IOC Radar
DomainMediumSignal 70/100

samsung-work.com

Location
United StatesUnited States
First Seen
Nov 26, 2024
Last Seen
Jun 18, 2026
Nov 26
First Seen
571d ago
Jun 18
Last Seen
2d ago
17
Reports
source reports
70%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

47 techniques

Feed Intelligence Summary

17 reports70% confidence
17
Source reports
70%
Confidence score
Category tags
abuseaccess initialaccount discoveryaccount profilingaccount takeoveractive scanactive scanningalienvault_ransomwareapi abuseappendix baptas path poisoningattackauthentication abuseauthentication bypassauthentication flawbad reputationbatshadowbgpblacklisted hashblacklisted ip addressbotnetbotnet activitybrute forcec serverc2ck matrixcommand & controlcommand and controlcommunication protocolcommunication technologiescontrol commandcore network compromisecredential accesscredential harvestingcredential stuffingcredential theftcryptocurrencycryptographydata breachdata exfiltrationdata interceptiondata store exposureddosdefense evasiondenial of servicedigital certificatedigital signaturedistributed attacksdocument exploitatione-signature securityexploitation activityftp brute forcehashhttp brute forceidentity & access exploitationindicatorinitial accessinjection activityinter-as route manipulationintrusion detectionjob scamlateral network movementlogin attackmalicious activitymalicious communication blockedmalicious softwaremalwaremalware signingmitre attmobile carriersmobile networksnetworknetwork attacksnetwork infrastructure attacknetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynorth americapassword attackphishingphishing attackprocess injectionransomwareratreconnaissanceremote accessremote servicesresearchedrouting protocolscams & fraudscannersmtp brute forcesocial engineeringsoftware integrityssh attackt1021t1021.001t1036t1040t1041t1055t1059t1071t1071.001t1076t1078t1082t1105t1110t1110.002t1113t1189t1190t1199t1204t1218t1219t1486t1496t1499.001t1499.002t1499.003t1518t1539t1550t1554.001t1554.003t1555t1563t1564t1565t1566t1566.001t1566.002t1566.003t1567t1571t1573t1595t1595.001t1595.002t1595.003tactic initialtcp protocoltelecom servicestelecommunicationsthreat actorthreat intelligencetier-1 network vulnerabilitytor nodeunited statesvampire botvulnerability scanweb application attack

Activity Timeline

1 total obs
Jun 18Jun 18

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **samsung-work.com** has emerged as a significant indicator of compromise (IOC) linked to multiple cyber threats originating from the United States. First observed on November

Threat ScoreMedium Risk
70
SIGNAL
Signal Score
70%
Confidence
17
Reports
First seenNov 26, 2024
Last seenJun 18, 2026

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 days ago
Appeared in 17 threat reports