DomainMediumSignal 76/100
atlas-sian.net
Location
DenmarkFirst Seen
Mar 6, 2023
Last Seen
Mar 22, 2026
Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
76%
Signal Score
76 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
4 reports76% confidence
4
Source reports
76%
Confidence score
Category tags
acceptaccess ta0001active scanningadded activealibaba cloudall domainall hostnameall reportanchoranchor httpsappleapt27artifacts vascioattackbackdoorbrian sabeysbrothbypasschecks creationchristopher ahmanncivil servicesck idck matrixclick-based attackcode integritycommandcommand and controlcommunication protocolcredential harvestingcrypdata manipulationdata uploaddelete servicedenmarkdnsdoin itdopple aidynadot llcemailsencryptenter sceuropeevidence destructionexclude suggesexpiration httpextr dataextr pleaseextra datafailedfilesfiles domainfiles relatedflagformfull reportsget httpgooglegovernment technologyhall evanshelp dnshichinahostname enumerationhtml documenthtml internethttp attackhttp scannerhttpshunterhybrididron anviframeinclude datainclude reviewindicatorindicators showinfo initialinformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceingress tool transferinitial accessinput validation bypassinquest labsiocsit infrastructurelearnlearn moreliberalliberal friendslink initiallucas achamalicious activitymalicious linksmalwaremalware deploymentmanualmetadata analysismitre attname serversname tacticsnamecheap incnetworknetwork scanningnone googleotx descriptionotx logopackingpalantirian abusepassive dnspath traversalphishingphishing attackplease subpoemporkbun llcporn revengepresent decpresent febpresent janprocess injectionprotectpublic administrationpublic infrastructurepublic policyquasi governmentreconnaissancereferenregulatory agenciesreimerrelated pulsesrelated tagsremote accessremote servicesreport spamresearchedrl httprole titlesabeysabey data centerssabey pornsafe browsingsc datasc pulsescanscanning activityse httpsnitsocial engineeringsocial media securitysoftware developmentspam brianspam deletespawnsssl certificatestop showstringsswippert1021t1027t1036t1041t1045t1055t1057t1059t1059.002t1060t1068t1070t1071t1071.001t1071.004t1080t1082t1083t1105t1106t1113t1125t1129t1132t1132.001t1133t1140t1143t1176t1189t1189 networkt1190t1204 user executiont1204.001t1204.002t1210t1495t1499.002t1546t1553t1553.002t1566t1566 phishingt1566.001t1566.002t1566.003t1568t1568.002t1583t1583.001t1583.005t1584t1586t1586.001t1587.001t1589.001t1590.001t1593.001t1595.001t1595.002t1595.003t1608.001targeted harassmenttbmvidthe brother sabeythreat actortitletrojan malwaretyp domaintype indicatorunicode textunitedurlsuser executionutf8 textvessel statevictim won casevirtoolweb application exploitationweb securityweb trafficwin32 malwarewindows malwarewindows ntwormxxx videos
Activity Timeline
Mar 22Mar 22
Threat Activity Heatmap
· Peak: 2026-03-22LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated
The domain **atlas-sian.net**, originating from Denmark, has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats. First observed on March
Threat ScoreHigh Risk
76
SIGNAL
Signal Score
76%
Confidence
4
Reports
First seenMar 6, 2023
Last seenMar 22, 2026
VirusTotal
Not checked
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 years ago · Last seen 3 months ago
Appeared in 4 threat reports