IOC Radar
DomainHighVerifiedSignal 78/100

sacprocessserving.com

First Seen
Feb 25, 2024
Last Seen
Mar 20, 2026
Feb 25
First Seen
848d ago
Mar 20
Last Seen
95d ago
5
Reports
source reports
78%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
78%
Signal Score
78 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

24 techniques

Feed Intelligence Summary

5 reports78% confidence
5
Source reports
78%
Confidence score
Category tags
bot communicationbotnetc2c2 communicationcommand and controlcommunication protocolcompromised hostcredential harvestingdata exfiltrationdistributed attacksdownloaderhttp scannerhttpsindicatorinfrastructure acquisitionreconnaissanceingress tool transferiocmachine learning detectionmalicious domainsmalicious softwaremalwaremalware distributionmalware domain feednetworkphishing attackpotential-c2process injectionresearchedsocial engineeringt1001t1001.001t1001.002t1041t1055t1071t1071.001t1071.004t1105t1190t1486t1496t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1568t1568.002t1573t1587.001t1590.001trojan malwareupatreweb traffic

Activity Timeline

1 total obs
Mar 20Mar 20

Threat Activity Heatmap

· Peak: 2026-03-20
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **sacprocessserving.com** has been identified as a critical indicator of compromise (IOC) associated with botnet and command-and-control (C

Threat ScoreHigh Risk
78
SIGNAL
Signal Score
78%
Confidence
5
Reports
First seenFeb 25, 2024
Last seenMar 20, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

registrar
Xiamen 35.Com Technology Co., Ltd
description
Command and Control domains for Upatre. These domains are extracted from a number of sources, and are suspicious.
domain rank
-1
raw
Creation Date: 2019-08-25T16:00:00Z Creation Date: 2019-08-26T14:19:23Z DNSSEC: unsigned Domain Name: SACPROCESSSERVING.COM Domain Status: ok https://icann.org/epp#ok Name Server: GORDON.NS.CLOUDFLARE.COM Name Server: ZITA.NS.CLOUDFLARE.COM Registrant City: 1d3bfef31c79d0a9 Registrant Country: CN Registrant Email: b00faeca5d866b65s@ Registrant State/Province: d42af62846cfb0d4 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +86.4001353511 Registrar IANA ID: 1316 Registrar Registration Expiration Date: 2020-08-26T04:00:00Z Registrar URL: http://www.35.com Registrar WHOIS Server: whois.35.com Registrar: Xiamen 35.Com Technology Co., Ltd Registrar: Xiamen 35.Com Technology Co., Ltd. Registry Domain ID: 2426954888_DOMAIN_COM-VRSN Registry Expiry Date: 2020-08-26T14:19:23Z Registry Registrant ID: Not Available From Registry Updated Date: 2019-08-26T14:19:18Z Updated Date: 2019-08-27T05:00:59Z
subdomains count
2

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 2 years ago · Last seen 3 months ago
Appeared in 5 threat reports