123 Registrar IANA ID: 69 Registrar Registration Expiration Date: 2026-08-06T08:55:45 Registrar URL: http://tucowsdomains.com Registrar URL: http://www.tucows.com Registrar WHOIS Server: whois.tucows.com Registrar: TUCOWS, INC. Registrar: Tucows Domains Inc. Registry Domain ID: 193732887_DOMAIN_NET-VRSN Registry Expiry Date: 2026-08-06T08:55:45Z Tech City: REDACTED FOR PRIVACY Tech Country: REDACTED FOR PRIVACY Tech Organization: REDACTED FOR PRIVACY Tech Postal Code: REDACTED FOR PRIVACY Tech State/Province: REDACTED FOR PRIVACY Updated Date: 2023-08-03T07:46:32 Updated Date: 2023-08-03T07:46:32Z

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 10 threat reports