IOC Radar
DomainHighVerifiedSignal 57/100

radamel.icu

Location
United StatesUnited States
First Seen
Dec 16, 2025
Last Seen
Dec 17, 2025
Dec 16
First Seen
188d ago
Dec 17
Last Seen
188d ago
4
Reports
source reports
57%
Confidence
high
Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
57%
Signal Score
57 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

11 techniques

Feed Intelligence Summary

4 reports57% confidence
4
Source reports
57%
Confidence score
Category tags
c2communication channeldata exfiltrationdata theftindicatorinfrastructure acquisitionreconnaissancemalicious softwaremalwarenetworknorth americaprocess injectionresearchedt1041t1055t1071t1071.001t1095t1105t1486t1565t1573t1587.001t1590.001united states

Activity Timeline

1 total obs
Dec 17Dec 17

Threat Activity Heatmap

· Peak: 2025-12-17
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
57
SIGNAL
Signal Score
57%
Confidence
4
Reports
First seenDec 16, 2025
Last seenDec 17, 2025
Verified IOC

VirusTotal

Not checked

WHOIS

description
These indicators of compromise (IOCs) were identified through LevelBlue Labs' proprietary collection and threat hunting processes, leveraging AI-driven heuristics to detect anomalous patterns, behavioral analysis of malicious activity, and cross-referenced intelligence from endpoint telemetry and external sources. The IOCs included in this pulse are associated with command and control (C2) infrastructure, facilitating malware communication, data exfiltration, and persistent threat actor operations. Use this data to enhance detection rules, block malicious infrastructure, or correlate with existing incident investigations. These indicators have been assigned a medium confidence level regarding their maliciousness. They are therefore subject to further review, and feedback is greatly appreciated.

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 6 months ago · Last seen 6 months ago
Appeared in 4 threat reports