Skip to main content
Threat Radar animated logo
DashboardThreatsMapFeedsPricingView Plans & Pricing
reconnecting
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

Maltrail IOC for 2026-03-25

0
Medium
Malwaretlp:clearmalwaremisp:threat-level="medium-risk"misp:event-type="observation"misp:automation-level="unsupervised"type:osintosint:lifetime="perpetual"osint:source-type="manual-collection"
Published: Wed Mar 25 2026 (03/25/2026, 00:00:00 UTC)
Source: CIRCL OSINT Feed
Vendor/Project: tlp
Product: clear

Description

This entry reports a Maltrail Indicator of Compromise (IOC) dated 2026-03-25, classified as malware with a medium severity level. It originates from the CIRCL OSINT Feed and is tagged for open sharing (tlp:clear). No specific affected versions, exploits in the wild, or patch information are provided. The report is based on manual OSINT collection and relates to observed network activity. No technical details beyond a UUID and timestamp are included, and no actionable indicators are listed.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 05/10/2026, 02:23:38 UTC

Technical Analysis

The threat is a malware-related IOC identified by Maltrail on 2026-03-25, sourced from CIRCL OSINT Feed. It is categorized under OSINT and network activity but lacks detailed technical indicators or affected product versions. There is no evidence of known exploits or available patches. The information is primarily observational and intended for situational awareness rather than immediate remediation.

Potential Impact

The impact is assessed as medium severity based on the source classification. However, no specific exploitation or damage details are provided. There are no known active exploits or vulnerabilities linked to this IOC, limiting the immediate risk to monitored network environments.

Mitigation Recommendations

No patch or official remediation is available for this IOC. Security teams should incorporate this IOC into their detection and monitoring systems as appropriate. Since this is an observational report without actionable indicators, no urgent remediation steps are indicated.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Uuid
c3a6a834-b558-4d12-85a5-eacbdb26d643
Original Timestamp
1774447206

Indicators of Compromise

Url

ValueDescriptionCopy
urlhttps://api.github.com/repos/stamparm/maltrail/commits/3ac7360d58e8ed6d5ffc0d06be500973ed4623bc
asyncrat
urlhttps://www.virustotal.com/gui/file/a8d214b32d8d0074b8dd8682852a66e9b4dd8566ea2e5255085858bc64034f44/detection
asyncrat
urlhttps://api.github.com/repos/stamparm/maltrail/commits/ed88fa18ac75728b744e168364872d450f8565f6
ek_clearfake
urlhttps://api.github.com/repos/stamparm/maltrail/commits/cd8c69e7cde414a37e24c02739b65d749110ffed
hak5cloud_c2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/24e8dde46aaa3550c22dff007c8484bdeda82371
fakeapp
urlhttps://www.virustotal.com/gui/file/cf36607a670996c7b8b275132bef9e8faacf5f97a3268edaa23b5e2e5a3fdf29/detection
fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/de0a44ee5111aa9f95dcd2941a2d9a5226549124
osx_atomic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/3dad02fd7f7b2feea76308aa25ca23d6be940d9b
apt_kimsuky
urlhttps://x.com/skocherhan/status/2036444684436865138
apt_kimsuky
urlhttps://api.github.com/repos/stamparm/maltrail/commits/5799ec1daf5808859ab75afccf70cf08eca578ce
lummac2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/54ec58d8735c91ad0197db1245557669d7af3807
offloader
urlhttps://api.github.com/repos/stamparm/maltrail/commits/92f7caafe9327ff156bb2c68678f33bdb2a3b12b
magentocore
urlhttps://api.github.com/repos/stamparm/maltrail/commits/fa445757ae67cb4dc59ce42aed9b978afe0d735c
apt_kimsuky
urlhttps://api.github.com/repos/stamparm/maltrail/commits/7a6f73f23708e84da375738f752d68bcfd334942
android_joker
urlhttps://api.github.com/repos/stamparm/maltrail/commits/c4e0e8aa03657f297fcd9f0879ce98303516950b
fakeapp
urlhttps://github.com/hagezi/dns-blocklists/issues/9494
fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/258d385e1a3c37802178823533e8bd21d0b89f7d
cyberstrikeai
urlhttps://api.github.com/repos/stamparm/maltrail/commits/2ba359f5e96ce67d16648529bdeb656ac748e551
apt_sandworm
urlhttps://x.com/RexorVc0/status/2036703151303065880
apt_sandworm
urlhttps://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247508035&idx=1&sn=4d58712823b2121714adf4edbea69f60&chksm=f9c1934aceb61a5c9f3a225a38ac04498862d4a49f7c1aeb76dd2c15ed572cd3fc667fa2b0f3&scene=178&cur_album_id=1955835290309230595&search_click_id
apt_sandworm
urlhttps://api.github.com/repos/stamparm/maltrail/commits/98c129a7f0d71541d77a88e892d19466ee9200c7
fakeapp
urlhttps://x.com/malwrhunterteam/status/2036416032328294402
fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/139387bf7964bb6bce409bfbea8d2b83cab3eee5
powershell_injector
urlhttps://x.com/smica83/status/2036395637067956443
powershell_injector
urlhttps://tria.ge/260324-mjcg8ahz8n/behavioral1
powershell_injector
urlhttps://www.virustotal.com/gui/ip-address/45.94.47.164/relations
powershell_injector
urlhttps://api.github.com/repos/stamparm/maltrail/commits/93b973d52e50d94a862b3a3308c07b0438297c56
generic
urlhttps://x.com/smica83/status/2036431950475338039
generic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/51d14f4ea2dbaacb5fe023d046323300a9f8c556
generic
urlhttps://x.com/smica83/status/2036430219716776339
generic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/6613038f1a56ac95b4f9b37d966ae71247a50963
generic
urlhttps://x.com/smica83/status/2036429671370310025
generic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/3623afa83516864c63e84734daf0384c5762402a
powershell_injector
urlhttps://www.virustotal.com/gui/file/75749c315f39faf32ab6758f3c1cb0cc992150ab4a3e841a3afc5679bb639ab1/detection
powershell_injector
urlhttps://api.github.com/repos/stamparm/maltrail/commits/0047ff05a7c019372951bb9cda6e382134dd896d
plugx
urlhttps://api.github.com/repos/stamparm/maltrail/commits/9fded0cea0b2f4d5b59beced3cf2de4aecaddce5
plugx
urlhttps://x.com/Cyberteam008/status/2036635966828613672
plugx
urlhttps://www.virustotal.com/gui/file/b23638604c651ac03c5e5c30e6496553160f6421efa34a564e768815c624a11c/detection
plugx
urlhttps://api.github.com/repos/stamparm/maltrail/commits/eaf6f291da4cc2a5c99d928dc75855be7f70b43f
generic
urlhttps://x.com/ElementalX2/status/2036664090240921785
generic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/1b3902d5b01a647a02755a3553027e5f88ceaa81
bad_service
urlhttps://www.virustotal.com/gui/ip-address/89.125.152.220/relations
bad_service
urlhttps://api.github.com/repos/stamparm/maltrail/commits/00b96976d38f24bbe3aeba949f81dd01153eba76
ek_clearfake
urlhttps://x.com/JAMESWT_WT/status/2036693536607785324
ek_clearfake
urlhttps://app.any.run/tasks/c511d6ef-a4c7-4bfd-8a9b-45f771fdd19c
ek_clearfake
urlhttps://api.github.com/repos/stamparm/maltrail/commits/4d518a3fa42686f1f99f463c420ce0f096e59dbf
osx_atomic
urlhttps://github.com/ChainK1ll/Daily_Intel/blob/main/macOS%20Stealers/MacSync
osx_atomic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/45801604cb1612ce6b4321ea3ab6d03ea586abe6
urlhttps://api.github.com/repos/stamparm/maltrail/commits/5221476b86e260473c431180a00d49b74444d54b
powershell_injector
urlhttps://api.github.com/repos/stamparm/maltrail/commits/d98d5996b70303aaae0e3e6c2deeec57028a7e89
apt_unc6691
urlhttps://api.github.com/repos/stamparm/maltrail/commits/7a8b0ea1e2f8c3aca708372f50ac8d0ddf83f938
apt_sandworm
urlhttps://api.github.com/repos/stamparm/maltrail/commits/8a6df0ac5afa1642ede096bdd840c4598833a8b7
fakeapp
urlhttps://x.com/SquiblydooBlog/status/2036582351342362779
fakeapp
urlhttps://www.virustotal.com/gui/file/18c5b7a39be2f4a4b2fd45f0f273874f5efcc8751d4e592e5f2bcf6dbf781277/detection
fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/fb4526bcfed3c1c25fa61e53e4dd020479b8b46e
ek_clearfake
urlhttps://github.com/ChainK1ll/Daily_Intel/blob/main/ClickFix
ek_clearfake
urlhttps://api.github.com/repos/stamparm/maltrail/commits/b40f3e28451ed4fddb75557fc0ead5b0043f9ebc
osx_atomic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/ce09b2eb209b43e60d6a7a6a86d935c787b8990b
fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/34536ff561e8e460ba11a4b69a8b93cfe7be716d
fakeapp
urlhttps://x.com/malwrhunterteam/status/2036713296686911496
fakeapp

Ip

ValueDescriptionCopy
ip86.54.24.144
asyncrat
ip104.167.196.22
cyberstrikeai
ip175.178.190.133
cyberstrikeai
ip193.222.99.148
cyberstrikeai
ip43.132.155.28
cyberstrikeai
ip45.8.30.146
cyberstrikeai
ip45.8.30.149
cyberstrikeai
ip66.29.138.247
cyberstrikeai
ip66.29.138.250
cyberstrikeai
ip82.156.203.34
cyberstrikeai
ip146.59.116.226
apt_sandworm
ip57.128.59.134
apt_sandworm
ip194.5.97.169
plugx
ip38.180.74.20
plugx
ip46.249.38.250
plugx
ip103.114.203.75
plugx

Domain

ValueDescriptionCopy
domain0pen-cache.thornbay.in.net
ek_clearfake
domainatomiclogichub.in.net
ek_clearfake
domainbr1ghtpath.in.net
ek_clearfake
domainbrimvale.in.net
ek_clearfake
domainbrokerancient.br1ghtpath.in.net
ek_clearfake
domainchrysalisbuffer.in.net
ek_clearfake
domaincinder-row.in.net
ek_clearfake
domaincl0verrun.in.net
ek_clearfake
domaincl1store.chrysalisbuffer.in.net
ek_clearfake
domaincl1sync.inertialstreamhub.in.net
ek_clearfake
domaincl2remote.chrysalisbuffer.in.net
ek_clearfake
domaincl3dev.entropicbuffergate.in.net
ek_clearfake
domaincl3edge.inertialstreamhub.in.net
ek_clearfake
domaincl3view.synchrometrixbox.in.net
ek_clearfake
domaincl4static.inertialstreamhub.in.net
ek_clearfake
domaincoherentmetricunit.in.net
ek_clearfake
domaincoresal.cinder-row.in.net
ek_clearfake
domaincornpu-sheet.cinder-row.in.net
ek_clearfake
domaincr4ftlane.in.net
ek_clearfake
domaindev3field.atomiclogichub.in.net
ek_clearfake
domaindev4work.tensorvortexlink.in.net
ek_clearfake
domaindr4w-trail.ember-grid.in.net
ek_clearfake
domainduskforge.in.net
ek_clearfake
domaindynamicshubpoint.in.net
ek_clearfake
domainember-grid.in.net
ek_clearfake
domainentropicbuffergate.in.net
ek_clearfake
domainext2core.spiraclelinkhub.in.net
ek_clearfake
domainext3data.modularpathfinder.in.net
ek_clearfake
domainext3gate.mandibulateflow.in.net
ek_clearfake
domainext3gate.wavefrontgateway.in.net
ek_clearfake
domainext3ghost.nebularpointtrace.in.net
ek_clearfake
domainext4view.nebularpointtrace.in.net
ek_clearfake
domainext4view.spiraclelinkhub.in.net
ek_clearfake
domainexuviaestreamnet.in.net
ek_clearfake
domainf1x-grid.fluxhaven.in.net
ek_clearfake
domainfluxhaven.in.net
ek_clearfake
domainformicidavortex.in.net
ek_clearfake
domainglobalker.fluxhaven.in.net
ek_clearfake
domaininertialstreamhub.in.net
ek_clearfake
domainkinematicflowunit.in.net
ek_clearfake
domainlarkspin.in.net
ek_clearfake
domainmandibulateflow.in.net
ek_clearfake
domainmicrobefiel.oakmelt.in.net
ek_clearfake
domainmodularpathfinder.in.net
ek_clearfake
domainn0tif-beam.brimvale.in.net
ek_clearfake
domainnebularpointtrace.in.net
ek_clearfake
domainoakmelt.in.net
ek_clearfake
domainorganizegat.silver-dock.in.net
ek_clearfake
domainp4tter-array.skylint.in.net
ek_clearfake
domainpvjm75x.silver-dock.in.net
ek_clearfake
domainquor-venis.oakmelt.in.net
ek_clearfake
domainrnedia-field.duskforge.in.net
ek_clearfake
domainroufor.larkspin.in.net
ek_clearfake
domainscutellummatrix.in.net
ek_clearfake
domainsewvyh.thornbay.in.net
ek_clearfake
domainsilver-dock.in.net
ek_clearfake
domainskylint.in.net
ek_clearfake
domainspiraclelinkhub.in.net
ek_clearfake
domainstone-blink.in.net
ek_clearfake
domainsvc1proc.exuviaestreamnet.in.net
ek_clearfake
domainsvc2base.dynamicshubpoint.in.net
ek_clearfake
domainsvc2data.kinematicflowunit.in.net
ek_clearfake
domainsvc2steel.viscositydataloop.in.net
ek_clearfake
domainsvc3user.dynamicshubpoint.in.net
ek_clearfake
domainsvc3user.scutellummatrix.in.net
ek_clearfake
domainsvc4link.scutellummatrix.in.net
ek_clearfake
domainsvc4sat.exuviaestreamnet.in.net
ek_clearfake
domainsvc4static.formicidavortex.in.net
ek_clearfake
domainsynchrometrixbox.in.net
ek_clearfake
domaintensorvortexlink.in.net
ek_clearfake
domainthornbay.in.net
ek_clearfake
domaintrifluxos.skylint.in.net
ek_clearfake
domainv4lle-route.silver-dock.in.net
ek_clearfake
domainviscositydataloop.in.net
ek_clearfake
domainvividfox.in.net
ek_clearfake
domainvoicetrusted.cr4ftlane.in.net
ek_clearfake
domainwatc2-crest.ember-grid.in.net
ek_clearfake
domainwavefrontgateway.in.net
ek_clearfake
domainwdpoqr.thornbay.in.net
ek_clearfake
domainzennexen.larkspin.in.net
ek_clearfake
domainapp-unboncce.com
ek_clearfake
domaindisable-californiabankofcommerce.com
ek_clearfake
domaindoh1.hanime.sbs
ek_clearfake
domainhanime.sbs
ek_clearfake
domainquickfilespro.com
ek_clearfake
domainslimeglyphmomentumgame.com
ek_clearfake
domainvalhadex.com
ek_clearfake
domainwxcdc.movaci.net
hak5cloud_c2
domainzentracreatives.com
fakeapp
domainabgcrap.icu
fakeapp
domainbawgzin.icu
fakeapp
domainbrpuwfyu.icu
fakeapp
domainbxiyeqc.icu
fakeapp
domaincnaiuks.icu
fakeapp
domaindjgekcf.icu
fakeapp
domaindmqmfsp.icu
fakeapp
domaindpauxka.icu
fakeapp
domainfbyaduc.icu
fakeapp
domainfyosies.icu
fakeapp
domainhlhlwqqk.icu
fakeapp
domainhuwgjgf.icu
fakeapp
domainhxxwzuge.icu
fakeapp
domainjapwwtau.icu
fakeapp
domainjpdmrpgf.icu
fakeapp
domainngyoawu.icu
fakeapp
domainnklojjap.icu
fakeapp
domainpjvdraqo.icu
fakeapp
domainpvloreop.icu
fakeapp
domainqoyvtwk.icu
fakeapp
domainqridoou.icu
fakeapp
domainrbltjvqp.icu
fakeapp
domainrnrxmzoj.icu
fakeapp
domainrydhrdif.icu
fakeapp
domainttrceqqj.icu
fakeapp
domainvijgbyia.icu
fakeapp
domainxhtvmkyz.icu
fakeapp
domainzlpphjou.icu
fakeapp
domainzzzeefya.icu
fakeapp
domainbookepw.com
osx_atomic
domainfileambervault.com
osx_atomic
domainfilebasecloud.com
osx_atomic
domainfilebinarycraft.com
osx_atomic
domainfileblobforge.com
osx_atomic
domainfilebyteworks.com
osx_atomic
domainfilecloudsplice.com
osx_atomic
domainfilecobweb.com
osx_atomic
domainfilecrystalloom.com
osx_atomic
domainfiledriveforge.com
osx_atomic
domainfiledriveshard.com
osx_atomic
domainfileechoport20.com
osx_atomic
domainfilefetchloom.com
osx_atomic
domainfileflowcloud.com
osx_atomic
domainfileframelink.com
osx_atomic
domainfileframelogic.com
osx_atomic
domainfilegridlabs.com
osx_atomic
domainfileivoryspark.com
osx_atomic
domainfilematrixvault.com
osx_atomic
domainfileoaklane.com
osx_atomic
domainfileorbitfactory.com
osx_atomic
domainfilepixelcache.com
osx_atomic
domainfilepowerhouse.com
osx_atomic
domainfileshadowlane.com
osx_atomic
domainfilestellarhive.com
osx_atomic
domainfilevertexlab.com
osx_atomic
domainfilevortexink.com
osx_atomic
domainfilrnextfolder.com
osx_atomic
domainfilropenstorage.com
osx_atomic
domainlesbianbreakup.com
osx_atomic
domainmacsoft848os.info
osx_atomic
domainmacsoft848os.online
osx_atomic
domainmacsoft849os.info
osx_atomic
domainmacsoft849os.online
osx_atomic
domainmainporno.com
osx_atomic
domainnebulasyncforge5.mom
osx_atomic
domaintechplw.com
osx_atomic
domainupdate.bookepw.com
osx_atomic
domainthecapitalaesthethic.com
osx_atomic
domain12-ko-official.com
apt_kimsuky
domainlogin-co-kr.com
apt_kimsuky
domainnavercorp.store
apt_kimsuky
domaincom.12-ko-official.com
apt_kimsuky
domainnaaverrr.com.12-ko-official.com
apt_kimsuky
domainnaverr.com.12-ko-official.com
apt_kimsuky
domainnaverrr.com.12-ko-official.com
apt_kimsuky
domainsilverhost.vg
lummac2
domainexamplestore.xyz
offloader
domainfriendjewel.cfd
offloader
domainsnailswaves.info
offloader
domainstartbreath.info
offloader
domainstatementtouch.xyz
offloader
domainsystemmeal.space
offloader
domainflowcss.icu
magentocore
domainccnpart.kro.kr
apt_kimsuky
domaindrive.ccnpart.kro.kr
apt_kimsuky
domainnid-naverhoc.onthewifi.com
apt_kimsuky
domainnid-naverpep.servequake.com
apt_kimsuky
domainnid-naveruiw.servegame.com
apt_kimsuky
domainnid-service.nvctop.dynv6.net
apt_kimsuky
domainnvctop.dynv6.net
apt_kimsuky
domainexquens.world
android_joker
domaingolaby.cyou
android_joker
domainrehyp.club
android_joker
domainaisixiazai.top
fakeapp
domainaisizzhushou.com.cn
fakeapp
domaincn-i4.com
fakeapp
domaini4usc.com
fakeapp
domainmz-wps.com.cn
fakeapp
domainst-wps.com.cn
fakeapp
domainwps-cn.im
fakeapp
domainwps-office.cn
fakeapp
domaindontgivedamn.com
apt_sandworm
domaindontgivefuck.com
apt_sandworm
domainmassgrave.link
apt_sandworm
domainsumbur.net
apt_sandworm
domaini2rgcvog6cypjohfzfzw3d5kqgoobkzlbchsdxx4gm7lyaxn5nfp6bid.onion
apt_sandworm
domainn6b6j4vlkc4ak343j4fmuwmosxtwrft6bph5s5562lefji4a475smuad.onion
apt_sandworm
domain1-4-9.com
fakeapp
domain4-1-7.com
fakeapp
domaindownload-version.1-4-9.com
fakeapp
domaindownload-version.4-1-7.com
fakeapp
domainclearvoyage.digital
powershell_injector
domainecs-ent-aff-mgr.in.net
powershell_injector
domain3cc1deb7404a7e9b.ecs-ent-aff-mgr.in.net
powershell_injector
domainmove-friendly-international-observed.trycloudflare.com
generic
domaingore-francis-grad-pts.trycloudflare.com
generic
domainlens-islands-talk-marshall.trycloudflare.com
generic
domainzonawood.org
powershell_injector
domain194.5.97.169.sslip.io
plugx
domain195-66-213-170.cprapid.com
plugx
domain38.180.74.20.nip.io
plugx
domain46.249.38.250.sslip.io
plugx
domainapp.38.180.74.20.nip.io
plugx
domainclentcomparing.com
plugx
domainfindnextfriend.com
plugx
domaingdqhvip.vip
plugx
domaininternetconfigonline.com
plugx
domainm.gdqhvip.vip
plugx
domainmmbett.duckdns.org
plugx
domainn8n.nonny-36nryc.gbnet.cloud
plugx
domainnextfun-nextfriend.com
plugx
domainovz.control-panel.in
plugx
domainservertoolsonline.com
plugx
domainsuch-feel-report.com
plugx
domainvpn379787997.softether.net
plugx
domainfdcvgbb.com
plugx
domainjuneagntrecdn.com
generic
domain1a.jokerstash.me
bad_service
domaincarder007.ws
bad_service
domaincarder007a.carder007.ws
bad_service
domaincarder007ba.carder007.ws
bad_service
domaincarder007s.carder007.ws
bad_service
domaincvvshop.hk
bad_service
domaindc-09cd3891394a.carder007.ws
bad_service
domainflowiseai-demo.carder007.ws
bad_service
domainj-stash.cc
bad_service
domainj-stash.org
bad_service
domainjoker-stash.org
bad_service
domainjokerstash.me
bad_service
domainrescator.mn
bad_service
domaintc.carder007.ws
bad_service
domainuniccbazar.cc
bad_service
domainextranetpulsereservation.help
ek_clearfake
domainoxfordmobilexray.com
ek_clearfake
domainreservacontrolpaneltax.com
ek_clearfake
domainwultorymusi.com
ek_clearfake
domainalhpaagent.com
osx_atomic
domainejecen.com
osx_atomic
domainfamiode.com
osx_atomic
domaingalxyagent.com
osx_atomic
domaingatwayagent.com
osx_atomic
domaingaurdagent.com
osx_atomic
domainholedagent.com
osx_atomic
domainmansfieldpediatrics.com
osx_atomic
domainmayelu.com
osx_atomic
domainptrei.com
osx_atomic
domainselfreflectiveai.com
osx_atomic
domain1l.decentralizedsystem.world
domain1l.gangworks.org
domain1s.rugmerfer.top
domain2025elevatedigital.com
domain25.snipersys.com
domain3x.dogwifhats.com
domain49.raydiumapp.com
domain4m.punchtoken.fun
domain5u.deepalpha.trade
domain6c.crypto-sola.fun
domain6l.solanarpc.space
domain6q.lunalaunch.help
domain6t.candycluster.cc
domain7.dosq-opl.shop
domain74.autismcoin.club
domain7h.solanadrops.fun
domain7p.phantom-cards.cc
domain7p.staratlas.world
domain8a.sol-reward.space
domain8v.pl-dostawak.shop
domainafrighttechco.click
domainagistgrid.digital
domainakhisardugunsalonu.com
domainaldayspace.click
domainallrideschool.com
domainalmightcloud.click
domainamacrinespace.digital
domainameeratestudio.click
domainaml-checking.website
domainanarchistunion.net
domainapex101engine.digital
domainapi.buychinproduct.top
domainapi.solhub.lol
domainapple-cash.com
domainartalstack.digital
domainarworld.top
domainasynergyspace.click
domainaurum21partners.digital
domainaurumcoresolutionsco.click
domainautismcoin.club
domainautoistcloud.click
domainavtokreslo-dak.ru
domainaxisme-diaspace.buzz
domainb7.solana-advent.sbs
domainbaboenhubio.click
domainbaseultrahub.digital
domainbekahovaventures.click
domainbemufflestack.click
domainbilberrystackco.digital
domainbillbackflow.click
domainbitheismbase.digital
domainbiwosatuyuiaventures.click
domainblastfi.app
domainbq.solmultiply.shop
domainbritzkacore.click
domainbromiangrid.click
domainbrookiertech.click
domainbudesuonmanagement.digital
domainbullx.bio
domainbummesttech.click
domainbushwahhub.click
domainbuychinproduct.top
domainbyoncloud.digital
domaincalybitebase.digital
domaincampbase.digital
domaincandycluster.cc
domaincassockgridco.digital
domainchainsevernet.xyz
domaincharizardcoin.net
domainchevronycore.digital
domainchintai.live
domainchirkhub.click
domainclou-d2trust.click
domaincloud101group.click
domaincloudfuturepoint.click
domaincm.charizardcoin.net
domaincollectormigrate.xyz
domaincomptiebase.digital
domainconformation-1861.shop
domainconformation-1867.shop
domainconformation-1871.shop
domainconformation-1894.shop
domainconformation168.shop
domainconformation178.shop
domaincore-link.click
domaincorexmeshplatform.forum
domaincozefibubausanalytics.digital
domaincroydonflow.click
domaincrypto-sola.fun
domaincubatorystack.click
domaincuguhoporuacollective.click
domaincutogeonconsulting.digital
domaincyb-partn1.click
domaincyb-prtnr.sbs
domaincyb-prtnrs.click
domaincyber-p8rt.sbs
domaincyber-prtn.sbs
domaincyber-ptn.click
domaincyber-ptr.click
domaincyber-xyz.click
domaincyberprt-n.sbs
domaindadodadutamanagementinc.click
domaindat-aonedynamics.digital
domaindata-chainomni.forum
domaindatametricsinvest.digital
domainddr64.ru
domaindecentralizedsystem.world
domaindeepalpha.trade
domaindeltaworksmesh.click
domainderisodoonsolutions.digital
domaindespisestack.digital
domaindevbyahe.xyz
domaindinukovoranalytics16.click
domaindiscordweb3guildguard.app
domaindivataworksio.digital
domaindivumoiaconsultingco.digital
domaindns1.s0lana.com
domaindogwifhats.com
domaindoomcoin.lat
domaindosq-opl.shop
domaindostw-208.info
domaindraerp.vn
domaindrumfishbaseco.click
domainduskieststack.click
domaindystociastackco.digital
domaine0.chainsevernet.xyz
domaineclectic.kioskrecords.com
domaineligible.icu
domainemittech.click
domainencroachbase.digital
domainene-eme.com
domaineogaeanstudio.click
domaineupnoeaspace.click
domaineventdriven-stream-api.icu
domainexcel-api.solmage.com
domainexcitatelayerio.click
domainfa.webresolvvsol.xyz
domainfajorideiacollectivenet.click
domainfalusuaoperations.click
domainferetrumtech.digital
domainferncore.digital
domainfocusforgedev.digital
domainfocuspatternmesh.click
domainfontech.co
domainfrescadecore.click
domainfundra64resources.click
domainfunkiesthub.digital
domainfunstercore.digital
domainfuqafehaexpartners.click
domaing7.whitewhalememe.top
domaingangworks.org
domainganzatech.digital
domaingenesisdynamics.click
domaingeocodefactory.click
domaingeorgeplaysclashroyale.io
domaingettrumprewards.com
domaingithub.pages-gists.com
domaingitiguyuveoninvestments.click
domaingizipeexmanagementinc.click
domaingobanglayer.click
domaingooseonsol.lol
domaingoundoustudio.digital
domaingranambase.digital
domaingridtrusttrust.digital
domainhaulergrid.digital
domainheardlabsio.digital
domainhepaxuorsystems.click
domainhickoryflow.digital
domainhighmoorstack.digital
domainhoboelabs.click
domainhonecohaventures.digital
domainhugmateeflow.digital
domainhw5wtsdm.top
domainhy.conformation168.shop
domainhyoideanbase.digital
domainhz.conformation178.shop
domainia.solana-sniper-ai.icu
domainie.jupitersol-swap.com
domainillegalities.xyz
domaininitia64analytics.digital
domaininwindstudio.digital
domainipfs.arworld.top
domainitherflowio.digital
domainitsmarkkacy.lol
domainj8.aml-checking.website
domainjadenousholdings.digital
domainjeannestack.digital
domainjececaluceisinvestments24.sbs
domainjepaharesiagroup.sbs
domainjohnformi.com
domainjunctiveflowco.digital
domainjupchains.com
domainjupiters.icu
domainjupitersol-swap.com
domainjw.thevoidprotocol.fun
domainjx.gettrumprewards.com
domainkalianatech.click
domainkeystone16partners.digital
domainkeystone48consulting.click
domainkibuzoonindustries99.forum
domainkigamoxegionpartners.digital
domainkioskrecords.com
domainkisthubco.click
domainkiwefuxaaservices.digital
domainkk.conformation-1861.shop
domainkl.conformation-1871.shop
domainkmnocoin.run
domainkodogulabs.click
domainkq.conformation-1867.shop
domainkuhuvizarorgroup.digital
domainl-una.com
domainlampgrid.click
domainleimtypestudio.click
domainlendlend-app.fontech.co
domainlink.akhisardugunsalonu.com
domainlinkierp.com
domainlisteriaflow.digital
domainlive-id.online
domainlobmoney.lat
domainloungeworks.digital
domainlucidaecore.click
domainlunalaunch.help
domainlurkercore.digital
domainmacro-bureaudelta.click
domainmacroorbitpartners.click
domainmail.itsmarkkacy.lol
domainmail.najahak.net
domainmail.superaffiliate.id
domainmantonstudio.click
domainmatrixnextmedia.pics
domainmecutapotissystems.digital
domainmemedex.top
domainmenziecore.digital
domainmeridian8group.click
domainmeshsystemsnano.sbs
domainmetricssystemsgamma.sbs
domainmeyacuxexgroup48.digital
domainmijebohumadvisory.click
domainmixoor.world
domainmockablespace.digital
domainmonadnetwork.app
domainmorbidflow.click
domainmullgrid.digital
domainmundillabs.click
domainmv.psmp.fun
domainmx.collectormigrate.xyz
domainn7.security-amlcheck.org
domainnajahak.net
domainnatestudio.click
domainncaj.me
domainne.l-una.com
domainneelghangridio.digital
domainnegatorycore.digital
domainneowheels.ru
domainnetidomexservicesnet.click
domainnipehekiciaconsultingnet.click
domainnovasmartstudio.click
domaino0.sgjodwdoofqw123dsx.com
domainobservercore.click
domainoffwardworks.digital
domainold.allrideschool.com
domainomniapexmetrics.click
domainomniprimecloud2.click
domainooliteflowco.digital
domainorbitglobalmesh.digital
domainordiaunitedcapital.digital
domainoutlook.live-id.online
domainpacacore.digital
domainpages-gists.com
domainpaidlestack.click
domainpalestineservers.com
domainpalsifyspace.digital
domainpasespace.digital
domainpaybacklayer.digital
domainpb.bullx.bio
domainpelmaticgrid.click
domainpercidaeworks.digital
domainperusaltechco.click
domainpetrogridco.click
domainphantom-cards.cc
domainphotonsol-tinyastro.xyz
domainpinfallcore.click
domainpl-dostawak.shop
domainplummiergrid.digital
domainpolitureworks.digital
domainportolanlabs.click
domainpotagegrid.click
domainpraxismodernpartners.click
domainpreclareflow.click
domainprotoneworks.click
domainpsmp.fun
domainpunchtoken.fun
domainpycnidstack.click
domainq3.solany.pw
domainqapaqidoorsolutions.digital
domainqemezeraaadvisory.click
domainqinegiyalisholdings.sbs
domainqoturocumservices.digital
domainquantum24analytics.forum
domainratfishspace.digital
domainratumeraheismanagement.click
domainraydiumapp.com
domainrekebumigaaresources.click
domainreporting.monadnetwork.app
domainrestantbase.digital
domainrise2alliance.click
domainriseglobalmodule.digital
domainrovetcloud.digital
domainrsvpstudio.click
domainrugmerfer.top
domainruyibepipaonventures.digital
domains0lana.com
domainsacepoqoiaanalytics8.digital
domainsamsarastudio.click
domainsecurity-amlcheck.org
domainsegocloud.click
domainservice.draerp.vn
domainseverallayer.digital
domainsgjodwdoofqw123dsx.com
domainsiacallelayer.click
domainsiriwanlifestyle.com
domainsithlabs.click
domainsky-flow.sbs
domainsleepishcoreio.click
domainsmart-path.click
domainsmartstructmetrics.sbs
domainsmervylayer.click
domainsmtp.ene-eme.com
domainsnipersys.com
domainsnowfowlbase.digital
domainso.live-id.online
domainsol-reward.space
domainsolana-advent.sbs
domainsolana-sniper-ai.icu
domainsolanadrops.fun
domainsolanarpc.space
domainsolany.pw
domainsolcult.live
domainsolhub.lol
domainsoljup.pro
domainsolmage.com
domainsolmultiply.shop
domainsolrotus.com
domainsolsroll.com
domainsolvia16ventures.click
domainsomerivexal.sbs
domainsomnifichub.click
domainsontagstack.digital
domainsornarebase.click
domainstaging.admin.statics.spincity.ai
domainstaratlas.world
domainstatic1.gum.ru
domainstickenhub.click
domainstritlabs.click
domainstruckengrid.click
domainsuedecore.digital
domainsulfurstack.digital
domainsummitmodernsolutions.click
domainsuperaffiliate.id
domainsupufuciaoperations.digital
domaint8.soljup.pro
domaintalusfoundation.com
domaintamapokotiiapartners.click
domaintauntonbase.click
domaintechnoflowhub.click
domaintechnosystems.click
domaintepuvakormanagement.digital
domainterispace.click
domainterrasolutionsly.sbs
domaintesseraegridio.digital
domaintetaninetechio.click
domaintezzles.xyz
domainthanantech.click
domainthevoidprotocol.fun
domainthewhitehouse.lat
domaintittyhub.click
domaintrysailcore.digital
domaintu.war-sol.com
domaintudelgrid.digital
domaintweellayer.click
domaintypicworks.click
domainuf.ur-store.io
domainulenoraxis.com
domainultimohub.digital
domainultragl-obalbureau.click
domainultramodule-101.buzz
domainuncinchflowio.digital
domainunderdogstudioio.digital
domainunshoutcloud.digital
domainunthornyworks.click
domainunwieldgrid.click
domainupsuckcoreco.click
domainur-store.io
domainus.blastfi.app
domainv.georgeplaysclashroyale.io
domainva.memedex.top
domainvelorixana.sbs
domainventuresorbitsystems.pics
domainveritacentralservicesltd.digital
domainverraystackio.digital
domainversinstack.click
domainveyuwufiscapital.click
domainviduguaresources.click
domainvortexaxisflow.digital
domainvotepump.fun
domainw9.photonsol-tinyastro.xyz
domainwakwaficore.digital
domainwanokoorsystems.digital
domainwar-sol.com
domainwatadoyejisholdings.digital
domainwaterefeumoperations.click
domainwebresolvvsol.xyz
domainwhatspie.com
domainwhitewhalememe.top
domainwilqauedarem.sbs
domainws.whatspie.com
domainx-money.lat
domainxq.chintai.live
domainxuqepinowasystems.click
domainxw.hw5wtsdm.top
domainy.jupchains.com
domainy3.linkierp.com
domainyabbilabs.click
domainyalebase.click
domainyelepepaorservices.click
domainyo.discordweb3guildguard.app
domainyp.devbyahe.xyz
domainyp.kmnocoin.run
domainys.solcult.live
domainyt.jupiters.icu
domainyv.solsroll.com
domainz8.mixoor.world
domainzb.votepump.fun
domainzc.solrotus.com
domainzero69-safe.online
domainncdxbk.com
powershell_injector
domainvstoki.com
powershell_injector
domain025f.cjmekxr.xyz
apt_unc6691
domain07f61.ncjqeyid.com
apt_unc6691
domain12cc.thqirrxu.com
apt_unc6691
domain9f0.ncjqeyid.com
apt_unc6691
domaina1b2.icu
apt_unc6691
domaina84.cjmekxr.xyz
apt_unc6691
domainadbmdomt.top
apt_unc6691
domainalbssssex1.com
apt_unc6691
domainalbssssex10.com
apt_unc6691
domainalbssssex2.com
apt_unc6691
domainalbssssex3.com
apt_unc6691
domainalbssssex4.com
apt_unc6691
domainalbssssex5.com
apt_unc6691
domainalbssssex6.com
apt_unc6691
domainalbssssex7.com
apt_unc6691
domainalbssssex8.com
apt_unc6691
domainalbssssex9.com
apt_unc6691
domainaoiqi.com
apt_unc6691
domainassetvanta.com
apt_unc6691
domainb4689.ncjqeyid.com
apt_unc6691
domainbgubt.com
apt_unc6691
domaincjmekxr.xyz
apt_unc6691
domaincnssssex1.com
apt_unc6691
domaincnssssex10.com
apt_unc6691
domaincnssssex2.com
apt_unc6691
domaincnssssex3.com
apt_unc6691
domaincnssssex4.com
apt_unc6691
domaincnssssex5.com
apt_unc6691
domaincnssssex7.com
apt_unc6691
domaincnssssex8.com
apt_unc6691
domaincnssssex9.com
apt_unc6691
domaincryptonews1.com
apt_unc6691
domaincryptonews2.com
apt_unc6691
domaincryptonews3.com
apt_unc6691
domaincryptonews4.com
apt_unc6691
domaincryptonews5.com
apt_unc6691
domaindemo.serve6688.com
apt_unc6691
domaindnmmo.com
apt_unc6691
domainen.assetvanta.com
apt_unc6691
domainen.vaultnoble.com
apt_unc6691
domainenssssex1.com
apt_unc6691
domainenssssex10.com
apt_unc6691
domainenssssex2.com
apt_unc6691
domainenssssex3.com
apt_unc6691
domainenssssex4.com
apt_unc6691
domainenssssex5.com
apt_unc6691
domainenssssex6.com
apt_unc6691
domainenssssex7.com
apt_unc6691
domainenssssex9.com
apt_unc6691
domainfltue.com
apt_unc6691
domainhk.assetvanta.com
apt_unc6691
domainhk.vaultnoble.com
apt_unc6691
domainhkcapitalsafe.com
apt_unc6691
domainhkfamilyasset.com
apt_unc6691
domainhkkeycontrol.com
apt_unc6691
domainhkkeycontrol.vip
apt_unc6691
domainhkprivateasset.com
apt_unc6691
domainhktradeharbor.com
apt_unc6691
domainhktrustadvisory.com
apt_unc6691
domainjpassetpreserve.com
apt_unc6691
domainjpfamilysecure.com
apt_unc6691
domainjptechshield.com
apt_unc6691
domainjptradingasset.com
apt_unc6691
domainjptrustadvisory.com
apt_unc6691
domainjpwealthguard.com
apt_unc6691
domainnaohgnw.com
apt_unc6691
domainncjqeyid.com
apt_unc6691
domainnew-style-luxury.com
apt_unc6691
domainnewsforcrypto1.com
apt_unc6691
domainnewsforcrypto2.com
apt_unc6691
domainnewsforcrypto3.com
apt_unc6691
domainnewsforcrypto4.com
apt_unc6691
domainnewsforcrypto5.com
apt_unc6691
domainnm.sod555.com
apt_unc6691
domainqvgbr.com
apt_unc6691
domainserve6688.com
apt_unc6691
domainsod555.com
apt_unc6691
domainthqirrxu.com
apt_unc6691
domaintvyuuuuce1.com
apt_unc6691
domaintvyuuuuce10.com
apt_unc6691
domaintvyuuuuce2.com
apt_unc6691
domaintvyuuuuce3.com
apt_unc6691
domaintvyuuuuce4.com
apt_unc6691
domaintvyuuuuce6.com
apt_unc6691
domaintvyuuuuce7.com
apt_unc6691
domaintvyuuuuce8.com
apt_unc6691
domaintvyuuuuce9.com
apt_unc6691
domaintw.assetvanta.com
apt_unc6691
domaintw.vaultnoble.com
apt_unc6691
domainvaultnoble.com
apt_unc6691
domainwd.cjmekxr.xyz
apt_unc6691
domainxw.ncjqeyid.com
apt_unc6691
domainy1.adbmdomt.top
apt_unc6691
domainataas.cl
apt_sandworm
domainchecksystem.nl
apt_sandworm
domaindeltaexchange.net
apt_sandworm
domainmscloudedge.com
apt_sandworm
domainsmartscreenua.com
apt_sandworm
domainxtreme-vision.net
apt_sandworm
domainapidocs.ataas.cl
apt_sandworm
domainovhphpmyadmin.xtreme-vision.net
apt_sandworm
domainanimalsviewstory.com
fakeapp
domainblogpostmessage.com
fakeapp
domaincreativecurrentmedia.com
fakeapp
domaindailydoodleart.com
fakeapp
domainoiedra.com
fakeapp
domainuoidsod.com
fakeapp
domainwandertalesblog.com
fakeapp
domaindopoboulogne.com
ek_clearfake
domainexcel-piscines.com
ek_clearfake
domainlandbankseeds.com
ek_clearfake
domainup2you37.fr
ek_clearfake
domainaxsiagent.com
osx_atomic
domainbeaocnagent.com
osx_atomic
domainblnedagent.com
osx_atomic
domainbnodagent.com
osx_atomic
domainbodlagent.com
osx_atomic
domainbrigthagent.com
osx_atomic
domainchianagent.com
osx_atomic
domaincleraagent.com
osx_atomic
domainclveeragent.com
osx_atomic
domaincodxeagent.com
osx_atomic
domaincoeragent.com
osx_atomic
domaincomteagent.com
osx_atomic
domainconenctagent.com
osx_atomic
domaincongiagent.com
osx_atomic
domaincosimcagent.com
osx_atomic
domaincurretagent.com
osx_atomic
domaincybreagent.com
osx_atomic
domaindeppagent.com
osx_atomic
domaindigiralagent.com
osx_atomic
domaindremaagent.com
osx_atomic
domainecnoagent.com
osx_atomic
domainfalsheagent.com
osx_atomic
domainflmaeagent.com
osx_atomic
domainflwoagent.com
osx_atomic
domainfuesagent.com
osx_atomic
domainglimemragent.com
osx_atomic
domainglwoagent.com
osx_atomic
domaingoelagent.com
osx_atomic
domaingrnadagent.com
osx_atomic
domaingylphagent.com
osx_atomic
domainhaertagent.com
osx_atomic
domainhavneagent.com
osx_atomic
domainhbubagent.com
osx_atomic
domainhelxiagent.com
osx_atomic
domainhmoeagent.com
osx_atomic
domainhoepagent.com
osx_atomic
domaininsihgtagent.com
osx_atomic
domainjionagent.com
osx_atomic
domainliefagent.com
osx_atomic
domainligthagent.com
osx_atomic
domainpms-pro.us
fakeapp
domainteams-downloadhub.com
fakeapp
domainteams-official.com
fakeapp
domainwindows-conference.com
fakeapp
domainofficial-teams-storage.com
fakeapp

Threat ID: 69c3f89bf4197a8e3b58cf35

Added to database: 3/25/2026, 3:00:43 PM

Last enriched: 5/10/2026, 2:23:38 AM

Last updated: 5/10/2026, 5:40:07 AM

Views: 664

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses