IOC Radar
DomainMediumSignal 38/100

ecard.tel

Location
Russian FederationRussian Federation
First Seen
Apr 26, 2023
Last Seen
Mar 9, 2026
Apr 26
First Seen
1153d ago
Mar 9
Last Seen
104d ago
7
Reports
source reports
38%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
38%
Signal Score
38 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

44 techniques

Feed Intelligence Summary

7 reports38% confidence
7
Source reports
38%
Confidence score
Category tags
active scanningattachment phishingauthentication attackbecbec attackbotnetbrand impersonationbrute forcebusiness email compromisebusiness_email_compromisecommand and controlcredential accesscredential harvestingcredential phishingcredential stuffingcredential theftcredential_harvestingdata exfiltrationdenial of servicedistributed attacksemail-based attackeurope/asiafraudulent websiteftp brute forcehttp brute forcehydra attackindicatorinitial accessiocslink injectionlink manipulationlink obfuscationlogin attacklogin attemptsmalicious attachmentmalicious attachmentsmalicious domainmalicious linksmalicious softwaremalwaremalware deliverymalware distributionmedusa attacknetworknetwork attacksnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnmap scanphishingphishing attackphishing-databaseprocess injectionprotocol exploitationrdp scanningreconnaissancereconnaissance activityremote accessremote servicesresearchedrussiarussian federationservice enumerationsmb scanningsmtp brute forcesocial engineeringssh attacksyn scant1018t1021t1021.001t1021.002t1040t1046t1055t1059t1059.001t1059.004t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1189t1190t1192t1204t1204.001t1486t1496t1499.002t1499.003t1534t1552.001t1563t1565t1566t1566.001t1566.002t1566.003t1588.002t1589t1589.002t1592t1595t1595.001t1595.002t1595.003t1598t1598.003tcp scantcp scanningtelnet threatthreat intelligence feedthreat_actor_activityudp scanvulnerability scanweb securitywhaling attack

Activity Timeline

1 total obs
Mar 9Mar 9

Threat Activity Heatmap

· Peak: 2026-03-09
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain ecard.tel has emerged as a significant indicator of compromise (IOC) linked to multiple cyber threats originating from the Russian Federation. First observed on April

Threat ScoreLow Risk
38
SIGNAL
Signal Score
38%
Confidence
7
Reports
First seenApr 26, 2023
Last seenMar 9, 2026

VirusTotal

Not checked

WHOIS

registrar
Regional Network Information Center, JSC dba RU-CENTER
description
For POC
domain rank
-1
raw
Admin City: REDACTED FOR PRIVACY Admin Country: RU Admin Organization: REDACTED FOR PRIVACY Admin Postal Code: REDACTED FOR PRIVACY Admin State/Province: N/A Creation Date: 2022-02-10T07:01:12.191Z DNSSEC: unsigned Domain Name: ecard.tel Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: ns1.timeweb.ru Name Server: ns2.timeweb.ru Name Server: ns3.timeweb.org Name Server: ns4.timeweb.org Registrant City: 1f8f4166599d23ee Registrant Country: RU Registrant Email: 0e83448caf06a428s@ Registrant Fax Ext: 1f8f4166599d23ee Registrant Fax: 1f8f4166599d23ee Registrant Name: 1f8f4166599d23ee Registrant Organization: e92b81b71879208d Registrant Phone Ext: 1f8f4166599d23ee Registrant Phone: 1f8f4166599d23ee Registrant Postal Code: 1f8f4166599d23ee Registrant State/Province: 8fc09420615ed80d Registrant Street: 1f8f4166599d23ee Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +7.4959944601 Registrar IANA ID: 463 Registrar URL: http://www.nic.ru Registrar: Regional Network Information Center, JSC dba RU-CENTER Registry Admin ID: REDACTED FOR PRIVACY Registry Domain ID: D99BE3F78ED3A4B269D1FEE850892BFB3-GDREG Registry Expiry Date: 2025-02-10T07:01:12.191Z Registry Registrant ID: REDACTED FOR PRIVACY Registry Tech ID: REDACTED FOR PRIVACY Tech City: REDACTED FOR PRIVACY Tech Country: RU Tech Organization: REDACTED FOR PRIVACY Tech Postal Code: REDACTED FOR PRIVACY Tech State/Province: N/A Updated Date: 2024-01-30T06:48:31.244Z
references
https://malware-filter.gitlab.io/malware-filter/phishing-filter-domains.txt
subdomains count
1

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 3 months ago
Appeared in 7 threat reports