IOC Radar
DomainMediumSignal 36/100

scim.fvsag.com

First Seen
Apr 13, 2025
Last Seen
May 16, 2025
Apr 13
First Seen
436d ago
May 16
Last Seen
403d ago
3
Reports
source reports
36%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
36%
Signal Score
36 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

17 techniques

Feed Intelligence Summary

3 reports36% confidence
3
Source reports
36%
Confidence score
Category tags
abuseadobe readerauthentihashbotnetcode executioncode injectioncommandcommand and controlcommand executiondata exfiltrationdistributed attacksdwordexploitfileless malwarefilesindicatormalicious softwaremalwarenetworkopenpdfpe fileportable document formatprocess analysisprocess injectionprotected modereaderresearchedresolved ipsrich peshellssdeept1003t1027t1055t1059t1059.001t1059.003t1068t1071.001t1189t1204.002t1486t1496t1499.002t1499.003t1547.001t1565t1566.001uservhash

Activity Timeline

1 total obs
May 16May 16

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **scim.fvsag.com** has emerged as a significant indicator of compromise (IOC) associated with botnet activities, exploits, and malware distribution. First observed on April

Threat ScoreLow Risk
36
SIGNAL
Signal Score
36%
Confidence
3
Reports
First seenApr 13, 2025
Last seenMay 16, 2025

VirusTotal

Not checked

WHOIS

registrar
united domains AG
description
.AcroRd32.exe PID: 7052, Raport UID: 00000000-00007052 MD5: 92cbd9454fb7a42c4b0858364a759755 SHA256:c43c0929e1f9b27dac07d49b0a659e83be4cdb4dfdd709eb7e37a341cd169e87 https://hybrid-analysis.com/sample/c43c0929e1f9b27dac07d49b0a659e83be4cdb4dfdd709eb7e37a341cd169e87 https://www.virustotal.com/gui/file/c43c0929e1f9b27dac07d49b0a659e83be4cdb4dfdd709eb7e37a341cd169e87/behavior
raw
Creation Date: 1999-02-11T05:00:00Z DNSSEC: unsigned Domain Name: FVSAG.COM Domain Name: fvsag.com Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited Name Server: NS.UDAG.DE Name Server: NS.UDAG.NET Name Server: NS.UDAG.ORG Name Server: ns.udag.de Name Server: ns.udag.net Name Server: ns.udag.org Registrant City: 3432650ec337c945 Registrant Country: DE Registrant Email: 19a93c4c67f050fcs@ Registrant Fax Ext: 3432650ec337c945 Registrant Fax: 3432650ec337c945 Registrant Name: 3432650ec337c945 Registrant Phone Ext: 3432650ec337c945 Registrant Phone: 3432650ec337c945 Registrant Postal Code: 3432650ec337c945 Registrant State/Province: 3432650ec337c945 Registrant Street: 3432650ec337c945 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +49.8151368670 Registrar IANA ID: 1408 Registrar Registration Expiration Date: 2026-02-11T05:00:00Z Registrar URL: http://www.united-domains.de Registrar URL: https://www.united-domains.de/ Registrar WHOIS Server: whois.udag.net Registrar: united domains AG Registrar: united-domains GmbH Registry Domain ID: 3562939_DOMAIN_COM-VRSN Registry Expiry Date: 2026-02-11T05:00:00Z Updated Date: 2025-02-10T08:42:03Z

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 year ago
Appeared in 3 threat reports