IOC Radar
DomainMediumSignal 50/100

saturn-chat.vivli.org

Location
UkraineUkraine
First Seen
Apr 16, 2026
Last Seen
Apr 23, 2026
Apr 16
First Seen
59d ago
Apr 23
Last Seen
52d ago
3
Reports
source reports
50%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
50%
Signal Score
50 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

20 techniques

Feed Intelligence Summary

3 reports50% confidence
3
Source reports
50%
Confidence score
Category tags
acceptacrongl integbackbazaarcache entrycalls processchrome cachecloseentryeuropefirstgif imageindicatorinfolcidmitre attmwdbnetworknextntopenfile filepathphishingpng imageresearchedriffservicessdeepstreamstringformatstringformatdott1003t1012t1014t1036t1046t1055t1056t1071t1082t1083t1095t1140t1203t1221t1485t1496t1542t1564t1566t1573threat actortoggletor nodeukraineunitedunixvp8 encodingwebp imagewindows sandboxx85bxa1pyuv color

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
50
SIGNAL
Signal Score
50%
Confidence
3
Reports
First seenApr 16, 2026
Last seenApr 23, 2026

VirusTotal

Not checked

WHOIS

registrar
GoDaddy.com, LLC
description
Here is the full text of Yomi's Verdict, which was sent to the BBC by the MITRE team and is now available to view via the web browser, via iPlayer, £1.
raw
Creation Date: 2016-03-08T15:42:25Z DNSSEC: unsigned Domain Name: vivli.org Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: ns1-07.azure-dns.com Name Server: ns2-07.azure-dns.net Name Server: ns3-07.azure-dns.org Name Server: ns4-07.azure-dns.info Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.4806242505 Registrar IANA ID: 146 Registrar URL: http://www.whois.godaddy.com Registrar WHOIS Server: http://whois.godaddy.com Registrar: GoDaddy.com, LLC Registry Domain ID: REDACTED Registry Expiry Date: 2031-03-08T15:42:25Z Updated Date: 2026-02-10T19:32:10Z

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 1 month ago
Appeared in 3 threat reports