Skip to main content
Threat Radar animated logo
DashboardThreatsMapFeedsAPILifetime Access
reconnecting
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

Maltrail IOC for 2026-02-19

0
Medium
Malwaretlp:clearmalwaremisp:threat-level="medium-risk"misp:event-type="observation"misp:automation-level="unsupervised"type:osintosint:lifetime="perpetual"osint:source-type="manual-collection"
Published: Thu Feb 19 2026 (02/19/2026, 00:00:00 UTC)
Source: CIRCL OSINT Feed
Vendor/Project: tlp
Product: clear

Description

Maltrail IOC for 2026-02-19

AI-Powered Analysis

AILast updated: 02/19/2026, 15:45:09 UTC

Technical Analysis

This report details a Maltrail IOC (Indicator of Compromise) dated February 19, 2026, sourced from the CIRCL OSINT Feed. Maltrail is a network traffic detection system that identifies suspicious or malicious activity by analyzing network traffic patterns. The IOC is classified under malware and network activity categories, indicating detection of potentially malicious network behavior. The threat is tagged with medium risk but lacks specific technical indicators such as IP addresses, domain names, or malware signatures. No affected software versions or patches are listed, and there are no known exploits in the wild associated with this IOC. The data appears to be an observational record from open-source intelligence, collected manually and intended for ongoing threat awareness rather than immediate incident response. The absence of detailed technical data limits the ability to assess the exact nature of the malware or its attack vectors. The IOC's medium severity suggests it represents a credible but not immediately critical threat, likely requiring monitoring rather than urgent mitigation. This type of intelligence is useful for organizations employing network traffic analysis tools to update detection rules and enhance situational awareness.

Potential Impact

Given the lack of specific exploit details or active attacks, the immediate impact on organizations is limited. However, the presence of a malware-related network IOC indicates potential reconnaissance or early-stage malicious activity that could precede more severe attacks. Organizations worldwide that rely on network traffic monitoring and intrusion detection systems may experience increased alert volumes or need to adjust detection parameters. If the underlying malware or network activity were to evolve into active exploitation, impacts could include unauthorized data access, network disruption, or lateral movement within networks. The medium severity reflects moderate risk to confidentiality and integrity if exploited, but the current absence of known exploits and patches reduces urgency. Organizations without robust network monitoring may be less aware of such threats, potentially increasing their risk exposure. Overall, the impact is primarily on detection and preparedness rather than immediate compromise.

Mitigation Recommendations

1. Integrate the IOC into existing network traffic analysis and intrusion detection systems such as Maltrail, Suricata, or Zeek to enhance detection capabilities. 2. Continuously update threat intelligence feeds and correlate alerts with this IOC to identify potential malicious network activity early. 3. Conduct regular network traffic reviews focusing on anomalies or patterns consistent with malware-related activity, even if specific indicators are not provided. 4. Implement network segmentation and strict access controls to limit potential lateral movement if malicious activity is detected. 5. Train security operations teams to recognize and respond to medium-risk network alerts promptly, emphasizing investigation over immediate remediation due to the observational nature of this IOC. 6. Maintain up-to-date endpoint and network security solutions to reduce the risk of malware infections that could generate such network activity. 7. Collaborate with threat intelligence communities to share findings and receive updates on any evolution of this IOC into active threats. These steps go beyond generic advice by focusing on proactive network monitoring integration and operational readiness tailored to the nature of this intelligence.

Affected Countries

United StatesUnited States
GermanyGermany
FranceFrance
United KingdomUnited Kingdom
CanadaCanada
AustraliaAustralia
NetherlandsNetherlands
JapanJapan
South KoreaSouth Korea
SingaporeSingapore
Need more detailed analysis?Upgrade to Pro Console

Technical Details

Uuid
4fe4a80e-39cb-43f1-9e95-9ce5ddd98907
Original Timestamp
1771512608

Indicators of Compromise

Url

ValueDescriptionCopy
urlhttps://api.github.com/repos/stamparm/maltrail/commits/11b8e64ee8f1179d3a57ed9d6acb04b6db98685f
urlhttps://api.github.com/repos/stamparm/maltrail/commits/1abcb0daf207436d840b79aa6a03dae8685b06dc
urlhttps://api.github.com/repos/stamparm/maltrail/commits/32a76ddc120c0277d847fbcbc9288d61621c6ada
urlhttps://api.github.com/repos/stamparm/maltrail/commits/891b85778a0dca163aab9a0357d4ad0070f1dde7
urlhttps://www.virustotal.com/gui/ip-address/172.86.68.175/relations
urlhttps://api.github.com/repos/stamparm/maltrail/commits/38a0e5323dfab3c52d49e9a5ebc378a77613c2e4
urlhttps://www.malware-traffic-analysis.net/2026/02/02/index.html
urlhttps://api.github.com/repos/stamparm/maltrail/commits/161165f924c2d4f0f724c560e8a61be490c2a32f
urlhttps://api.github.com/repos/stamparm/maltrail/commits/cad8eeb78d9aaff26917877b09d8299c53d45955
urlhttps://www.linkedin.com/posts/any-run_moonrise-anyrun-anyrun-activity-7429889782744338432-m2TU
urlhttps://app.any.run/tasks/d3e5e733-3b0d-4cf7-a7a8-ea1553cd16b9
urlhttps://www.virustotal.com/gui/file/082fdd964976afa6f9c5d8239f74990b24df3dfa0c95329c6e9f75d33681b9f4/detection
urlhttps://www.virustotal.com/gui/file/7609c7ab10f9ecc08824db6e3c3fa5cbdd0dff2555276e216abe9eebfb80f59b/detection
urlhttps://www.virustotal.com/gui/file/8a422b8c4c6f9a183848f8d3d95ace69abb870549b593c080946eaed9e5457ad/detection
urlhttps://www.virustotal.com/gui/file/8d7c1bbdb6a8bf074db7fc1185ffd59af0faffb08e0eb46a373c948147787268/detection
urlhttps://www.virustotal.com/gui/file/c7fd265b23b2255729eed688a211f8c3bd2192834c00e4959d1f17a0b697cd5e/detection
urlhttps://api.github.com/repos/stamparm/maltrail/commits/5cf8515fc2730f3beeedd68b9aa02b55a22bb4e1
urlhttps://x.com/skocherhan/status/2024182714924982367
urlhttps://www.virustotal.com/gui/file/0d68b73230590dd26702695e55035bea909f3ecb1819d271f97ebb91fd5be2a9/detection
urlhttps://api.github.com/repos/stamparm/maltrail/commits/d3b98338d832376da067a62d39c8da81f39f01c5
urlhttps://x.com/smica83/status/2024247296766939341
urlhttps://www.virustotal.com/gui/file/c71e7135b7b1398ec8e265eb23ccb19d955d7eb93c8fd302f621b1709083d071/detection
urlhttps://api.github.com/repos/stamparm/maltrail/commits/4e6c0e7c8e900923044847b7fa25aae262e121ce
urlhttps://www.virustotal.com/gui/file/72b42b0a3f81f87a57de68a85073507e31a2396a7fb43229b4a087aec1d32817/detection
urlhttps://www.virustotal.com/gui/file/6d42dc19f4b0a8d12316b1956afd3a75aaacefe6ee9a0b1f5a6226514d85d946/detection
urlhttps://www.virustotal.com/gui/file/675288f2acf488cdae11d6473910ee11407ccaee87e9692d279cd694381f6e30/detection
urlhttps://api.github.com/repos/stamparm/maltrail/commits/13a13f3a1e0c8510cc97eedc8167746327398917
urlhttps://x.com/SarlackLab/status/2024106705055863014
urlhttps://api.github.com/repos/stamparm/maltrail/commits/e250fc689c07a26cfd5fafce79d2bfb829880db1
urlhttps://x.com/skocherhan/status/2024248493037015409
urlhttps://www.virustotal.com/gui/file/3f62db0ff8ee1ce8cb2015c5bd2af8dbcc8089bb349192ee8b8d5a923476af71/detection
urlhttps://api.github.com/repos/stamparm/maltrail/commits/f289cf60e764c067a2fd6fe0ea966a5b60155a9f
urlhttps://api.github.com/repos/stamparm/maltrail/commits/80c7c9a543b65a50d12bca1dd6689b8109441ecf
urlhttps://x.com/skocherhan/status/2024194564605579358
urlhttps://www.virustotal.com/gui/file/4885affbac1695037c5fbfc000ff54021406c5da58a14fca96dd34f6de499220/detection
urlhttps://www.virustotal.com/gui/file/5a98b05cff064c3884c689e4f4fb991533cf631de39299a924d69d8376661b0c/detection
urlhttps://api.github.com/repos/stamparm/maltrail/commits/d1d77abefe9c47bce37e1cbcd85c910b765c841e
urlhttps://api.github.com/repos/stamparm/maltrail/commits/be925348dd8e47bc81ccddf988a96929fd3ad4cc
urlhttps://api.github.com/repos/stamparm/maltrail/commits/378a356b50d0a204246efa8b473ab3ddda9d0fe5
urlhttps://x.com/unmaskparasites/status/2024231565711060994
urlhttps://research.checkpoint.com/2025/inferno-drainer-reloaded-deep-dive-into-the-return-of-the-most-sophisticated-crypto-drainer
urlhttps://api.github.com/repos/stamparm/maltrail/commits/561909b7dc91fffdf76505a278492dc2d1789ca3
urlhttps://x.com/suyog41/status/2024363333680582877
urlhttps://www.virustotal.com/gui/file/ea349ae658ce24fdb994d8a2726314873b306a4c9714e8c66393a8154547c4a3/detection
urlhttps://api.github.com/repos/stamparm/maltrail/commits/313aecbbb8dc413b1c2c18b6f90d6fc8aef0a283
urlhttps://api.github.com/repos/stamparm/maltrail/commits/e90cfa69a74534db6fe794e488e52b6604f64df0
urlhttps://api.github.com/repos/stamparm/maltrail/commits/872f4fce15d8d60a302d48967e0b405d92d67b4a
urlhttps://api.github.com/repos/stamparm/maltrail/commits/1d8976086d74637ce1cc99c999b9c9347309ddda
urlhttps://api.github.com/repos/stamparm/maltrail/commits/6da10d1bbf5604f7a67f29aa7ed06053a5f07720
urlhttps://api.github.com/repos/stamparm/maltrail/commits/fa144a4811964b61569d4887fd83a67a8d9639b9
urlhttps://api.github.com/repos/stamparm/maltrail/commits/9cc28131a555a104cb978a5ac8c1d9b6f23703f7
urlhttps://www.virustotal.com/gui/ip-address/144.31.1.133/relations
urlhttps://www.virustotal.com/gui/ip-address/144.31.90.119/relations
urlhttps://api.github.com/repos/stamparm/maltrail/commits/40f69b93dd093dfc13eb22df9b086d7d59388fb6
urlhttps://x.com/volrant136/status/2024478284982210852
urlhttps://api.github.com/repos/stamparm/maltrail/commits/a53f7c8e0661fb0a05b322733fde9bed83213bee
urlhttps://x.com/suyog41/status/2024479497224147390
urlhttps://www.virustotal.com/gui/file/359391bbed3585cac881d3e0cb1c5d3143f14381a676560dbda2e8d3317f1426/detection

Domain

ValueDescriptionCopy
domainkoover.org
domaintributj.cyou
domainactivebrain.conscious86jag.coupons
domainallu7eho1a.ru
domaincensure47contr.coupons
domainchecknode.censure47contr.coupons
domainconscious86jag.coupons
domainmagicbook.overdue13wizard.coupons
domainmagiclook.allu7eho1a.ru
domainmentalpulse.conscious86jag.coupons
domainmindwave.conscious86jag.coupons
domainmysticpoint.overdue13wizard.coupons
domainoldscroll.overdue13wizard.coupons
domainoverdue13wizard.coupons
domainsafeguard.censure47contr.coupons
domainschonefrau.allu7eho1a.ru
domainshieldpath.censure47contr.coupons
domainthoughtsync.conscious86jag.coupons
domaintopazyduper.ru
domainnelavohomet.com
domainabjmamnaaecgfmd.top
domainaddmkkajhebcbem.top
domainafiniljgdmdgimb.top
domainagcnfjkcjlcddfk.top
domainahegbcanlikmall.top
domainahyw2fb2.top
domainaimgmacjdijjjeg.top
domainaldhkakgnbkmdmk.top
domainbaifegjcmijlifc.top
domainbasy3f.top
domainbfbkidlkalaelfj.top
domainbhflgeggjeciean.top
domainbinlcchccebfagh.top
domainbkbemjmaebjnkmi.top
domainbljejhnjkaikgfd.top
domainbnafhhhggikannh.top
domainbnbfyw1.top
domainccldeaegnbjckae.top
domaincdfdbmgcfainfgn.top
domaincegklfkahlchcna.top
domainchhkejhdlifgjkg.top
domainclljajecjlagkhf.top
domaincmmckcjalhibhag.top
domaindbncdggdbemaalm.top
domaindeibchbgghidgbb.top
domaindfcbmfdcmhhabhk.top
domaindkcjdldgclckbbk.top
domaineinnjmacfngcmjh.top
domainemahaeagjebllch.top
domainenihlcbccdaihic.top
domainey267te.top
domainfblflllgckanide.top
domainfcffijmcjknkdjn.top
domainfgfnnangnahfdcn.top
domainfnjnbehjangelkd.top
domainfyvw2oiv.top
domaingdidjeigjdnbeeb.top
domaingecdfcjcbcmmakk.top
domainghhedcenlkabhfa.top
domaingibeaafjeknmclj.top
domaingjclkhkgghhhnek.top
domaingkklhflcmggeikf.top
domaingmbmfgfniahicei.top
domainhbmkcncnbghjmfg.top
domainhbsayv7a2.top
domainhchknlejhgggila.top
domainhdyvgtz2.top
domainhhnbdjhcijlnklh.top
domainhince21.top
domainhkmclhcjlcmanmg.top
domainhlnjhahgnngjkfh.top
domainhmijemicfnffflc.top
domainhyfhgvz2.top
domainialhfhehggfkgge.top
domainibfhbffdmfehbmn.top
domainidkinganingljgd.top
domainieeikebjanfiemm.top
domainiffbgkfhckndbfn.top
domainijecbjbnednddgl.top
domainjdlhmlbkkcjjndk.top
domainjfyvhz23.top
domainjghglmlnbgfnfha.top
domainjhbghlmjhfejbaj.top
domainjicnddchjcmelgk.top
domainjjknacedbclbhnf.top
domainjlbamcmnljnfahi.top
domainjldnlhnknnbdfec.top
domainjnjajanjdjlcjnd.top
domainkammjjjnecmhkig.top
domainkbgmghkjkcldgaa.top
domainkjmeeejjamdllbg.top
domainlcjkhcgnljlihjd.top
domainldekdaijdikfcbm.top
domainlieeifinimeacjl.top
domainmgbiahfjkbjhncj.top
domainmjakjgacmikhbdh.top
domainmlbcfmfnbfecmki.top
domainmmjcclgjhfdnicd.top
domainnaganedjalcbeda.top
domainnay3fva.top
domainnclblemgkfeelle.top
domainndiva2k.top
domainnefbicnccfdbhdn.top
domainnfhiejdnebkkdka.top
domainnfuwtcv.top
domainnmlhgnlcfbjjmef.top
domainnnmacfcnhmdejlg.top
domainnter313.top
domainnueyrtp21.top
domainsbwur1.top
domainsug6224.top
domainsyzv21d.top
domainalexisfargo425.myvnc.com
domainstillalivemot.com
domainisof63umlw.loclx.io
domainpremrera.com
domainvpn.premrera.com
domainfilecloudtunnel.com
domainfilefilecompass.com
domainfilefilekeystone.com
domainfilefilespindle.com
domainofficesignature.info
domainaccount.parlnershubc.com
domainexoduspay.cfd
domainmeverintu.cc
domainparlnershubc.com
domainprimary-device-default.com
domainvolksbank-tan.com
domainvolskbank-tan.com
domainchromium-report-tech-331as-2s1-tcd-h143.cryp-board-raz.com
domainchromium-report-tech-331as-2s1-tcd-h143.linkfort-razvdkk.com
domainchromium-report-tech-331as-2s1-tcd-h143.price-raz-app.com
domaincryp-board-raz.com
domainprice-raz-app.com
domain3s7r79db.workers.dev
domain3wccvy5o.workers.dev
domain6bx6q6ey.workers.dev
domain8kwfaa30jtlnwi.com
domaincloud-pool-ae5.guc7wbsy.workers.dev
domaincloud-tech-8c4.pn8hzydg.workers.dev
domaincloud-tech-a74.3s7r79db.workers.dev
domaincollab-asset-land.com
domaincollab-dao-land.com
domaincollab-dash-land.com
domaincollab-gn-land.com
domaincollab-lands.com
domaincollab-layer0-land.com
domaincollab-mpc-land.com
domaincollab-sol-land.com
domaincollab-xlm-land.com
domaincollab.fork-land.com
domaincollab.land-verifys.com
domaincollab.land-wl.com
domaincollabland-eth.com
domaincz53l1or.workers.dev
domaindfuykhndfkhjdfnkdfhbdfkjhdbhkf.com
domaindopdopdddewdoideoijdioedwioj.com
domaingdfgodfgkodfvx.com
domaingreen-hub-a93.vt3y2et5.workers.dev
domainguc7wbsy.workers.dev
domainivx9ctza.workers.dev
domainjdfkgkgkfkjjkfkffdkfdkdfkdkdk.com
domainkhslx07s.workers.dev
domainkjfckckvnkcjfnkfkgjcn.com
domainkjnfdkjndsliurriuvlndvlijsndlij.com
domainland-verifys.com
domainland-wl.com
domainmwpt9h-gc0d1q-shutter-88a0609b.koyeb.app
domainnjc21n-vi8z47-jaatcom822-eb36cf51.koyeb.app
domainoifosdusnczxywq.com
domainorg.redirect-302.com
domainpn8hzydg.workers.dev
domainpxc4kghr.workers.dev
domainquick-net-6bd.cz53l1or.workers.dev
domainquick-net-ba8.khslx07s.workers.dev
domainredirect-302.com
domainrhfhfhffgkllvfdklfvl.com
domainroles-collab.com
domainsharp-dev-40d.ivx9ctza.workers.dev
domainsharp-tech-bcd.pxc4kghr.workers.dev
domainsmart-code-952.6bx6q6ey.workers.dev
domainsmart-dev-e5f.zqvxx68r.workers.dev
domainswift-box-3c8.xm7kk31l.workers.dev
domainswift-lab-2f6.3wccvy5o.workers.dev
domainvt3y2et5.workers.dev
domainxm7kk31l.workers.dev
domainzqvxx68r.workers.dev
domainpressureulcerlawyer.com
domainhungrymungry.com
domaindbefmnmeigiccje.top
domainilagnmedhkiemjj.top
domaindebank-api.cc
domainc2.th4ntis.com
domainzbzb.ypsecurity.fr
domaingamebaaaaat.xyz
domainlmvitrkd.icu
domainquickbaaaat.xyz
domainxvfntjngi.icu
domainmarpowers.com
domainpuigs.info
domainrvtm.pw
domain2simpledownload.com
domaingolden2ap0.com
domainmac-instruction.2simpledownload.com
domainsilveraplleapps.com
domainwestarranch.com
domainmail-navy-lk-43897fyi78945tr78945uio89045iuort89045prt054k.pages.dev
domainvirtualspeechtherapists.com

Ip

ValueDescriptionCopy
ip144.31.238.37
ip85.137.253.64
ip193.23.199.88
ip206.123.132.160
ip185.208.159.245
ip158.94.210.166

Threat ID: 69972c74732724e9dc48b620

Added to database: 2/19/2026, 3:29:56 PM

Last enriched: 2/19/2026, 3:45:09 PM

Last updated: 2/19/2026, 5:35:43 PM

Views: 5

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Related Threats

Maltrail IOC for 2026-02-18

Medium
MalwareThu Feb 19 2026

Arkanix Stealer targets a variety of data, offers a MaaS referral program

Medium
MalwareThu Feb 19 2026

(Don't) TrustConnect: It's a RAT in an RMM hat

Medium
MalwareThu Feb 19 2026

When your IPTV app terminates your savings

Medium
MalwareThu Feb 19 2026

Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025

Medium
MalwareThu Feb 19 2026

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need more coverage?

Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats