DomainMediumSignal 17/100

`saasarm.com`

Location

Spain

First Seen

Jul 9, 2025

Last Seen

Jul 12, 2025

Jul 9

First Seen

336d ago

Jul 12

Last Seen

333d ago

Reports

source reports

17%

Confidence

medium

Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

17%

Signal Score

17 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

19 techniques

Feed Intelligence Summary

3 reports17% confidence

Source reports

17%

Confidence score

Category tags

aaaaactive relatedad tevdagapplebodycanada unknownchromecommand and controlcommunication protocolcreation datecyber threatsdata accessdata copyingdata exfiltrationdata misusedata transferdata uploaddonedraiedynamicloaderencryptenter soudcetdientrieseuropeeurope/asiaexcludeexclude suggesexpiration dateextr dataextraction dataextri dataextri includefailedfalse informationfilesfiles domainfiles relatedfinancefinancial servicesfind sfoundryfrancegermanygoogle safeguardhostname addhostname enumerationhtmlhttp attackhttp scannerinclude reviewindicatorinformation gatheringingress tool transfermalicious linksmalicious softwaremalwaremedia centermovedmsiename serversnetherlandsnetworknetwork scanningnextnext associatedpassive dnspersonal datapresent augpresent junpresent sepprocess injectionpulse pulsespulse submitpulsespulses otxransomreconnaissancerecord valueredacted forrelated tagsreputation damageresearchedreviewrussiascript domainsscript urlssearchsecure serverserver responseserversserviceshowingslcc2smear campaignsocial media abusespainstatusstop xsuggest1005t1030t1055t1071.001t1078t1105t1190t1204.001t1486t1499.001t1499.002t1534t1565t1566t1566.001t1589t1589.001t1592t1598titletitle addedtrojan malwaretwittertypeunitedunknown nsuny inuuueurlsurls showvirtoolweb securityweb trafficwindows ntwritewrite cxport

Activity Timeline

1 total obs

Jul 12Jul 12

Threat Activity Heatmap

· Peak: 2025-07-12

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Intelligence SummaryAI Generated

The domain **saasarm.com** has emerged as a significant indicator of compromise (IOC) linked to malware activities, first observed on July

Threat ScoreLow Risk

SIGNAL

Signal Score

17%

Confidence

Reports

First seenJul 9, 2025

Last seenJul 12, 2025

VirusTotal

Not checked

WHOIS

domain rank: -1
subdomains count: 0

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

medium

First detected 11 months ago · Last seen 11 months ago

Appeared in 3 threat reports