IOC Radar
DomainMediumSignal 46/100

ecofertil.ma

Location
United StatesUnited States
First Seen
Nov 21, 2024
Last Seen
Jun 2, 2026
Nov 21
First Seen
570d ago
Jun 2
Last Seen
12d ago
10
Reports
source reports
46%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
46%
Signal Score
46 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Feed Intelligence Summary

10 reports46% confidence
10
Source reports
46%
Confidence score
Category tags
active scanactive scanningattachment phishingattackauthentication attackbecbec attackbotnetbotnet activitybrand impersonationbrute forcebusiness email compromisebusiness_email_compromisecommand and controlcredential accesscredential harvestingcredential phishingcredential stuffingcredential theftcredential_harvestingdata exfiltrationdata store exposureddosdenial of servicedistributed attacksemail-based attackexploitation activityfraudulent websiteftp brute forcehttp brute forcehydra attackidentity & access exploitationindicatorinitial accessinjection activityiocslink injectionlink manipulationlink obfuscationlogin attacklogin attemptsmalicious activitymalicious attachmentmalicious attachmentsmalicious domainmalicious linksmalicious softwaremalwaremalware deliverymalware distributionmedusa attacknetworknetwork attacksnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnmap scannorth americaphishingphishing attackphishing campaignphishing-databaseprocess injectionprotocol exploitationransomwarerdp scanningreconnaissancereconnaissance activityremote accessremote servicesresearchedscams & fraudservice enumerationservice scansmb scanningsmtp brute forcesocial engineeringssh attacksyn scant1018t1021t1021.001t1021.002t1040t1046t1055t1059t1059.001t1059.004t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1189t1190t1192t1204t1204.001t1486t1496t1499.002t1499.003t1534t1552.001t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1588.002t1589t1589.002t1592t1595t1595.001t1595.002t1595.003t1598t1598.003tcp scantcp scanningtelnet threatthreat actorthreat intelligence feedthreat_actor_activitytor nodeudp scanunited statesvulnerability scanweb securitywhaling attack

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain `ecofertil.ma` has been identified as a significant Indicator of Compromise (IOC) with a score of 45.98, indicating a substantial threat level. This IOC is frequently associated with phishing and spearphishing campaigns, posing a direct risk of credential theft, malware delivery, and unauthorized access to organizational assets. If left unaddressed, the presence of this IOC in the environment could lead to severe security breaches, compromising sensitive data and disrupting business o…

Threat ScoreMedium Risk
46
SIGNAL
Signal Score
46%
Confidence
10
Reports
First seenNov 21, 2024
Last seenJun 2, 2026

VirusTotal

Not checked

WHOIS

registrar
CAP CONNECT
description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber
domain rank
-1
raw
Admin Email: [email protected] Creation Date: 2025-05-16T10:11:25Z Domain Name: ecofertil.ma Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: ns1.o2switch.net Name Server: ns2.o2switch.net Registrant Name: 009a49af40bef05d Registrar Email: [email protected] Registrar Registration Expiration Date: 2026-05-16T10:07:30Z Registrar Street Address: Léonore Offices, N25, Avenue Beethoven 90 000 Tanger Registrar: CAP CONNECT Registry Expiry Date: 2026-05-16T10:07:30Z Tech Email: [email protected] Updated Date: 2025-05-18T22:20:06Z
references
https://malware-filter.gitlab.io/malware-filter/phishing-filter-domains.txt
subdomains count
8

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 12 days ago
Appeared in 10 threat reports