DomainLowSignal 28/100
rotak.it
Location
CanadaFirst Seen
Apr 30, 2026
Last Seen
Apr 30, 2026
Found in 2 reports. Confidence: low. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
28%
Signal Score
28 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
2 reports28% confidence
2
Source reports
28%
Confidence score
Category tags
abuseaes keyaesctraesgcmalienvault_ransomwareaustraliabad reputationbitcoincanadachatcryptocurrencyecdhencryptioneuropeexecutable fileexploitation activitygoindicatorm3rxm3rxdlsmalwarenetworknorth americaoceaniapowershellransomwarerecycle binresearchedt1027t1059.001t1070.004t1486x25519
Activity Timeline
Apr 30Apr 30
Threat Activity Heatmap
· Peak: 2026-04-30LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
The domain rotak.it, originating from Canada, has emerged as a potential indicator of compromise (IOC) associated with malware and ransomware activities. First observed on April
Threat ScoreLow Risk
28
SIGNAL
Signal Score
28%
Confidence
2
Reports
First seenApr 30, 2026
Last seenApr 30, 2026
VirusTotal
Not checked
WHOIS
- description
- M3rx is a newly identified ransomware variant that encapsulates its operations within a dedicated leak site and utilizes a Windows-based encryptor. As of April 27, 2026, the actor has released six public posts detailing their activities, indicating that M3rx is actively engaging in ransomware attacks. Notable activity occurred on April 23 and April 26, with claims of targeting victims across the US, Canada, Australia, the UK, and Switzerland, although attribution to any known threat actor or group remains unsubstantiated.
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
lowFirst detected 1 month ago · Last seen 1 month ago
Appeared in 2 threat reports