Maltrail IOC for 2026-03-15
Maltrail IOC for 2026-03-15
AI Analysis
Technical Summary
The report describes a malware-related IOC collected via manual OSINT methods and shared under a clear TLP classification. It lacks detailed technical indicators, affected software versions, or exploit information. The IOC is intended for situational awareness rather than immediate incident response due to the absence of actionable data.
Potential Impact
No direct impact is described or implied as no specific vulnerabilities, exploits, or affected systems are identified. The medium severity rating reflects a general caution level for the reported IOC rather than confirmed active threats or breaches.
Mitigation Recommendations
No patch or official remediation is available or required based on the provided information. Security teams should consider this IOC as part of broader threat intelligence monitoring but no urgent action is indicated.
Indicators of Compromise
- url: https://api.github.com/repos/stamparm/maltrail/commits/a3681b0b82849e400e3b2ffd5b30608abf1bb7f1
- domain: appsformacs.com
- domain: ariaplus.me
- domain: biscuit.legionkraken.io
- domain: coinmarketloans.com
- domain: creptomus.com
- domain: criptomus.com
- domain: cryptomuc.com
- domain: cryptomus-app.com
- domain: cryptomus-payment-check.com
- domain: cryptomus-payments.com
- domain: cryptomus-wallet.com
- domain: cryptomus.live
- domain: cryptomustestnetik.icu
- domain: gq.legionkraken.io
- domain: holder.money
- domain: info.ariaplus.me
- domain: invoice-crypomus.com
- domain: invoice-crypotmus.com
- domain: octotore.com
- domain: pay.cryptomus.live
- domain: site.ariaplus.me
- domain: torrents4mac.com
- domain: vrsmm.com
- url: https://api.github.com/repos/stamparm/maltrail/commits/b681d4bce01b9723fab2ce0ea10133353f943434
- domain: adhushapp-razvd.com
- domain: aiassistant.sbs
- url: https://api.github.com/repos/stamparm/maltrail/commits/2065e8ab6f15b8cdeeb24a07fab8d849fc9e6935
- domain: snapplix-cttt.tech
- domain: stealthwall-cttf.tech
- url: https://api.github.com/repos/stamparm/maltrail/commits/75f0bd1595532bf7fafcf9cfcc1caf4b1e6b4267
- domain: frude.biz
- domain: semer.bond
- domain: zagat.cyou
Maltrail IOC for 2026-03-15
Description
Maltrail IOC for 2026-03-15
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The report describes a malware-related IOC collected via manual OSINT methods and shared under a clear TLP classification. It lacks detailed technical indicators, affected software versions, or exploit information. The IOC is intended for situational awareness rather than immediate incident response due to the absence of actionable data.
Potential Impact
No direct impact is described or implied as no specific vulnerabilities, exploits, or affected systems are identified. The medium severity rating reflects a general caution level for the reported IOC rather than confirmed active threats or breaches.
Mitigation Recommendations
No patch or official remediation is available or required based on the provided information. Security teams should consider this IOC as part of broader threat intelligence monitoring but no urgent action is indicated.
Technical Details
- Uuid
- 878f5b33-0fcf-4191-8295-4bcddeb6437a
- Original Timestamp
- 1773532815
Indicators of Compromise
Url
| Value | Description | Copy |
|---|---|---|
urlhttps://api.github.com/repos/stamparm/maltrail/commits/a3681b0b82849e400e3b2ffd5b30608abf1bb7f1 | osx_atomic | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/b681d4bce01b9723fab2ce0ea10133353f943434 | fakeapp | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/2065e8ab6f15b8cdeeb24a07fab8d849fc9e6935 | fakeapp | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/75f0bd1595532bf7fafcf9cfcc1caf4b1e6b4267 | android_joker |
Domain
| Value | Description | Copy |
|---|---|---|
domainappsformacs.com | osx_atomic | |
domainariaplus.me | osx_atomic | |
domainbiscuit.legionkraken.io | osx_atomic | |
domaincoinmarketloans.com | osx_atomic | |
domaincreptomus.com | osx_atomic | |
domaincriptomus.com | osx_atomic | |
domaincryptomuc.com | osx_atomic | |
domaincryptomus-app.com | osx_atomic | |
domaincryptomus-payment-check.com | osx_atomic | |
domaincryptomus-payments.com | osx_atomic | |
domaincryptomus-wallet.com | osx_atomic | |
domaincryptomus.live | osx_atomic | |
domaincryptomustestnetik.icu | osx_atomic | |
domaingq.legionkraken.io | osx_atomic | |
domainholder.money | osx_atomic | |
domaininfo.ariaplus.me | osx_atomic | |
domaininvoice-crypomus.com | osx_atomic | |
domaininvoice-crypotmus.com | osx_atomic | |
domainoctotore.com | osx_atomic | |
domainpay.cryptomus.live | osx_atomic | |
domainsite.ariaplus.me | osx_atomic | |
domaintorrents4mac.com | osx_atomic | |
domainvrsmm.com | osx_atomic | |
domainadhushapp-razvd.com | fakeapp | |
domainaiassistant.sbs | fakeapp | |
domainsnapplix-cttt.tech | fakeapp | |
domainstealthwall-cttf.tech | fakeapp | |
domainfrude.biz | android_joker | |
domainsemer.bond | android_joker | |
domainzagat.cyou | android_joker |
Threat ID: 69b680cc9d4df45183fb5170
Added to database: 3/15/2026, 9:50:04 AM
Last enriched: 4/8/2026, 4:21:36 AM
Last updated: 4/29/2026, 5:43:04 PM
Views: 202
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.