IOC Radar
DomainMediumSignal 55/100

electrum-usdt.com

Location
Saint Helena, Ascension and Tristan da CunhaSaint Helena, Ascension and Tristan da Cunha
First Seen
Sep 25, 2024
Last Seen
Jun 2, 2026
Sep 25
First Seen
626d ago
Jun 2
Last Seen
11d ago
12
Reports
source reports
55%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

67 techniques

Feed Intelligence Summary

12 reports55% confidence
12
Source reports
55%
Confidence score
Category tags
about_catsabuseactiveactive scanapkaptarmasciiasyncratattachment exploitationattackattack vectorbackdoorbad reputationbadjokebase64-loaderbatbecblocklistbotnetbotnet activitybotnetdomainbrand impersonationbrand_impersonationbrute forcebrute force attackbusiness email compromisec2coinminercommand & controlcommand and controlcommand executioncommunication protocolcompromised accountcontentcplcredential accesscredential harvestingcredential phishingcredential stuffingcredential theftcredential_harvestingcredential_phishingcredential_theftcryptocryptocurrencycybersecurity awarenessdanabotdata encryptiondata exfiltrationdata store exposureddosddos attacksdecoydestroylist_phishingdistributed attacksdlldownloaderdrainerdropped-by-privateloaderelfencodedencryptionexeexecutable fileexploitation activityextortionfinancefinancial institution impersonationform submissionfraudgafgytgenericguloadergzhashhookbothtahttp scannerhttpsidentity & access exploitationindicatorindicators of compromiseinfinfostealerinfrastructure acquisitionreconnaissanceingress tool transferiniinitial accessinjection activityinternet of thingsiot botnetiot securityiot/ics attackiproyalladvixliclink manipulationlink obfuscationlink redirectionlnklummalummastealermalicious activitymalicious attachmentmalicious domainmalicious linkmalicious linksmalicious powershell activitymalicious softwaremalicious_attachmentmalwaremalware deliverymalware distributionmalware_phishingmarsstealermassloggermetasploitmeterpretermipsmirai botnetmobile threatmozinetsupportmodulesnetsupportratnetworkngrokopendirpassword attackspdfphishingphishing attackphishing campaignphishing-databasephishing_attemptphishing_campaignphpalfashellprocess injectionps1puapumppumpedpurelogstealerpythonquasarratraccoonstealerransomwareratredlinestealerrekooberemcos trojanremcosratremote accessremote servicesresearchedrev-base64-loaderrootkitsaint helena, ascension and tristan da cunhascamscams & fraudscripting attackssecurity awarenesssecurity operationssecurity_awarenessservice provider impersonationshellscriptsliversmoke loadersmtpsocial engineeringspearphishingsshdkitstealcsystem disruptiont1001t1001.001t1001.002t1001.003t1005t1021.001t1027t1027.002t1027.003t1027.006t1041t1047t1053t1053.005t1055t1056.004t1059t1059.001t1059.003t1059.004t1059.005t1059.007t1068t1071t1071.001t1078t1078.004t1086t1105t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1192t1203t1204t1204.001t1204.002t1486t1490t1496t1499.002t1499.003t1534t1543t1543.003t1547t1547.001t1547.009t1565t1566t1566.001t1566.002t1566.003t1566.004t1567.001t1573t1573.001t1573.002t1587.001t1588t1590.001t1598t1598.003threat activitythreat actorthreat intelligencethreat_detectionthreat_intelligencetor nodetrojan malwareua-wgetuser_exploitationvbsvidarvipkeyloggerweb securityweb trafficxhidexmrigxwormzip

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), `electrum-usdt.com`, represents a significant threat primarily associated with cryptocurrency-themed phishing activities. Its high score of 55.23796046645245 and non-whitelisted status underscore its malicious nature. If users within the organization interact with this domain, they risk exposing sensitive credentials, leading to potential financial fraud, account takeover, or broader system compromise. The domain's name explicitly targets users of Electrum wal…

Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
12
Reports
First seenSep 25, 2024
Last seenJun 2, 2026

VirusTotal

Not checked

WHOIS

description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 11 days ago
Appeared in 12 threat reports