IOC Radar
DomainHighVerifiedSignal 64/100

sovatt.com

Location
Czech RepublicCzech Republic
First Seen
Mar 20, 2025
Last Seen
Feb 12, 2026
Mar 20
First Seen
450d ago
Feb 12
Last Seen
121d ago
5
Reports
source reports
64%
Confidence
high
1/91
VirusTotal
detections
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
64%
Signal Score
64 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

24 techniques

Feed Intelligence Summary

5 reports64% confidence
5
Source reports
64%
Confidence score
Category tags
abuseaccessadresadresy urlamerykibardzo dugabotnetca datacommand and controlcsc corporateczech republicdata exfiltrationdata utworzeniadata wyganiciadigitaldigital certificate analysisdistributed attacksdnssecdocument exploitationeuropefirst stage payloadgermanyindicatorinfrastructure acquisitionreconnaissancemalicious softwaremalwaremalware deliverymicrosoft officemuinetworkoffice exploitationprocess injectionresearchedsan joseserwer nazwssdeept1027t1036t1046t1055t1059t1059.001t1071t1071.001t1082t1095t1105t1189t1204.002t1486t1496t1499.002t1499.003t1547.001t1565t1566t1566.001t1573t1587.001t1590.001tworzytworzy katalogtworzy plikityp pliku

Activity Timeline

1 total obs
Feb 12Feb 12

Threat Activity Heatmap

· Peak: 2026-02-12
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **sovatt.com** has been identified as a critical indicator of compromise (IOC) associated with botnet and malware activities, originating from the Czech Republic. Security analysts should be aware that this domain has been active since March

Threat ScoreMedium Risk
64
SIGNAL
Signal Score
64%
Confidence
5
Reports
First seenMar 20, 2025
Last seenFeb 12, 2026
Verified IOC

VirusTotal

1/ 91vendors flagged
1% detection rateJun 8, 2026

WHOIS

description
A look back at some of the key words and phrases used to describe the situation in Italy, as "probacja" (or "democrata), as they were translated into English.
domain rank
-1
raw
Administrative city: Hayes Administrative country: United Kingdom Administrative email: [email protected] Administrative state: Middlesex Create date: 2024-03-28 00:00:00 Domain name: sovatt.com Domain registrar id: 468 Domain registrar url: https://registrar.amazon.com Expiry date: 2025-03-28 00:00:00 Query time: 2024-03-29 10:11:14 Registrant city: e8faa050f23df84b Registrant company: 038a292988566233 Registrant country: United Kingdom Registrant email: [email protected] Registrant fax: d36966860d9d3f39 Registrant name: 8c01362fe70f30cd Registrant phone: 2514ee9d37174cd5 Registrant state: 0449eb7840e3a030 Registrant zip: 0c47207fb5546dc6 Technical city: Hayes Technical country: United Kingdom Technical email: [email protected] Technical state: Middlesex Update date: 2024-03-28 00:00:00
subdomains count
0

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 4 months ago
Appeared in 5 threat reports