IOC Radar
DomainHighVerifiedSignal 37/100

eclat.group

Location
Russian FederationRussian Federation
First Seen
Dec 30, 2024
Last Seen
Jun 14, 2026
Dec 30
First Seen
538d ago
Jun 14
Last Seen
7d ago
5
Reports
source reports
37%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
37%
Signal Score
37 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Feed Intelligence Summary

5 reports37% confidence
5
Source reports
37%
Confidence score
Category tags
active scanactive scanningattachment phishingauthentication attackbecbec attackbotnetbotnet activitybrand impersonationbrute forcebusiness email compromisebusiness_email_compromisecommand and controlcredential accesscredential harvestingcredential phishingcredential stuffingcredential theftcredential_harvestingdata exfiltrationdata store exposureddosdenial of servicedistributed attacksemail-based attackeurope/asiaexploitation activityfraudulent websiteftp brute forcehttp brute forcehydra attackidentity & access exploitationindicatorinitial accessinjection activityiocslink injectionlink manipulationlink obfuscationlogin attacklogin attemptsmalicious attachmentmalicious attachmentsmalicious domainmalicious linksmalicious softwaremalwaremalware deliverymalware distributionmedusa attacknetworknetwork attacksnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnmap scanphishingphishing attackphishing campaignphishing-databaseprocess injectionprotocol exploitationransomwarerdp scanningreconnaissancereconnaissance activityremote accessremote servicesresearchedrussiarussian federationscams & fraudservice enumerationservice scansmb scanningsmtp brute forcesocial engineeringssh attacksyn scant1018t1021t1021.001t1021.002t1040t1046t1055t1059t1059.001t1059.004t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1189t1190t1192t1204t1204.001t1486t1496t1499.002t1499.003t1534t1552.001t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1588.002t1589t1589.002t1592t1595t1595.001t1595.002t1595.003t1598t1598.003tcp scantcp scanningtelnet threatthreat intelligence feedthreat_actor_activitytor nodeudp scanvulnerability scanweb securitywhaling attack

Activity Timeline

1 total obs
Jun 14Jun 14

Threat Activity Heatmap

· Peak: 2026-06-14
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **eclat.group** has emerged as a significant indicator of compromise (IOC) linked to a range of malicious activities originating from the Russian Federation. First observed on December

Threat ScoreLow Risk
37
SIGNAL
Signal Score
37%
Confidence
5
Reports
First seenDec 30, 2024
Last seenJun 14, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber
domain rank
-1
subdomains count
2

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 7 days ago
Appeared in 5 threat reports