Reconnecting to live updates…

Maltrail IOC for 2026-04-07

Severity: mediumType: malware

AI Analysis

Technical Summary

The report details a Maltrail IOC dated April 7, 2026, sourced from CIRCL OSINT Feed, categorized under malware and network activity. It is tagged with medium threat level and is an unsupervised manual OSINT collection. There are no affected product versions or known exploits associated. No patch or remediation is available or applicable as this is an intelligence observation rather than a vulnerability.

Potential Impact

The impact is assessed as medium risk based on the source classification. There is no evidence of active exploitation or direct vulnerability affecting specific products. The IOC serves as a detection indicator for potential malicious network activity but does not describe a vulnerability or exploit with direct impact on systems.

Mitigation Recommendations

No patch or official remediation is available or required. Security teams should consider integrating this IOC into their detection and monitoring tools to identify related network activity. No urgent action is mandated by the vendor or source advisory.

Indicators of Compromise

url: https://api.github.com/repos/stamparm/maltrail/commits/e80d3fab22f4d3fc0c1ff37a51a0afe2ad3fc7fb
domain: 54mx4.com
url: https://api.github.com/repos/stamparm/maltrail/commits/400eac356c69beefd3b2edd58edb3777fcf1f576
domain: greensignal.vip
url: https://api.github.com/repos/stamparm/maltrail/commits/9efe67eeaa48b5f6d91e692f5620483a718c5f29
domain: admin.thotera.com
domain: autoconfig.thotera.com
url: https://api.github.com/repos/stamparm/maltrail/commits/d51204cdb47fac97375ba271d6bc255e93e97cd4
url: https://www.virustotal.com/gui/file/81e2a43a2e5ff619294d195aaaba2eb9c7d3d4bdbb19fce5adf262857a237fe5/detection
domain: polishswimgownsayjwui.shops
domain: stxarnavig.live
url: https://api.github.com/repos/stamparm/maltrail/commits/c5617a29e5221a268a23562657c1a779f35aeb3f
url: https://www.virustotal.com/gui/file/6c1450fdd81c480196863e6fe65af06d2024aef1adb9ab6074f16ba7fdfec83e/detection
domain: dynamiczl.lives
domain: polishswimgownsayjwui.shop
url: https://api.github.com/repos/stamparm/maltrail/commits/2db19b77daa44af51f50d09f9a189e9dc9676175
url: https://www.virustotal.com/gui/file/004691505ae774938b46b7191ea9f216b391c705eef3b86fec3c2921c75f54f0/detection
domain: dynamiczl.live
url: https://api.github.com/repos/stamparm/maltrail/commits/9b8f767c26ae802c5fb1b45840c2feb7e9ac62f5
url: https://www.virustotal.com/gui/file/243764069cc3793e4817a3dccb74a945f0e4a4dd41d87e67912f5359bbf62f16/detection
domain: boreholeconstruction.org
url: https://api.github.com/repos/stamparm/maltrail/commits/e03bef747a0c68a41154e46b2e0ad3eed5093fe8
domain: boardmagic.info
domain: countrypipe.space
domain: spoonducks.cfd
domain: toothdinosaurs.space
url: https://api.github.com/repos/stamparm/maltrail/commits/0ffa179007a3405628423f9729a5013f40b6efe7
ip: 102.220.91.114
ip: 154.12.91.171
ip: 45.205.2.56
url: https://api.github.com/repos/stamparm/maltrail/commits/96d0454171218ec6c5dada0acdfc37b84fec3557
domain: certif.cyou
domain: gooseg.cyou
domain: hidatt.cyou
domain: polecy.cyou
url: https://api.github.com/repos/stamparm/maltrail/commits/237ebf640040be7b2e06e6d29974e8f01379d130
url: https://www.virustotal.com/gui/file/1e1612621c12fa11bfa02e45eec71d55ad6e9850bd45005ba6f0b5d957c8f343/detection
url: https://www.virustotal.com/gui/file/48bc0ca70c2d1fea34ee60c818fa0fa1dc80cf8dc64182d9293888968d3857a0/detection
domain: st-images.socalpocis.org
url: https://api.github.com/repos/stamparm/maltrail/commits/67bccab87569c65186ae56b2c84c7d9a8afe7ac7
domain: blitomra.top
domain: bruvqqex.top
domain: bruxelti.top
domain: dreniko.top
domain: munqera.top
domain: qanivor.top
domain: qerunvax.top
domain: qlorexa.top
domain: ramvito.top
domain: tirqavem.top
domain: wexlunto.top
domain: zorpelix.top
url: https://api.github.com/repos/stamparm/maltrail/commits/5421ea0119991d970553c790289faa76d3978a9a
url: https://www.virustotal.com/gui/file/37721e6b938293cab3193367c9f53226baef67eb3b233c76aef376ad0ca42106/detection
ip: 48.222.9.8
url: https://api.github.com/repos/stamparm/maltrail/commits/68db47f74de85cd6d0a693b300174ec86abf5b52
domain: workbenche.com
domain: workbencn.com
domain: workbenech.com
url: https://api.github.com/repos/stamparm/maltrail/commits/777091c09fcbb5a37b9dd3976317140862b88dbe
domain: cleaf.uno
domain: deeliy.store
url: https://api.github.com/repos/stamparm/maltrail/commits/078da743485e63a4b23da153b193df6d6ae28ab0
domain: osminor.com
url: https://api.github.com/repos/stamparm/maltrail/commits/a4f47a8d01955d033ce0485c90cced1d939a74ac
domain: project-stor129585.pages.dev
domain: fukugyoulog.com
url: https://api.github.com/repos/stamparm/maltrail/commits/bf13f4e6ce94a0e52465b6f98c83188fdfea65c4
url: https://x.com/Fact_Finder03/status/2041413960940085524
domain: flagbrother.uk
url: https://api.github.com/repos/stamparm/maltrail/commits/c2515d7a57e43e2ca952cf413fd8a2ba5ccae67f
url: https://x.com/_SEAL_Org/status/2041289021503005128
domain: uk05live.us
url: https://api.github.com/repos/stamparm/maltrail/commits/34554bc365fc08983f153f9903b2f64e54aae362
url: https://x.com/ShanHolo/status/2041417789483708689
url: https://www.virustotal.com/gui/file/7766ba103dc56f1f6c0ee9fadeb0cfe79327a3264863dbed25dd7f37d9abe04a/detection
domain: grcoil.net
domain: mail.grcoil.net
url: https://api.github.com/repos/stamparm/maltrail/commits/0d4e94e4f97ccdac6a89ded74e11286717a931aa
url: https://x.com/Fact_Finder03/status/2041392682145374395
ip: 195.128.248.31
ip: 4.180.17.86
domain: exastealer.com
domain: api.exastealer.com
url: https://api.github.com/repos/stamparm/maltrail/commits/9f8ddec4db9fa3ac04e34de10d352af9fb48634e
url: https://x.com/whoamix302/status/2041107798575181983
ip: 193.181.214.66
url: https://api.github.com/repos/stamparm/maltrail/commits/78e679504a666b85db680c3021df2bd20ec0a413
url: https://x.com/Fact_Finder03/status/2041416508421849211
ip: 107.189.21.37
ip: 144.172.87.118
url: https://api.github.com/repos/stamparm/maltrail/commits/eeeda038a6485e1dbfd0b8cf6d9ef75360628488
url: https://x.com/smica83/status/2040192208138096669
domain: allianceoutboundalliance.info
domain: allianceoutboundbridge.info
domain: allianceoutboundcentral.info
domain: allianceoutboundcircle.info
domain: allianceoutboundcollaborate.info
domain: allianceoutboundconnect.info
domain: allianceoutboundedge.info
domain: allianceoutboundexperts.info
domain: allianceoutboundfusion.info
domain: allianceoutboundgroup.info
domain: allianceoutboundguide.info
domain: allianceoutboundhq.info
domain: allianceoutboundhub.info
domain: alliancesaleshub.info
domain: alliancesalesnet.info
domain: alliancesalesnetwork.info
domain: alliancesalespartners.info
domain: alliancesalesplus.info
domain: alliancesalesservices.info
domain: alliancesalessolutions.info
domain: alliancesalestools.info
domain: alliancesalesunity.info
domain: alliancesalesworks.info
domain: alliancesalesworld.info
domain: alliancesaleszone.info
domain: bestgrowthbridge.info
domain: bestgrowthcentral.info
domain: bestgrowthcircle.info
domain: bestgrowthcollaborate.info
domain: bestgrowthconnect.info
domain: bestgrowthedge.info
domain: bestgrowthexperts.info
domain: bestgrowthfusion.info
domain: bestgrowthgroup.info
domain: bestgrowthguide.info
domain: bestgrowthhq.info
domain: bestgrowthhub.info
domain: bestgrowthlab.info
domain: bestgrowthnet.info
domain: bestgrowthnetwork.info
domain: bestgrowthpartners.info
domain: bestgrowthplus.info
domain: bestgrowthservices.info
domain: bestgrowthsolutions.info
domain: bestgrowthtools.info
domain: bestgrowthunity.info
domain: bestgrowthworks.info
domain: bestgrowthworld.info
domain: bestgrowthzone.info
domain: bestsalesalliance.info
domain: bestsalesbridge.info
domain: bestsalescentral.info
domain: bestsalescircle.info
domain: bestsalescollaborate.info
domain: bestsalesedge.info
domain: bestsalesexperts.info
domain: bestsalesfusion.info
domain: bestsalesgroup.info
domain: bestsalesguide.info
domain: bestsaleshq.info
domain: bestsaleshub.info
domain: bestsaleslab.info
domain: bestsalesnet.info
domain: bizoutreachconnect.info
domain: bizoutreachgrowth.info
domain: bizoutreachhub.info
domain: bizoutreachnetwork.info
domain: bizoutreachpartners.info
domain: bizoutreachsynergy.info
domain: bizoutreachteam.info
domain: bizpartnersconnect.info
domain: bizpartnersgrowth.info
domain: bizpartnership.info
domain: bizpartnershub.info
domain: bizpartnersnetwork.info
domain: bizpartnerzone.info
domain: bizprogress.info
domain: bizscaling.info
domain: bizscope.info
domain: bizsuccessboost.info
domain: bizsuccessgroup.info
domain: bizsuccessgrow.info
domain: bizsuccesshub.info
domain: bizsuccessjoint.info
domain: bizsynergize.info
domain: bizsynergy.info
domain: bizsynergyconnect.info
domain: bizsynergygroup.info
domain: businessnetworkhub.info
domain: businessoutreach.info
domain: businesssynergyhub.info
domain: businessteamwork.info
domain: collabboost.info
domain: collabbridge.info
domain: collabconnectivity.info
domain: collabconnectnetwork.info
domain: collabconnectors.info
domain: collabfirm.info
domain: collabfirmconnect.info
domain: collabfirmgroup.info
domain: collabgrowconnect.info
domain: collabgrowfirm.info
domain: collabjoint.info
domain: collabjump.info
domain: collablink.info
domain: collabnetwork.info
domain: collabnetworkgrowth.info
domain: collabnetworksynergy.info
domain: collaboratebiz.info
domain: collaborateconnect.info
domain: collaborategrowth.info
domain: collaborategrowthhub.info
domain: collaboratehub.info
domain: collabteams.info
domain: collabteamwork.info
domain: collabventures.info
domain: collabventuresgrow.info
domain: collabzone.info
domain: connectadvance.info
domain: connectfirm.info
domain: connectfirmventures.info
domain: connectgrow.info
domain: connectgrowthhub.info
domain: connectgrowthnetwork.info
domain: connectioncollab.info
domain: connectionnetwork.info
domain: connectionpartners.info
domain: connectionpath.info
domain: connectionteam.info
domain: connectivitygrowth.info
domain: connectivityhub.info
domain: connectivitynet.info
domain: connectivityoutreach.info
domain: connectivitypartners.info
domain: connectivitysynergy.info
domain: connectjoint.info
domain: connectpartners.info
domain: connectpartnership.info
domain: connectsynergic.info
domain: connectsynergize.info
domain: connectsynergy.info
domain: connectsynergyhub.info
domain: connectteam.info
domain: expandconnect.info
domain: expandfirm.info
domain: expandjoint.info
domain: expandsynergy.info
domain: expandteam.info
domain: firmadvance.info
domain: firmboost.info
domain: firmboostjumpconnect.info
domain: firmboostventures.info
domain: firmbridge.info
domain: firmcollab.info
domain: firmconnect.info
domain: firmconnectgroup.info
domain: firmconnectgrow.info
domain: firmconnectivity.info
domain: firmconnectpath.info
domain: firmconnectscope.info
domain: firmconnectventures.info
domain: firmcrew.info
domain: firmcrewconnect.info
domain: jointgrowthcircle.info
domain: jointgrowthcollaborate.info
domain: jointgrowthconnect.info
domain: jointgrowthedge.info
domain: jointgrowthfusion.info
domain: jointgrowthgroup.info
domain: jointgrowthguide.info
domain: jointgrowthhq.info
domain: jointgrowthhub.info
domain: jointgrowthlab.info
domain: jointgrowthnet.info
domain: jointgrowthnetwork.info
domain: jointgrowthpartners.info
domain: jointgrowthplus.info
domain: jointgrowthservices.info
domain: jointgrowthsolutions.info
domain: jointgrowthtools.info
domain: jointgrowthunity.info
domain: jointgrowthworks.info
domain: jointgrowthworld.info
domain: jointgrowthzone.info
domain: maxgrowthalliance.info
domain: maxgrowthbridge.info
domain: maxgrowthcentral.info
domain: maxgrowthcircle.info
domain: outreachconnectivity.info
domain: outreachconnectors.info
domain: outreachdynamics.info
domain: outreachfirm.info
domain: outreachgrowthhub.info
domain: successgrow.info
domain: teamworkoutreach.info
domain: teamworkpartners.info
domain: teamworksynergies.info
domain: teamworksynergy.info
domain: teamworkzone.info
domain: teamzoneconnect.info
domain: teamzonegrow.info
domain: ventureboost.info
domain: venturecrew.info
domain: venturefirmconnect.info
domain: venturesgrowhub.info
domain: venturesgrowth.info
domain: venturesgrowthboost.info
domain: venturesgrowthfirm.info
domain: venturesjoint.info
domain: venturesjointconnect.info
domain: venturesuccess.info
domain: venturesuccesshub.info
domain: venturesuccesszone.info
url: https://api.github.com/repos/stamparm/maltrail/commits/ecf1024364539a067731e86daae4f97d7f8b43d1
domain: anotherkindofdrew.com
domain: astralpacketcore2.lat
domain: cosmicrelayhub2.homes
domain: cosmicrelayhub4.pics
domain: edgepointweb.buzz
domain: everydaygateweb.buzz
domain: fairfieldshop.buzz
domain: frontierbase.buzz
domain: genericflownet.buzz
domain: graystonehub.buzz
domain: hyperdatamesh3.mom
domain: neuralstreamcore2.mom
domain: orbitdatasync1.sbs
domain: orbitdatasync5.pics
domain: stellarnodehub2.baby
domain: stellarnodehub4.pics
domain: ultranodecluster1.lat
url: https://api.github.com/repos/stamparm/maltrail/commits/63bf4ea6c4196180433ec4170812ca00378291a4
domain: agentq.digital
domain: astralpacketcore1.cyou
domain: astralpacketcore1.lat
domain: astralpacketcore3.cyou
domain: astralpacketcore4.baby
domain: astralpacketcore5.mom
domain: astralpacketcore5.pics
domain: cosmicrelayhub1.pics
domain: cosmicrelayhub1.xyz
domain: cosmicrelayhub2.pics
domain: cosmicrelayhub3.baby
domain: cosmicrelayhub3.mom
domain: cosmicrelayhub3.pics
domain: cosmicrelayhub4.baby
domain: cosmicrelayhub4.cfd
domain: cosmicrelayhub5.lol
domain: dataprismcore2.cyou
domain: dataprismcore3.cfd
domain: fluxstoragehub4.sbs
domain: fluxstoragehub5.cyou
domain: fotbal247.com
domain: gumbollworks.com
domain: hyperdatamesh2.baby
domain: hyperdatamesh2.cyou
domain: hyperdatamesh2.lat
domain: hyperdatamesh3.xyz
domain: hyperdatamesh4.lat
domain: hyperdatamesh4.lol
domain: hyperdatamesh5.baby
domain: hyperdatamesh5.lat
domain: hyperdatamesh5.pics
domain: luxfork.com
domain: mmdemo.online
domain: moneycompasshq.com
domain: nebulasyncforge2.mom
domain: nebulasyncforge2.sbs
domain: nebulasyncforge3.cyou
domain: nebulasyncforge4.mom
domain: neuralstreamcore1.cfd
domain: neuralstreamcore1.mom
domain: neuralstreamcore1.pics
domain: neuralstreamcore1.xyz
domain: neuralstreamcore2.cyou
domain: neuralstreamcore2.homes
domain: neuralstreamcore2.lat
domain: neuralstreamcore2.lol
domain: neuralstreamcore2.sbs
domain: neuralstreamcore3.baby
domain: neuralstreamcore3.lol
domain: neuralstreamcore3.pics
domain: neuralstreamcore3.xyz
domain: neuralstreamcore4.cfd
domain: neuralstreamcore4.homes
domain: neuralstreamcore4.lol
domain: neuralstreamcore4.mom
domain: neuralstreamcore5.baby
domain: neuralstreamcore5.cfd
domain: neuralstreamcore5.xyz
domain: orbitdatasync1.cyou
domain: orbitdatasync1.homes
domain: orbitdatasync1.mom
domain: orbitdatasync2.cyou
domain: orbitdatasync2.lol
domain: orbitdatasync2.mom
domain: orbitdatasync2.pics
domain: orbitdatasync4.baby
domain: orbitdatasync4.mom
domain: orbitdatasync4.sbs
domain: orbitdatasync5.cfd
domain: orbitdatasync5.cyou
domain: orbitstreamvault1.cfd
domain: orbitstreamvault2.mom
domain: orbitstreamvault3.baby
domain: orbitstreamvault4.cfd
domain: orbitstreamvault4.pics
domain: pet-care-mastery.com
domain: quantumcachegrid1.cyou
domain: quantumcachegrid3.homes
domain: quantumcachegrid3.lol
domain: quantumcachegrid4.baby
domain: quantumcachegrid4.lat
domain: quantumcachegrid5.sbs
domain: quantumcachegrid5.xyz
domain: quantumfluxgrid1.lol
domain: quantumfluxgrid2.homes
domain: quantumfluxgrid2.mom
domain: quantumfluxgrid3.lat
domain: quantumfluxgrid3.pics
domain: quantumfluxgrid4.cyou
domain: quantumfluxgrid4.lat
domain: quantumfluxgrid4.lol
domain: quantumfluxgrid4.pics
domain: quantumfluxgrid4.sbs
domain: quantumfluxgrid5.cyou
domain: quantumfluxgrid5.sbs
domain: quantumfluxgrid5.xyz
domain: stellarbackupnode1.lat
domain: stellarbackupnode2.cfd
domain: stellarbackupnode3.cyou
domain: stellarbackupnode3.lat
domain: stellarbackupnode3.xyz
domain: stellarbackupnode4.mom
domain: stellarbackupnode5.homes
domain: stellarnodehub1.baby
domain: stellarnodehub1.cyou
domain: stellarnodehub2.xyz
domain: stellarnodehub3.baby
domain: stellarnodehub3.sbs
domain: stellarnodehub4.cfd
domain: stellarnodehub4.mom
domain: stellarnodehub5.cyou
domain: stellarnodehub5.mom
domain: stellarnodehub5.xyz
domain: ultranodecluster1.baby
domain: ultranodecluster1.pics
domain: ultranodecluster2.cyou
domain: ultranodecluster2.mom
domain: ultranodecluster2.sbs
domain: ultranodecluster3.cyou
domain: ultranodecluster4.cyou
domain: ultranodecluster4.mom
domain: ultranodecluster4.sbs
domain: ultranodecluster5.cfd
domain: ultranodecluster5.mom
domain: webvormgeving.com
url: https://api.github.com/repos/stamparm/maltrail/commits/cf3316b6e2c2b1a9f84c8ea335187850a95f05b9
url: https://x.com/abh1sek/status/2041160413778460947
domain: jsonkeeper.com
url: https://api.github.com/repos/stamparm/maltrail/commits/ec6d60c2c2db17d74118eb9b10aa5152ea6fee64
domain: airvoyagero.com
domain: anydomen.net
domain: kettlewhisper.icu
domain: msne.shop
domain: pauseinterior.xyz
domain: tubestore.digital
domain: 1l.domenpozh.net
domain: d5.tubestore.digital
domain: mail.pauseinterior.xyz
domain: y8.anydomen.net
url: https://api.github.com/repos/stamparm/maltrail/commits/9ccca12a3d438cd4817774e8e1ed4192c220b0f0
url: https://x.com/volrant136/status/2041165158139961381
domain: biglights.net
domain: new88top.com
url: https://api.github.com/repos/stamparm/maltrail/commits/7dc7163aa3d24de432c0007cd74c63f035fde359
domain: biskt.cloud
url: https://api.github.com/repos/stamparm/maltrail/commits/e1610be5466cc96a819b945a7118aff30a318646
domain: tg999.me
url: https://api.github.com/repos/stamparm/maltrail/commits/17ddbbfd69fa7ee3505a61da0a0cba74ba10b0f6
domain: 25vsikqn.easttea.in.net
domain: admin.tg999.me
domain: age-logic.lookyouthful.in.net
domain: amp-v1.amperelose.in.net
domain: anydomen.info
domain: artodigital.id
domain: autoconfig.nokfitwear.com.br
domain: autodiscover.apexdigitech.net
domain: autodiscover.donohosting.com
domain: autodiscover.incubolabs.com
domain: banne-shi.catflow.in.net
domain: big02.bigamyprogramm.in.net
domain: bin-monitor.recycleroach.in.net
domain: brain-scan.neurogrid.in.net
domain: buttonfrost.icu
domain: calc-engine.hammermathemat.in.net
domain: cedarclient.slowcube.in.net
domain: clea-line.inksky.in.net
domain: clearpane.sheetglass.in.net
domain: clevergeriatric.icu
domain: clip-ten.blowoff.in.net
domain: cloth-net.technofabric.in.net
domain: corvet-sync.corvetsynchron.in.net
domain: dbiecm.easttea.in.net
domain: deal-proxy.confoundsoldout.in.net
domain: depoff.flowwow.in.net
domain: design-v1.commundesign.in.net
domain: disc-v9.grimasdiscuss.in.net
domain: esaul-frostline.esaulsnow.in.net
domain: evegelenmasor.xyz
domain: evolution.plataformasai.com
domain: f6.rememberer.digital
domain: face-lift.lookyouthful.in.net
domain: fc.nextbridge.digital
domain: fi.opticforge.digital
domain: g0-data-z9.viametrica.in.net
domain: geo-p1levector.geodesistpile.in.net
domain: hnjutai.net
domain: hot-sauce.caliphsaucy.in.net
domain: hzrenxiao.com
domain: jycxjx.com
domain: kofcsacredhearttampa.org
domain: learn-gate.edunoppress.in.net
domain: maze-check.confoundsoldout.in.net
domain: measur0-mark.backyard.in.net
domain: mesh-cloud.technofabric.in.net
domain: mind-node.neurogrid.in.net
domain: musik.bio
domain: nmgixmc.catflow.in.net
domain: nocode.artodigital.id
domain: openclaw.flowsolo.app
domain: openpure.catflow.in.net
domain: palace-gate.caliphsaucy.in.net
domain: pixel-view.digiframe.in.net
domain: puzz-sync.confoundsoldout.in.net
domain: qvibhf.com
domain: rabbit-v1.rabbitfarm.in.net
domain: reage2-crest.darkboll.in.net
domain: riv3-node.catflat.in.net
domain: secure-key.cryptolayer.in.net
domain: sftpin.com
domain: snack-api.balkarbelyashi.in.net
domain: sorteio.orientefarma.com.br
domain: static-cdn.digiframe.in.net
domain: surveyrock.geodesistpile.in.net
domain: talk-sync.grimasdiscuss.in.net
domain: tanxionglouru.top
domain: tanxionglouru1.top
domain: tanxionglouru2.top
domain: tanxionglouru3.top
domain: tanxionglouru4.top
domain: tanxionglouru5.top
domain: tanxionglouru6.top
domain: tg999.pro
domain: tool-logic.hammermathemat.in.net
domain: tr4d3-sheet.flowwow.in.net
domain: uniatende.noai.com.br
domain: unifi.lan.devusercode.net
domain: w9m2kx.alaspasteur.in.net
domain: wash-logic.okiselwhiten.in.net
domain: weldoxis.in.net
domain: www.evegelenmasor.xyz
domain: www.musik.bio
domain: x5-gate-33.arcostruttura.in.net
domain: xinxinfiber.com
domain: xkiwkg.com
domain: yinshengjiuyu.top
domain: yinshengjiuyu0.top
domain: yinshengjiuyu1.top
domain: yinshengjiuyu2.top
domain: yinshengjiuyu3.top
domain: yinshengjiuyu5.top
domain: zc.xxacgyun.top
domain: swiftyswap.com
url: https://api.github.com/repos/stamparm/maltrail/commits/22e51b6c8fac3f4c739b768f64acb49b9a69cd80
url: https://x.com/smica83/status/2041269758151020655
url: https://tria.ge/260406-1gkbyafs6x/behavioral1
url: https://www.virustotal.com/gui/file/84b6ce21535041f998e7c21a0d426e8ffab18b7575313cc1b070b3f44db1225f/detection
domain: hongkongplazaworks.top
url: https://api.github.com/repos/stamparm/maltrail/commits/b2fd501e75785bc0b3e61f1565d8fda230d17a00
url: https://x.com/malwrhunterteam/status/2041443385647469056
url: https://www.virustotal.com/gui/file/252756d856eda174d3a18c0210a1861476ce7bf286472b91940914e0a6f506f5/detection
ip: 45.142.193.27
ip: 5.252.177.209
domain: ambitions.tech
domain: blockbaster.top
domain: elasysaresearch.biz
domain: goinsideit.com
domain: goinsideitmore.com
domain: gosidefastandpure.com
domain: homeshieldins.org
domain: mikabooks.com
domain: onboardingforzarace.com
domain: powerbioreceipt.com
domain: wingsidedev.monster
url: https://api.github.com/repos/stamparm/maltrail/commits/d7747eeb1b642d4c206132723fa9196fc9e4d508
url: https://x.com/suyog41/status/2041475268716773782
url: https://www.virustotal.com/gui/file/244aa0b040da62acec167007f35658c069df96117bd875005e674e0690e386c6/detection
url: https://www.virustotal.com/gui/file/0e67638a2d2187784a46bcb7d3a26ecda29fb1a0f9df1b4ab6537cf9a2e6aa2f/detection
ip: 185.246.223.75
url: https://api.github.com/repos/stamparm/maltrail/commits/a46d50facebca0d0e95ec6fcfcf5a874ef0f28b7
url: https://www.virustotal.com/gui/file/8f31c06c8e7ea9eb451bf26666ac4a958bb485b2a8b71feace1981633b116c92/detection
url: https://api.github.com/repos/stamparm/maltrail/commits/1723d86ce4eb249b54e695548e00345cdf2ff994
url: https://x.com/fbgwls245/status/2041333078518587563
domain: 6tdqqaxftvradka5d2frzgwixis7fmro7rfh4ettzcx7jfapkebe6jad.onion
url: https://api.github.com/repos/stamparm/maltrail/commits/412404c368f16f86251ca0dd951a26706ca602f6
url: https://x.com/smica83/status/2041480947896344875
url: https://tria.ge/260407-nrj3psgs31/behavioral1
url: https://www.virustotal.com/gui/file/4e718cb2e0972cbf7667b699c0ead3a76bdc9d4a194159e4e5b315cec362f089/detection
ip: 182.16.88.242
domain: vaeth.cn
url: https://api.github.com/repos/stamparm/maltrail/commits/4957e77b3522e23822689b1c263f7d66bd89fccb
url: https://x.com/smica83/status/2041479566724571468
domain: gem-mixed-expert-struct.trycloudflare.com
url: https://api.github.com/repos/stamparm/maltrail/commits/143e8c90d57ea024721e03d2bf8dc12451815e6f
url: https://x.com/sdcyberresearch/status/2041467751928131592
ip: 213.177.179.8
url: https://api.github.com/repos/stamparm/maltrail/commits/9914f05c88276cebf7a3a502f1e8980775cbb973
url: https://www.virustotal.com/gui/file/01a61df6707822b6fdf56ec5cf4a7e144c4b30d56e8ddc2b65577b24d5d4f49d/detection
ip: 103.130.214.71
url: https://api.github.com/repos/stamparm/maltrail/commits/4f3a217196293001ede41b0f594d20a9e5f951a3
domain: teak.gen.tr
url: https://api.github.com/repos/stamparm/maltrail/commits/4d95535806bf5f543380705f7a1732ed59b521a1
url: https://x.com/SansLimit3/status/2041247689736937776
url: https://www.virustotal.com/gui/file/2a0af4ecd6bf09b3fefd1c0c5a2e973bd6aee7877934cf80d3fb5c8bf0108810/detection
ip: 154.194.50.229
domain: 489483896l.top
domain: abp-tw6.top
domain: abrainbladtide.top
domain: addoins.top
domain: admin.fesst.top
domain: admin.rannkinmoneysc.top
domain: advancesc.top
domain: agqot2451.top
domain: akin.defencingm.top
domain: allforoons.top
domain: ap6w-tf4.top
domain: aphalxixpanel.top
domain: app.abrainbladtide.top
domain: app.busting0setup.top
domain: app.pinnnoplockzuz.top
domain: app.rnewamikol01.top
domain: appllus.top
domain: atbhu-25.top
domain: azhelp.top
domain: bizabizadealsvvi.top
domain: blinksings.top
domain: bookviriandeals.top
domain: bp6yr-79.top
domain: breenchwithoutborders.top
domain: bsupport.top
domain: buissine.top
domain: burffring.top
domain: busting0setup.top
domain: c63av-i8.top
domain: carecsj.top
domain: ccxpanelx.top
domain: cheaptousscreen.top
domain: chepoz.top
domain: connect-invite.top
domain: connectguru.top
domain: corematrixadmin.top
domain: crenmolate.top
domain: debugbuddybi.top
domain: defencingm.top
domain: demssz-nnow.top
domain: dentallifecoaching.top
domain: digitalconnectappuser.top
domain: dinsons.top
domain: dmcmd.top
domain: drclosermendeals71l.top
domain: drsol.top
domain: dzy.secureset.top
domain: emishop.top
domain: emistocks.top
domain: emptytolerance.top
domain: ep7e-3ed.top
domain: fesnings.top
domain: fesst.top
domain: fslkjhgfdd.top
domain: futummn.top
domain: getleets.top
domain: godpanel.top
domain: granitepeaknet.top
domain: greatmosts.top
domain: gronot.top
domain: gsmpro.top
domain: gtstore.top
domain: guce.blinksings.top
domain: hantfaconnect.top
domain: haskba.top
domain: helpbsl.top
domain: hiddenconsole.top
domain: hitpanel.top
domain: hk.secureset.top
domain: hkrabag.top
domain: holtvad.top
domain: homenmade.top
domain: hopics.top
domain: idpcare.top
domain: jamscreen.top
domain: jboi.top
domain: jdsfrw-11.top
domain: jellybot.top
domain: kailefoodsdeals.top
domain: kellyxxpanel.top
domain: lmf-93dy.top
domain: loveenin.top
domain: lzior-95a.top
domain: mainpatron.top
domain: mdr-xe4s.top
domain: mhrapanl.top
domain: myscreenfriend.top
domain: naturalpath.top
domain: natyiepanel.top
domain: neondebuggerbi.top
domain: nerdshubsavvy.top
domain: newtimfor.top
domain: nexusbackendsys.top
domain: obstrinitromanual.top
domain: offslinses.top
domain: oqtii2skreen.top
domain: orikori.orireofero.top
domain: orireofero.top
domain: owlxpc.top
domain: parlless.top
domain: pinnnoplockzuz.top
domain: potarucu.top
domain: rannkinmoneysc.top
domain: recordadaptersbiz.top
domain: reservservers.top
domain: retoup.top
domain: reywnotification.top
domain: rnewamikol01.top
domain: ruthl3ssw1zard.top
domain: scr90.top
domain: secure.obstrinitromanual.top
domain: secure.varfootball.top
domain: secureset.top
domain: signto.top
domain: snoopofthe.top
domain: stacks-sc.top
domain: stayingsan3.top
domain: stewise.top
domain: stocksmarket.top
domain: sukriopeap.top
domain: supersender.top
domain: support.snoopofthe.top
domain: thefixwizardbyte.top
domain: thelifechurchhomebas.top
domain: twirrewnss.top
domain: tzthelp.top
domain: udcare.top
domain: uniccloud.top
domain: uzvlive.top
domain: varfootball.top
domain: voxilate.top
domain: worydwidehuc.top
domain: wphelp.top
domain: yufuiosiwk.top
domain: zaza1sm1.top
domain: zcmpro.top
domain: ziy8-fd4.top
domain: zscrewssa.top
domain: zynthara.top
url: https://api.github.com/repos/stamparm/maltrail/commits/64213cdad82b338fa4ab4e32920af458ad247b68
url: https://api.github.com/repos/stamparm/maltrail/commits/49bb3d604550e408abe9ac2de4fb7416a7cea7e4
domain: millimanonlinelogin.go2omega.com
url: https://api.github.com/repos/stamparm/maltrail/commits/c801f96ed12a6d7dc7769fd3792dab4414f25fa2
domain: 9goooglemeetts.live
domain: descamisad.sbs
domain: nexttoconnekt.click
url: https://api.github.com/repos/stamparm/maltrail/commits/4127d3dcc3590c947a81bb869b6a24feac94a50d
domain: siteinsight.bond
domain: 9r.vc-whatsapp.hl.cn
domain: 9t.tg-whatsapp.hl.cn
domain: 9v.uh-whatsapp.hl.cn
domain: akmzr-whatsapp.com.cn
domain: axqtp-whatsapp.hl.cn
domain: axrqp-whatsapp.com.cn
domain: dzqvp-whatsapp.com.cn
domain: fqpmr-whatsapp.hl.cn
domain: fzqmr-whatsapp.com.cn
domain: gqvxt-whatsapp.com.cn
domain: kzpmr-whatsapp.hl.cn
domain: lmqxt-whatsapp.com.cn
domain: mlqzr-whatsapp.com.cn
domain: mqvtr-whatsapp.com.cn
domain: mxptr-whatsapp.com.cn
domain: mxqvr-whatsapp.com.cn
domain: pqvxm-whatsapp.com.cn
domain: rmxqt-whatsapp.com.cn
domain: rtzmq-whatsapp.com.cn
domain: tg-whatsapp.hl.cn
domain: uh-whatsapp.hl.cn
domain: vbqmr-whatsapp.hl.cn
domain: vc-whatsapp.hl.cn
domain: wss-akzwr-whatsapp.com.cn
domain: wss-bvkpa-whatsapp.com.cn
domain: wss-lmtrx-whatsapp.com.cn
domain: wss-lpmqr-whatsapp.com.cn
domain: wss-nqzrv-whatsapp.com.cn
domain: wss-pzlmx-whatsapp.com.cn
domain: wss-qrtxp-whatsapp.com.cn
domain: wss-rwkxm-whatsapp.com.cn
domain: wss-rxzma-whatsapp.com.cn
domain: wss-vmpxr-whatsapp.com.cn
domain: wss-wxkpt-whatsapp.com.cn
domain: wss-zpqva-whatsapp.com.cn
domain: zrkpm-whatsapp.hl.cn
url: https://api.github.com/repos/stamparm/maltrail/commits/203c726cef7a46f6ef47a9f174f9088222bf070e
url: https://www.netskope.com/blog/from-clickfix-to-maas-exposing-a-modular-windows-rat-and-its-admin-panel
url: https://github.com/netskopeoss/NetskopeThreatLabsIOCs/blob/main/Malware/NodeJS_MAAS/IOCs/README.md
domain: cloud-verificate.com
domain: yuhvgbzsa66biqeatbmdvfo5b5jjefcmz5t2vjuvco5qtdkshfpabyid.onion
url: https://api.github.com/repos/stamparm/maltrail/commits/9c196058e44957ac845f48589874712baf74a3dd
url: https://x.com/BushidoToken/status/2039303939347365989
url: https://www.team-cymru.com/post/yurei-double-extortion-ransomware-campaign-toolkit
ip: 44.210.101.86
ip: 44.223.40.182
url: https://api.github.com/repos/stamparm/maltrail/commits/b8e96294d745e0c0134aaa89002e5ca681920153
url: https://www.virustotal.com/gui/file/18f79e4032e8ad64ac4c25aed4f2e9e6e510582d45a6126b9184a307a9ca480a/detection
url: https://www.virustotal.com/gui/file/68829f1aaf370b9199d3b3ceb90ddb1516caef6582369aa4ca1740c7d617de70/detection
ip: 91.196.32.232
url: https://api.github.com/repos/stamparm/maltrail/commits/458d167fb7afd53510e539ef9d5cc2a55490772f
ip: 34.29.255.251
url: https://api.github.com/repos/stamparm/maltrail/commits/6c7a2663b26e3e41057ba658f235425e7272fec4
url: https://x.com/1ZRR4H/status/2041514871875932395
domain: google-meetingsnow.click
domain: google-meetingsnow.us
domain: googlemeet-meetings.us
domain: googlemeetmenow.us
domain: hollycanvas.xyz
domain: meeting-live.site
domain: googlemeet.meeting-live.site
domain: googlemeeting.meeting-live.site
domain: invite.hollycanvas.xyz
domain: mail.google-meetingsnow.us
domain: mail.googlemeet-meetings.us
domain: mail.googlemeetmenow.us
domain: meet.google-meetingsnow.us
url: https://api.github.com/repos/stamparm/maltrail/commits/82db040e5e00dd26b8763ad4e398671e39fac12d
url: https://safedep.io/malicious-npm-strapi-plugin-events-c2-agent
ip: 144.31.107.231
url: https://api.github.com/repos/stamparm/maltrail/commits/1a16f2ab1ff630c51244ad1cc8e4e0c7c0883b1b
url: https://x.com/miltinh0c/status/2041130081372852516
domain: blazingapss12.cfd
domain: blazingapss8.cfd
domain: yesjis.com
url: https://api.github.com/repos/stamparm/maltrail/commits/a75d4cbfc3ca5c353fb6d642818983780b2165d6
domain: instantmeeting.live
url: https://api.github.com/repos/stamparm/maltrail/commits/c97b4ce8d0232fa41ff26fab5cf32104f7897e4e
url: https://www.virustotal.com/gui/ip-address/91.92.243.168/relations
domain: podiat.cyou
domain: smeltd.cyou
url: https://api.github.com/repos/stamparm/maltrail/commits/a870a3af1ab1eafb4a8e0249cbc02cf4343f5154
url: https://x.com/ctrlaltintel/status/2041525537068232997
domain: 3commas.icu
domain: accessrecovery.info
domain: ai-game.us4web-zoom.com
domain: app.sypraf-group.com
domain: app.us01zoom.com
domain: app.us04zoom.com
domain: app.us4web-zoom.com
domain: aushomeaffairs.com
domain: awaresec.de
domain: bezirk-niderbayern.de
domain: brandeins-magazin.de
domain: broonerconstructionmeetings.com
domain: bsi-bund.info
domain: catatankerja.online
domain: chat.neoscribe.us
domain: checkthatout.com
domain: connect-zoom.info
domain: de06web.zoom.com.de
domain: devegas.fun
domain: eco-gear.us4web-zoom.com
domain: ensdomain.org
domain: epa2.de
domain: frankfurt-1.threeletters.tech
domain: ftp.checkthatout.com
domain: ftp.us04web-zoom.eu
domain: greenwayauto.sale
domain: hamwdeonf.xyz
domain: healthlinepulse.com
domain: hermes-holding-it.de
domain: huramovies.mov
domain: invitezoom.xyz
domain: ip54.ip-51-89-220.eu
domain: ipv6.srv541312.hstgr.cloud
domain: jmpconf.com
domain: join-meeting-invite-id-567765.nasbv.site
domain: kattenn.com
domain: kdga.be
domain: link.us4web-zoom.com
domain: livechatzoomsession.com
domain: mail.accessrecovery.info
domain: mail.srv541312.hstgr.cloud
domain: mail.us11webzoom.com
domain: mail.uswebmeetings06.com
domain: mail.uswebmeetingzoom03.com
domain: mail.uswebzoom03.com
domain: mail.zoommeets.us
domain: match.us4web-zoom.com
domain: meeting.rilara.workers.dev
domain: meetting.zoomus.work
domain: millies.pics.ngrok.pro
domain: ministeriumbw.de
domain: mw.zoorn.me
domain: my-zoom-meeting.us
domain: my-zoom.us
domain: mywebmeetingz.com
domain: naviprotocol.us
domain: nextvmserver.xyz
domain: ns1.smpawsumber.sch.id
domain: ns2.smpawsumber.sch.id
domain: opportunitypresentation.com
domain: postal-net.co.za
domain: private.zoomconnet.online
domain: realtimezoomsession.com
domain: recovery-coldcard.com
domain: rilara.workers.dev
domain: secure-zoom.com
domain: secure.solzerrealestate.com
domain: secure.us4web-zoom.com
domain: siemenshealth.eu
domain: smcn.edu.ar
domain: solzerrealestate.com
domain: srv541312.hstgr.cloud
domain: stadtverwaltung-bad-toelz.de
domain: sypraf-group.com
domain: test.us4web-zoom.com
domain: theagilepotato.com
domain: tiaodongdog.cloud
domain: us01zoom.com
domain: us02web-zoom-us-j-9898711911pwd-zuhaiunzlpctcrumlydjz09omn.pages.dev
domain: us03zoom.us
domain: us04web-zoom.eu
domain: us04zoom.com
domain: us06webs.com
domain: us07webszoom.us
domain: us11webzoom.com
domain: us38web.us
domain: us4web-zoom.com
domain: us80web-zoom.us
domain: us90web.us
domain: uswebmeetings06.com
domain: uswebmeetingzoom03.com
domain: uswebzoom03.com
domain: valannia.xyz
domain: voicetech.institute
domain: vw.voicetech.institute
domain: wc-42j.pages.dev
domain: web-updates.com
domain: web-zoom.cloud
domain: web-zoom.eu
domain: web.us4web-zoom.com
domain: web01shjfdxskljgvxdsfy.us.logfiles.help
domain: webdisk.srv541312.hstgr.cloud
domain: webmail.srv541312.hstgr.cloud
domain: webzoominvite05za.us
domain: webzoominvite05za.us.logfiles.help
domain: whm.srv541312.hstgr.cloud
domain: zoom-meet.info
domain: zoom-meeting.yhcyapi.com
domain: zoom-meetingnow.us
domain: zoom-metting.worktoolz.fun
domain: zoom-opy2wnlywlc7zqdhdhdeyjn1gnij3u.zk1x.com
domain: zoom-x2l120fe7yq3t0.jigrayco.com
domain: zoom.awaresec.de
domain: zoom.bayern-lda.de
domain: zoom.beta.dataviberpm.com
domain: zoom.brandeins-magazin.de
domain: zoom.ciudadanos-cs.org
domain: zoom.das-reha-portal.de
domain: zoom.datavibe.com
domain: zoom.epa2.de
domain: zoom.flilx.cn
domain: zoom.icon-league.de
domain: zoom.institution-medizin.de
domain: zoom.jenbunk.com
domain: zoom.maoffers.net
domain: zoom.markt-gapa.de
domain: zoom.ministeriumbw.de
domain: zoom.oberbayern-bezirk.de
domain: zoom.themovie.group
domain: zoom.us.who3.info
domain: zoom.us38web.us
domain: zoom.us4web-zoom.com
domain: zoom.us90web.us
domain: zoomcalls.xyz
domain: zoomconnet.online
domain: zoommeets.us
domain: zoomupgrade.com
domain: zooom-cal-imvite-zoom-session.org
domain: zoooomm.it.com
domain: zooooom.it.com
domain: zoorn.me

Maltrail IOC for 2026-04-07

Severity: medium

Type: malware

Maltrail IOC for 2026-04-07

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

url: https://api.github.com/repos/stamparm/maltrail/commits/e80d3fab22f4d3fc0c1ff37a51a0afe2ad3fc7fb
domain: 54mx4.com
url: https://api.github.com/repos/stamparm/maltrail/commits/400eac356c69beefd3b2edd58edb3777fcf1f576
domain: greensignal.vip
url: https://api.github.com/repos/stamparm/maltrail/commits/9efe67eeaa48b5f6d91e692f5620483a718c5f29
domain: admin.thotera.com
domain: autoconfig.thotera.com
url: https://api.github.com/repos/stamparm/maltrail/commits/d51204cdb47fac97375ba271d6bc255e93e97cd4
url: https://www.virustotal.com/gui/file/81e2a43a2e5ff619294d195aaaba2eb9c7d3d4bdbb19fce5adf262857a237fe5/detection
domain: polishswimgownsayjwui.shops
domain: stxarnavig.live
url: https://api.github.com/repos/stamparm/maltrail/commits/c5617a29e5221a268a23562657c1a779f35aeb3f
url: https://www.virustotal.com/gui/file/6c1450fdd81c480196863e6fe65af06d2024aef1adb9ab6074f16ba7fdfec83e/detection
domain: dynamiczl.lives
domain: polishswimgownsayjwui.shop
url: https://api.github.com/repos/stamparm/maltrail/commits/2db19b77daa44af51f50d09f9a189e9dc9676175
url: https://www.virustotal.com/gui/file/004691505ae774938b46b7191ea9f216b391c705eef3b86fec3c2921c75f54f0/detection
domain: dynamiczl.live
url: https://api.github.com/repos/stamparm/maltrail/commits/9b8f767c26ae802c5fb1b45840c2feb7e9ac62f5
url: https://www.virustotal.com/gui/file/243764069cc3793e4817a3dccb74a945f0e4a4dd41d87e67912f5359bbf62f16/detection
domain: boreholeconstruction.org
url: https://api.github.com/repos/stamparm/maltrail/commits/e03bef747a0c68a41154e46b2e0ad3eed5093fe8
domain: boardmagic.info
domain: countrypipe.space
domain: spoonducks.cfd
domain: toothdinosaurs.space
url: https://api.github.com/repos/stamparm/maltrail/commits/0ffa179007a3405628423f9729a5013f40b6efe7
ip: 102.220.91.114
ip: 154.12.91.171
ip: 45.205.2.56
url: https://api.github.com/repos/stamparm/maltrail/commits/96d0454171218ec6c5dada0acdfc37b84fec3557
domain: certif.cyou
domain: gooseg.cyou
domain: hidatt.cyou
domain: polecy.cyou
url: https://api.github.com/repos/stamparm/maltrail/commits/237ebf640040be7b2e06e6d29974e8f01379d130
url: https://www.virustotal.com/gui/file/1e1612621c12fa11bfa02e45eec71d55ad6e9850bd45005ba6f0b5d957c8f343/detection
url: https://www.virustotal.com/gui/file/48bc0ca70c2d1fea34ee60c818fa0fa1dc80cf8dc64182d9293888968d3857a0/detection
domain: st-images.socalpocis.org
url: https://api.github.com/repos/stamparm/maltrail/commits/67bccab87569c65186ae56b2c84c7d9a8afe7ac7
domain: blitomra.top
domain: bruvqqex.top
domain: bruxelti.top
domain: dreniko.top
domain: munqera.top
domain: qanivor.top
domain: qerunvax.top
domain: qlorexa.top
domain: ramvito.top
domain: tirqavem.top
domain: wexlunto.top
domain: zorpelix.top
url: https://api.github.com/repos/stamparm/maltrail/commits/5421ea0119991d970553c790289faa76d3978a9a
url: https://www.virustotal.com/gui/file/37721e6b938293cab3193367c9f53226baef67eb3b233c76aef376ad0ca42106/detection
ip: 48.222.9.8
url: https://api.github.com/repos/stamparm/maltrail/commits/68db47f74de85cd6d0a693b300174ec86abf5b52
domain: workbenche.com
domain: workbencn.com
domain: workbenech.com
url: https://api.github.com/repos/stamparm/maltrail/commits/777091c09fcbb5a37b9dd3976317140862b88dbe
domain: cleaf.uno
domain: deeliy.store
url: https://api.github.com/repos/stamparm/maltrail/commits/078da743485e63a4b23da153b193df6d6ae28ab0
domain: osminor.com
url: https://api.github.com/repos/stamparm/maltrail/commits/a4f47a8d01955d033ce0485c90cced1d939a74ac
domain: project-stor129585.pages.dev
domain: fukugyoulog.com
url: https://api.github.com/repos/stamparm/maltrail/commits/bf13f4e6ce94a0e52465b6f98c83188fdfea65c4
url: https://x.com/Fact_Finder03/status/2041413960940085524
domain: flagbrother.uk
url: https://api.github.com/repos/stamparm/maltrail/commits/c2515d7a57e43e2ca952cf413fd8a2ba5ccae67f
url: https://x.com/_SEAL_Org/status/2041289021503005128
domain: uk05live.us
url: https://api.github.com/repos/stamparm/maltrail/commits/34554bc365fc08983f153f9903b2f64e54aae362
url: https://x.com/ShanHolo/status/2041417789483708689
url: https://www.virustotal.com/gui/file/7766ba103dc56f1f6c0ee9fadeb0cfe79327a3264863dbed25dd7f37d9abe04a/detection
domain: grcoil.net
domain: mail.grcoil.net
url: https://api.github.com/repos/stamparm/maltrail/commits/0d4e94e4f97ccdac6a89ded74e11286717a931aa
url: https://x.com/Fact_Finder03/status/2041392682145374395
ip: 195.128.248.31
ip: 4.180.17.86
domain: exastealer.com
domain: api.exastealer.com
url: https://api.github.com/repos/stamparm/maltrail/commits/9f8ddec4db9fa3ac04e34de10d352af9fb48634e
url: https://x.com/whoamix302/status/2041107798575181983
ip: 193.181.214.66
url: https://api.github.com/repos/stamparm/maltrail/commits/78e679504a666b85db680c3021df2bd20ec0a413
url: https://x.com/Fact_Finder03/status/2041416508421849211
ip: 107.189.21.37
ip: 144.172.87.118
url: https://api.github.com/repos/stamparm/maltrail/commits/eeeda038a6485e1dbfd0b8cf6d9ef75360628488
url: https://x.com/smica83/status/2040192208138096669
domain: allianceoutboundalliance.info
domain: allianceoutboundbridge.info
domain: allianceoutboundcentral.info
domain: allianceoutboundcircle.info
domain: allianceoutboundcollaborate.info
domain: allianceoutboundconnect.info
domain: allianceoutboundedge.info
domain: allianceoutboundexperts.info
domain: allianceoutboundfusion.info
domain: allianceoutboundgroup.info
domain: allianceoutboundguide.info
domain: allianceoutboundhq.info
domain: allianceoutboundhub.info
domain: alliancesaleshub.info
domain: alliancesalesnet.info
domain: alliancesalesnetwork.info
domain: alliancesalespartners.info
domain: alliancesalesplus.info
domain: alliancesalesservices.info
domain: alliancesalessolutions.info
domain: alliancesalestools.info
domain: alliancesalesunity.info
domain: alliancesalesworks.info
domain: alliancesalesworld.info
domain: alliancesaleszone.info
domain: bestgrowthbridge.info
domain: bestgrowthcentral.info
domain: bestgrowthcircle.info
domain: bestgrowthcollaborate.info
domain: bestgrowthconnect.info
domain: bestgrowthedge.info
domain: bestgrowthexperts.info
domain: bestgrowthfusion.info
domain: bestgrowthgroup.info
domain: bestgrowthguide.info
domain: bestgrowthhq.info
domain: bestgrowthhub.info
domain: bestgrowthlab.info
domain: bestgrowthnet.info
domain: bestgrowthnetwork.info
domain: bestgrowthpartners.info
domain: bestgrowthplus.info
domain: bestgrowthservices.info
domain: bestgrowthsolutions.info
domain: bestgrowthtools.info
domain: bestgrowthunity.info
domain: bestgrowthworks.info
domain: bestgrowthworld.info
domain: bestgrowthzone.info
domain: bestsalesalliance.info
domain: bestsalesbridge.info
domain: bestsalescentral.info
domain: bestsalescircle.info
domain: bestsalescollaborate.info
domain: bestsalesedge.info
domain: bestsalesexperts.info
domain: bestsalesfusion.info
domain: bestsalesgroup.info
domain: bestsalesguide.info
domain: bestsaleshq.info
domain: bestsaleshub.info
domain: bestsaleslab.info
domain: bestsalesnet.info
domain: bizoutreachconnect.info
domain: bizoutreachgrowth.info
domain: bizoutreachhub.info
domain: bizoutreachnetwork.info
domain: bizoutreachpartners.info
domain: bizoutreachsynergy.info
domain: bizoutreachteam.info
domain: bizpartnersconnect.info
domain: bizpartnersgrowth.info
domain: bizpartnership.info
domain: bizpartnershub.info
domain: bizpartnersnetwork.info
domain: bizpartnerzone.info
domain: bizprogress.info
domain: bizscaling.info
domain: bizscope.info
domain: bizsuccessboost.info
domain: bizsuccessgroup.info
domain: bizsuccessgrow.info
domain: bizsuccesshub.info
domain: bizsuccessjoint.info
domain: bizsynergize.info
domain: bizsynergy.info
domain: bizsynergyconnect.info
domain: bizsynergygroup.info
domain: businessnetworkhub.info
domain: businessoutreach.info
domain: businesssynergyhub.info
domain: businessteamwork.info
domain: collabboost.info
domain: collabbridge.info
domain: collabconnectivity.info
domain: collabconnectnetwork.info
domain: collabconnectors.info
domain: collabfirm.info
domain: collabfirmconnect.info
domain: collabfirmgroup.info
domain: collabgrowconnect.info
domain: collabgrowfirm.info
domain: collabjoint.info
domain: collabjump.info
domain: collablink.info
domain: collabnetwork.info
domain: collabnetworkgrowth.info
domain: collabnetworksynergy.info
domain: collaboratebiz.info
domain: collaborateconnect.info
domain: collaborategrowth.info
domain: collaborategrowthhub.info
domain: collaboratehub.info
domain: collabteams.info
domain: collabteamwork.info
domain: collabventures.info
domain: collabventuresgrow.info
domain: collabzone.info
domain: connectadvance.info
domain: connectfirm.info
domain: connectfirmventures.info
domain: connectgrow.info
domain: connectgrowthhub.info
domain: connectgrowthnetwork.info
domain: connectioncollab.info
domain: connectionnetwork.info
domain: connectionpartners.info
domain: connectionpath.info
domain: connectionteam.info
domain: connectivitygrowth.info
domain: connectivityhub.info
domain: connectivitynet.info
domain: connectivityoutreach.info
domain: connectivitypartners.info
domain: connectivitysynergy.info
domain: connectjoint.info
domain: connectpartners.info
domain: connectpartnership.info
domain: connectsynergic.info
domain: connectsynergize.info
domain: connectsynergy.info
domain: connectsynergyhub.info
domain: connectteam.info
domain: expandconnect.info
domain: expandfirm.info
domain: expandjoint.info
domain: expandsynergy.info
domain: expandteam.info
domain: firmadvance.info
domain: firmboost.info
domain: firmboostjumpconnect.info
domain: firmboostventures.info
domain: firmbridge.info
domain: firmcollab.info
domain: firmconnect.info
domain: firmconnectgroup.info
domain: firmconnectgrow.info
domain: firmconnectivity.info
domain: firmconnectpath.info
domain: firmconnectscope.info
domain: firmconnectventures.info
domain: firmcrew.info
domain: firmcrewconnect.info
domain: jointgrowthcircle.info
domain: jointgrowthcollaborate.info
domain: jointgrowthconnect.info
domain: jointgrowthedge.info
domain: jointgrowthfusion.info
domain: jointgrowthgroup.info
domain: jointgrowthguide.info
domain: jointgrowthhq.info
domain: jointgrowthhub.info
domain: jointgrowthlab.info
domain: jointgrowthnet.info
domain: jointgrowthnetwork.info
domain: jointgrowthpartners.info
domain: jointgrowthplus.info
domain: jointgrowthservices.info
domain: jointgrowthsolutions.info
domain: jointgrowthtools.info
domain: jointgrowthunity.info
domain: jointgrowthworks.info
domain: jointgrowthworld.info
domain: jointgrowthzone.info
domain: maxgrowthalliance.info
domain: maxgrowthbridge.info
domain: maxgrowthcentral.info
domain: maxgrowthcircle.info
domain: outreachconnectivity.info
domain: outreachconnectors.info
domain: outreachdynamics.info
domain: outreachfirm.info
domain: outreachgrowthhub.info
domain: successgrow.info
domain: teamworkoutreach.info
domain: teamworkpartners.info
domain: teamworksynergies.info
domain: teamworksynergy.info
domain: teamworkzone.info
domain: teamzoneconnect.info
domain: teamzonegrow.info
domain: ventureboost.info
domain: venturecrew.info
domain: venturefirmconnect.info
domain: venturesgrowhub.info
domain: venturesgrowth.info
domain: venturesgrowthboost.info
domain: venturesgrowthfirm.info
domain: venturesjoint.info
domain: venturesjointconnect.info
domain: venturesuccess.info
domain: venturesuccesshub.info
domain: venturesuccesszone.info
url: https://api.github.com/repos/stamparm/maltrail/commits/ecf1024364539a067731e86daae4f97d7f8b43d1
domain: anotherkindofdrew.com
domain: astralpacketcore2.lat
domain: cosmicrelayhub2.homes
domain: cosmicrelayhub4.pics
domain: edgepointweb.buzz
domain: everydaygateweb.buzz
domain: fairfieldshop.buzz
domain: frontierbase.buzz
domain: genericflownet.buzz
domain: graystonehub.buzz
domain: hyperdatamesh3.mom
domain: neuralstreamcore2.mom
domain: orbitdatasync1.sbs
domain: orbitdatasync5.pics
domain: stellarnodehub2.baby
domain: stellarnodehub4.pics
domain: ultranodecluster1.lat
url: https://api.github.com/repos/stamparm/maltrail/commits/63bf4ea6c4196180433ec4170812ca00378291a4
domain: agentq.digital
domain: astralpacketcore1.cyou
domain: astralpacketcore1.lat
domain: astralpacketcore3.cyou
domain: astralpacketcore4.baby
domain: astralpacketcore5.mom
domain: astralpacketcore5.pics
domain: cosmicrelayhub1.pics
domain: cosmicrelayhub1.xyz
domain: cosmicrelayhub2.pics
domain: cosmicrelayhub3.baby
domain: cosmicrelayhub3.mom
domain: cosmicrelayhub3.pics
domain: cosmicrelayhub4.baby
domain: cosmicrelayhub4.cfd
domain: cosmicrelayhub5.lol
domain: dataprismcore2.cyou
domain: dataprismcore3.cfd
domain: fluxstoragehub4.sbs
domain: fluxstoragehub5.cyou
domain: fotbal247.com
domain: gumbollworks.com
domain: hyperdatamesh2.baby
domain: hyperdatamesh2.cyou
domain: hyperdatamesh2.lat
domain: hyperdatamesh3.xyz
domain: hyperdatamesh4.lat
domain: hyperdatamesh4.lol
domain: hyperdatamesh5.baby
domain: hyperdatamesh5.lat
domain: hyperdatamesh5.pics
domain: luxfork.com
domain: mmdemo.online
domain: moneycompasshq.com
domain: nebulasyncforge2.mom
domain: nebulasyncforge2.sbs
domain: nebulasyncforge3.cyou
domain: nebulasyncforge4.mom
domain: neuralstreamcore1.cfd
domain: neuralstreamcore1.mom
domain: neuralstreamcore1.pics
domain: neuralstreamcore1.xyz
domain: neuralstreamcore2.cyou
domain: neuralstreamcore2.homes
domain: neuralstreamcore2.lat
domain: neuralstreamcore2.lol
domain: neuralstreamcore2.sbs
domain: neuralstreamcore3.baby
domain: neuralstreamcore3.lol
domain: neuralstreamcore3.pics
domain: neuralstreamcore3.xyz
domain: neuralstreamcore4.cfd
domain: neuralstreamcore4.homes
domain: neuralstreamcore4.lol
domain: neuralstreamcore4.mom
domain: neuralstreamcore5.baby
domain: neuralstreamcore5.cfd
domain: neuralstreamcore5.xyz
domain: orbitdatasync1.cyou
domain: orbitdatasync1.homes
domain: orbitdatasync1.mom
domain: orbitdatasync2.cyou
domain: orbitdatasync2.lol
domain: orbitdatasync2.mom
domain: orbitdatasync2.pics
domain: orbitdatasync4.baby
domain: orbitdatasync4.mom
domain: orbitdatasync4.sbs
domain: orbitdatasync5.cfd
domain: orbitdatasync5.cyou
domain: orbitstreamvault1.cfd
domain: orbitstreamvault2.mom
domain: orbitstreamvault3.baby
domain: orbitstreamvault4.cfd
domain: orbitstreamvault4.pics
domain: pet-care-mastery.com
domain: quantumcachegrid1.cyou
domain: quantumcachegrid3.homes
domain: quantumcachegrid3.lol
domain: quantumcachegrid4.baby
domain: quantumcachegrid4.lat
domain: quantumcachegrid5.sbs
domain: quantumcachegrid5.xyz
domain: quantumfluxgrid1.lol
domain: quantumfluxgrid2.homes
domain: quantumfluxgrid2.mom
domain: quantumfluxgrid3.lat
domain: quantumfluxgrid3.pics
domain: quantumfluxgrid4.cyou
domain: quantumfluxgrid4.lat
domain: quantumfluxgrid4.lol
domain: quantumfluxgrid4.pics
domain: quantumfluxgrid4.sbs
domain: quantumfluxgrid5.cyou
domain: quantumfluxgrid5.sbs
domain: quantumfluxgrid5.xyz
domain: stellarbackupnode1.lat
domain: stellarbackupnode2.cfd
domain: stellarbackupnode3.cyou
domain: stellarbackupnode3.lat
domain: stellarbackupnode3.xyz
domain: stellarbackupnode4.mom
domain: stellarbackupnode5.homes
domain: stellarnodehub1.baby
domain: stellarnodehub1.cyou
domain: stellarnodehub2.xyz
domain: stellarnodehub3.baby
domain: stellarnodehub3.sbs
domain: stellarnodehub4.cfd
domain: stellarnodehub4.mom
domain: stellarnodehub5.cyou
domain: stellarnodehub5.mom
domain: stellarnodehub5.xyz
domain: ultranodecluster1.baby
domain: ultranodecluster1.pics
domain: ultranodecluster2.cyou
domain: ultranodecluster2.mom
domain: ultranodecluster2.sbs
domain: ultranodecluster3.cyou
domain: ultranodecluster4.cyou
domain: ultranodecluster4.mom
domain: ultranodecluster4.sbs
domain: ultranodecluster5.cfd
domain: ultranodecluster5.mom
domain: webvormgeving.com
url: https://api.github.com/repos/stamparm/maltrail/commits/cf3316b6e2c2b1a9f84c8ea335187850a95f05b9
url: https://x.com/abh1sek/status/2041160413778460947
domain: jsonkeeper.com
url: https://api.github.com/repos/stamparm/maltrail/commits/ec6d60c2c2db17d74118eb9b10aa5152ea6fee64
domain: airvoyagero.com
domain: anydomen.net
domain: kettlewhisper.icu
domain: msne.shop
domain: pauseinterior.xyz
domain: tubestore.digital
domain: 1l.domenpozh.net
domain: d5.tubestore.digital
domain: mail.pauseinterior.xyz
domain: y8.anydomen.net
url: https://api.github.com/repos/stamparm/maltrail/commits/9ccca12a3d438cd4817774e8e1ed4192c220b0f0
url: https://x.com/volrant136/status/2041165158139961381
domain: biglights.net
domain: new88top.com
url: https://api.github.com/repos/stamparm/maltrail/commits/7dc7163aa3d24de432c0007cd74c63f035fde359
domain: biskt.cloud
url: https://api.github.com/repos/stamparm/maltrail/commits/e1610be5466cc96a819b945a7118aff30a318646
domain: tg999.me
url: https://api.github.com/repos/stamparm/maltrail/commits/17ddbbfd69fa7ee3505a61da0a0cba74ba10b0f6
domain: 25vsikqn.easttea.in.net
domain: admin.tg999.me
domain: age-logic.lookyouthful.in.net
domain: amp-v1.amperelose.in.net
domain: anydomen.info
domain: artodigital.id
domain: autoconfig.nokfitwear.com.br
domain: autodiscover.apexdigitech.net
domain: autodiscover.donohosting.com
domain: autodiscover.incubolabs.com
domain: banne-shi.catflow.in.net
domain: big02.bigamyprogramm.in.net
domain: bin-monitor.recycleroach.in.net
domain: brain-scan.neurogrid.in.net
domain: buttonfrost.icu
domain: calc-engine.hammermathemat.in.net
domain: cedarclient.slowcube.in.net
domain: clea-line.inksky.in.net
domain: clearpane.sheetglass.in.net
domain: clevergeriatric.icu
domain: clip-ten.blowoff.in.net
domain: cloth-net.technofabric.in.net
domain: corvet-sync.corvetsynchron.in.net
domain: dbiecm.easttea.in.net
domain: deal-proxy.confoundsoldout.in.net
domain: depoff.flowwow.in.net
domain: design-v1.commundesign.in.net
domain: disc-v9.grimasdiscuss.in.net
domain: esaul-frostline.esaulsnow.in.net
domain: evegelenmasor.xyz
domain: evolution.plataformasai.com
domain: f6.rememberer.digital
domain: face-lift.lookyouthful.in.net
domain: fc.nextbridge.digital
domain: fi.opticforge.digital
domain: g0-data-z9.viametrica.in.net
domain: geo-p1levector.geodesistpile.in.net
domain: hnjutai.net
domain: hot-sauce.caliphsaucy.in.net
domain: hzrenxiao.com
domain: jycxjx.com
domain: kofcsacredhearttampa.org
domain: learn-gate.edunoppress.in.net
domain: maze-check.confoundsoldout.in.net
domain: measur0-mark.backyard.in.net
domain: mesh-cloud.technofabric.in.net
domain: mind-node.neurogrid.in.net
domain: musik.bio
domain: nmgixmc.catflow.in.net
domain: nocode.artodigital.id
domain: openclaw.flowsolo.app
domain: openpure.catflow.in.net
domain: palace-gate.caliphsaucy.in.net
domain: pixel-view.digiframe.in.net
domain: puzz-sync.confoundsoldout.in.net
domain: qvibhf.com
domain: rabbit-v1.rabbitfarm.in.net
domain: reage2-crest.darkboll.in.net
domain: riv3-node.catflat.in.net
domain: secure-key.cryptolayer.in.net
domain: sftpin.com
domain: snack-api.balkarbelyashi.in.net
domain: sorteio.orientefarma.com.br
domain: static-cdn.digiframe.in.net
domain: surveyrock.geodesistpile.in.net
domain: talk-sync.grimasdiscuss.in.net
domain: tanxionglouru.top
domain: tanxionglouru1.top
domain: tanxionglouru2.top
domain: tanxionglouru3.top
domain: tanxionglouru4.top
domain: tanxionglouru5.top
domain: tanxionglouru6.top
domain: tg999.pro
domain: tool-logic.hammermathemat.in.net
domain: tr4d3-sheet.flowwow.in.net
domain: uniatende.noai.com.br
domain: unifi.lan.devusercode.net
domain: w9m2kx.alaspasteur.in.net
domain: wash-logic.okiselwhiten.in.net
domain: weldoxis.in.net
domain: www.evegelenmasor.xyz
domain: www.musik.bio
domain: x5-gate-33.arcostruttura.in.net
domain: xinxinfiber.com
domain: xkiwkg.com
domain: yinshengjiuyu.top
domain: yinshengjiuyu0.top
domain: yinshengjiuyu1.top
domain: yinshengjiuyu2.top
domain: yinshengjiuyu3.top
domain: yinshengjiuyu5.top
domain: zc.xxacgyun.top
domain: swiftyswap.com
url: https://api.github.com/repos/stamparm/maltrail/commits/22e51b6c8fac3f4c739b768f64acb49b9a69cd80
url: https://x.com/smica83/status/2041269758151020655
url: https://tria.ge/260406-1gkbyafs6x/behavioral1
url: https://www.virustotal.com/gui/file/84b6ce21535041f998e7c21a0d426e8ffab18b7575313cc1b070b3f44db1225f/detection
domain: hongkongplazaworks.top
url: https://api.github.com/repos/stamparm/maltrail/commits/b2fd501e75785bc0b3e61f1565d8fda230d17a00
url: https://x.com/malwrhunterteam/status/2041443385647469056
url: https://www.virustotal.com/gui/file/252756d856eda174d3a18c0210a1861476ce7bf286472b91940914e0a6f506f5/detection
ip: 45.142.193.27
ip: 5.252.177.209
domain: ambitions.tech
domain: blockbaster.top
domain: elasysaresearch.biz
domain: goinsideit.com
domain: goinsideitmore.com
domain: gosidefastandpure.com
domain: homeshieldins.org
domain: mikabooks.com
domain: onboardingforzarace.com
domain: powerbioreceipt.com
domain: wingsidedev.monster
url: https://api.github.com/repos/stamparm/maltrail/commits/d7747eeb1b642d4c206132723fa9196fc9e4d508
url: https://x.com/suyog41/status/2041475268716773782
url: https://www.virustotal.com/gui/file/244aa0b040da62acec167007f35658c069df96117bd875005e674e0690e386c6/detection
url: https://www.virustotal.com/gui/file/0e67638a2d2187784a46bcb7d3a26ecda29fb1a0f9df1b4ab6537cf9a2e6aa2f/detection
ip: 185.246.223.75
url: https://api.github.com/repos/stamparm/maltrail/commits/a46d50facebca0d0e95ec6fcfcf5a874ef0f28b7
url: https://www.virustotal.com/gui/file/8f31c06c8e7ea9eb451bf26666ac4a958bb485b2a8b71feace1981633b116c92/detection
url: https://api.github.com/repos/stamparm/maltrail/commits/1723d86ce4eb249b54e695548e00345cdf2ff994
url: https://x.com/fbgwls245/status/2041333078518587563
domain: 6tdqqaxftvradka5d2frzgwixis7fmro7rfh4ettzcx7jfapkebe6jad.onion
url: https://api.github.com/repos/stamparm/maltrail/commits/412404c368f16f86251ca0dd951a26706ca602f6
url: https://x.com/smica83/status/2041480947896344875
url: https://tria.ge/260407-nrj3psgs31/behavioral1
url: https://www.virustotal.com/gui/file/4e718cb2e0972cbf7667b699c0ead3a76bdc9d4a194159e4e5b315cec362f089/detection
ip: 182.16.88.242
domain: vaeth.cn
url: https://api.github.com/repos/stamparm/maltrail/commits/4957e77b3522e23822689b1c263f7d66bd89fccb
url: https://x.com/smica83/status/2041479566724571468
domain: gem-mixed-expert-struct.trycloudflare.com
url: https://api.github.com/repos/stamparm/maltrail/commits/143e8c90d57ea024721e03d2bf8dc12451815e6f
url: https://x.com/sdcyberresearch/status/2041467751928131592
ip: 213.177.179.8
url: https://api.github.com/repos/stamparm/maltrail/commits/9914f05c88276cebf7a3a502f1e8980775cbb973
url: https://www.virustotal.com/gui/file/01a61df6707822b6fdf56ec5cf4a7e144c4b30d56e8ddc2b65577b24d5d4f49d/detection
ip: 103.130.214.71
url: https://api.github.com/repos/stamparm/maltrail/commits/4f3a217196293001ede41b0f594d20a9e5f951a3
domain: teak.gen.tr
url: https://api.github.com/repos/stamparm/maltrail/commits/4d95535806bf5f543380705f7a1732ed59b521a1
url: https://x.com/SansLimit3/status/2041247689736937776
url: https://www.virustotal.com/gui/file/2a0af4ecd6bf09b3fefd1c0c5a2e973bd6aee7877934cf80d3fb5c8bf0108810/detection
ip: 154.194.50.229
domain: 489483896l.top
domain: abp-tw6.top
domain: abrainbladtide.top
domain: addoins.top
domain: admin.fesst.top
domain: admin.rannkinmoneysc.top
domain: advancesc.top
domain: agqot2451.top
domain: akin.defencingm.top
domain: allforoons.top
domain: ap6w-tf4.top
domain: aphalxixpanel.top
domain: app.abrainbladtide.top
domain: app.busting0setup.top
domain: app.pinnnoplockzuz.top
domain: app.rnewamikol01.top
domain: appllus.top
domain: atbhu-25.top
domain: azhelp.top
domain: bizabizadealsvvi.top
domain: blinksings.top
domain: bookviriandeals.top
domain: bp6yr-79.top
domain: breenchwithoutborders.top
domain: bsupport.top
domain: buissine.top
domain: burffring.top
domain: busting0setup.top
domain: c63av-i8.top
domain: carecsj.top
domain: ccxpanelx.top
domain: cheaptousscreen.top
domain: chepoz.top
domain: connect-invite.top
domain: connectguru.top
domain: corematrixadmin.top
domain: crenmolate.top
domain: debugbuddybi.top
domain: defencingm.top
domain: demssz-nnow.top
domain: dentallifecoaching.top
domain: digitalconnectappuser.top
domain: dinsons.top
domain: dmcmd.top
domain: drclosermendeals71l.top
domain: drsol.top
domain: dzy.secureset.top
domain: emishop.top
domain: emistocks.top
domain: emptytolerance.top
domain: ep7e-3ed.top
domain: fesnings.top
domain: fesst.top
domain: fslkjhgfdd.top
domain: futummn.top
domain: getleets.top
domain: godpanel.top
domain: granitepeaknet.top
domain: greatmosts.top
domain: gronot.top
domain: gsmpro.top
domain: gtstore.top
domain: guce.blinksings.top
domain: hantfaconnect.top
domain: haskba.top
domain: helpbsl.top
domain: hiddenconsole.top
domain: hitpanel.top
domain: hk.secureset.top
domain: hkrabag.top
domain: holtvad.top
domain: homenmade.top
domain: hopics.top
domain: idpcare.top
domain: jamscreen.top
domain: jboi.top
domain: jdsfrw-11.top
domain: jellybot.top
domain: kailefoodsdeals.top
domain: kellyxxpanel.top
domain: lmf-93dy.top
domain: loveenin.top
domain: lzior-95a.top
domain: mainpatron.top
domain: mdr-xe4s.top
domain: mhrapanl.top
domain: myscreenfriend.top
domain: naturalpath.top
domain: natyiepanel.top
domain: neondebuggerbi.top
domain: nerdshubsavvy.top
domain: newtimfor.top
domain: nexusbackendsys.top
domain: obstrinitromanual.top
domain: offslinses.top
domain: oqtii2skreen.top
domain: orikori.orireofero.top
domain: orireofero.top
domain: owlxpc.top
domain: parlless.top
domain: pinnnoplockzuz.top
domain: potarucu.top
domain: rannkinmoneysc.top
domain: recordadaptersbiz.top
domain: reservservers.top
domain: retoup.top
domain: reywnotification.top
domain: rnewamikol01.top
domain: ruthl3ssw1zard.top
domain: scr90.top
domain: secure.obstrinitromanual.top
domain: secure.varfootball.top
domain: secureset.top
domain: signto.top
domain: snoopofthe.top
domain: stacks-sc.top
domain: stayingsan3.top
domain: stewise.top
domain: stocksmarket.top
domain: sukriopeap.top
domain: supersender.top
domain: support.snoopofthe.top
domain: thefixwizardbyte.top
domain: thelifechurchhomebas.top
domain: twirrewnss.top
domain: tzthelp.top
domain: udcare.top
domain: uniccloud.top
domain: uzvlive.top
domain: varfootball.top
domain: voxilate.top
domain: worydwidehuc.top
domain: wphelp.top
domain: yufuiosiwk.top
domain: zaza1sm1.top
domain: zcmpro.top
domain: ziy8-fd4.top
domain: zscrewssa.top
domain: zynthara.top
url: https://api.github.com/repos/stamparm/maltrail/commits/64213cdad82b338fa4ab4e32920af458ad247b68
url: https://api.github.com/repos/stamparm/maltrail/commits/49bb3d604550e408abe9ac2de4fb7416a7cea7e4
domain: millimanonlinelogin.go2omega.com
url: https://api.github.com/repos/stamparm/maltrail/commits/c801f96ed12a6d7dc7769fd3792dab4414f25fa2
domain: 9goooglemeetts.live
domain: descamisad.sbs
domain: nexttoconnekt.click
url: https://api.github.com/repos/stamparm/maltrail/commits/4127d3dcc3590c947a81bb869b6a24feac94a50d
domain: siteinsight.bond
domain: 9r.vc-whatsapp.hl.cn
domain: 9t.tg-whatsapp.hl.cn
domain: 9v.uh-whatsapp.hl.cn
domain: akmzr-whatsapp.com.cn
domain: axqtp-whatsapp.hl.cn
domain: axrqp-whatsapp.com.cn
domain: dzqvp-whatsapp.com.cn
domain: fqpmr-whatsapp.hl.cn
domain: fzqmr-whatsapp.com.cn
domain: gqvxt-whatsapp.com.cn
domain: kzpmr-whatsapp.hl.cn
domain: lmqxt-whatsapp.com.cn
domain: mlqzr-whatsapp.com.cn
domain: mqvtr-whatsapp.com.cn
domain: mxptr-whatsapp.com.cn
domain: mxqvr-whatsapp.com.cn
domain: pqvxm-whatsapp.com.cn
domain: rmxqt-whatsapp.com.cn
domain: rtzmq-whatsapp.com.cn
domain: tg-whatsapp.hl.cn
domain: uh-whatsapp.hl.cn
domain: vbqmr-whatsapp.hl.cn
domain: vc-whatsapp.hl.cn
domain: wss-akzwr-whatsapp.com.cn
domain: wss-bvkpa-whatsapp.com.cn
domain: wss-lmtrx-whatsapp.com.cn
domain: wss-lpmqr-whatsapp.com.cn
domain: wss-nqzrv-whatsapp.com.cn
domain: wss-pzlmx-whatsapp.com.cn
domain: wss-qrtxp-whatsapp.com.cn
domain: wss-rwkxm-whatsapp.com.cn
domain: wss-rxzma-whatsapp.com.cn
domain: wss-vmpxr-whatsapp.com.cn
domain: wss-wxkpt-whatsapp.com.cn
domain: wss-zpqva-whatsapp.com.cn
domain: zrkpm-whatsapp.hl.cn
url: https://api.github.com/repos/stamparm/maltrail/commits/203c726cef7a46f6ef47a9f174f9088222bf070e
url: https://www.netskope.com/blog/from-clickfix-to-maas-exposing-a-modular-windows-rat-and-its-admin-panel
url: https://github.com/netskopeoss/NetskopeThreatLabsIOCs/blob/main/Malware/NodeJS_MAAS/IOCs/README.md
domain: cloud-verificate.com
domain: yuhvgbzsa66biqeatbmdvfo5b5jjefcmz5t2vjuvco5qtdkshfpabyid.onion
url: https://api.github.com/repos/stamparm/maltrail/commits/9c196058e44957ac845f48589874712baf74a3dd
url: https://x.com/BushidoToken/status/2039303939347365989
url: https://www.team-cymru.com/post/yurei-double-extortion-ransomware-campaign-toolkit
ip: 44.210.101.86
ip: 44.223.40.182
url: https://api.github.com/repos/stamparm/maltrail/commits/b8e96294d745e0c0134aaa89002e5ca681920153
url: https://www.virustotal.com/gui/file/18f79e4032e8ad64ac4c25aed4f2e9e6e510582d45a6126b9184a307a9ca480a/detection
url: https://www.virustotal.com/gui/file/68829f1aaf370b9199d3b3ceb90ddb1516caef6582369aa4ca1740c7d617de70/detection
ip: 91.196.32.232
url: https://api.github.com/repos/stamparm/maltrail/commits/458d167fb7afd53510e539ef9d5cc2a55490772f
ip: 34.29.255.251
url: https://api.github.com/repos/stamparm/maltrail/commits/6c7a2663b26e3e41057ba658f235425e7272fec4
url: https://x.com/1ZRR4H/status/2041514871875932395
domain: google-meetingsnow.click
domain: google-meetingsnow.us
domain: googlemeet-meetings.us
domain: googlemeetmenow.us
domain: hollycanvas.xyz
domain: meeting-live.site
domain: googlemeet.meeting-live.site
domain: googlemeeting.meeting-live.site
domain: invite.hollycanvas.xyz
domain: mail.google-meetingsnow.us
domain: mail.googlemeet-meetings.us
domain: mail.googlemeetmenow.us
domain: meet.google-meetingsnow.us
url: https://api.github.com/repos/stamparm/maltrail/commits/82db040e5e00dd26b8763ad4e398671e39fac12d
url: https://safedep.io/malicious-npm-strapi-plugin-events-c2-agent
ip: 144.31.107.231
url: https://api.github.com/repos/stamparm/maltrail/commits/1a16f2ab1ff630c51244ad1cc8e4e0c7c0883b1b
url: https://x.com/miltinh0c/status/2041130081372852516
domain: blazingapss12.cfd
domain: blazingapss8.cfd
domain: yesjis.com
url: https://api.github.com/repos/stamparm/maltrail/commits/a75d4cbfc3ca5c353fb6d642818983780b2165d6
domain: instantmeeting.live
url: https://api.github.com/repos/stamparm/maltrail/commits/c97b4ce8d0232fa41ff26fab5cf32104f7897e4e
url: https://www.virustotal.com/gui/ip-address/91.92.243.168/relations
domain: podiat.cyou
domain: smeltd.cyou
url: https://api.github.com/repos/stamparm/maltrail/commits/a870a3af1ab1eafb4a8e0249cbc02cf4343f5154
url: https://x.com/ctrlaltintel/status/2041525537068232997
domain: 3commas.icu
domain: accessrecovery.info
domain: ai-game.us4web-zoom.com
domain: app.sypraf-group.com
domain: app.us01zoom.com
domain: app.us04zoom.com
domain: app.us4web-zoom.com
domain: aushomeaffairs.com
domain: awaresec.de
domain: bezirk-niderbayern.de
domain: brandeins-magazin.de
domain: broonerconstructionmeetings.com
domain: bsi-bund.info
domain: catatankerja.online
domain: chat.neoscribe.us
domain: checkthatout.com
domain: connect-zoom.info
domain: de06web.zoom.com.de
domain: devegas.fun
domain: eco-gear.us4web-zoom.com
domain: ensdomain.org
domain: epa2.de
domain: frankfurt-1.threeletters.tech
domain: ftp.checkthatout.com
domain: ftp.us04web-zoom.eu
domain: greenwayauto.sale
domain: hamwdeonf.xyz
domain: healthlinepulse.com
domain: hermes-holding-it.de
domain: huramovies.mov
domain: invitezoom.xyz
domain: ip54.ip-51-89-220.eu
domain: ipv6.srv541312.hstgr.cloud
domain: jmpconf.com
domain: join-meeting-invite-id-567765.nasbv.site
domain: kattenn.com
domain: kdga.be
domain: link.us4web-zoom.com
domain: livechatzoomsession.com
domain: mail.accessrecovery.info
domain: mail.srv541312.hstgr.cloud
domain: mail.us11webzoom.com
domain: mail.uswebmeetings06.com
domain: mail.uswebmeetingzoom03.com
domain: mail.uswebzoom03.com
domain: mail.zoommeets.us
domain: match.us4web-zoom.com
domain: meeting.rilara.workers.dev
domain: meetting.zoomus.work
domain: millies.pics.ngrok.pro
domain: ministeriumbw.de
domain: mw.zoorn.me
domain: my-zoom-meeting.us
domain: my-zoom.us
domain: mywebmeetingz.com
domain: naviprotocol.us
domain: nextvmserver.xyz
domain: ns1.smpawsumber.sch.id
domain: ns2.smpawsumber.sch.id
domain: opportunitypresentation.com
domain: postal-net.co.za
domain: private.zoomconnet.online
domain: realtimezoomsession.com
domain: recovery-coldcard.com
domain: rilara.workers.dev
domain: secure-zoom.com
domain: secure.solzerrealestate.com
domain: secure.us4web-zoom.com
domain: siemenshealth.eu
domain: smcn.edu.ar
domain: solzerrealestate.com
domain: srv541312.hstgr.cloud
domain: stadtverwaltung-bad-toelz.de
domain: sypraf-group.com
domain: test.us4web-zoom.com
domain: theagilepotato.com
domain: tiaodongdog.cloud
domain: us01zoom.com
domain: us02web-zoom-us-j-9898711911pwd-zuhaiunzlpctcrumlydjz09omn.pages.dev
domain: us03zoom.us
domain: us04web-zoom.eu
domain: us04zoom.com
domain: us06webs.com
domain: us07webszoom.us
domain: us11webzoom.com
domain: us38web.us
domain: us4web-zoom.com
domain: us80web-zoom.us
domain: us90web.us
domain: uswebmeetings06.com
domain: uswebmeetingzoom03.com
domain: uswebzoom03.com
domain: valannia.xyz
domain: voicetech.institute
domain: vw.voicetech.institute
domain: wc-42j.pages.dev
domain: web-updates.com
domain: web-zoom.cloud
domain: web-zoom.eu
domain: web.us4web-zoom.com
domain: web01shjfdxskljgvxdsfy.us.logfiles.help
domain: webdisk.srv541312.hstgr.cloud
domain: webmail.srv541312.hstgr.cloud
domain: webzoominvite05za.us
domain: webzoominvite05za.us.logfiles.help
domain: whm.srv541312.hstgr.cloud
domain: zoom-meet.info
domain: zoom-meeting.yhcyapi.com
domain: zoom-meetingnow.us
domain: zoom-metting.worktoolz.fun
domain: zoom-opy2wnlywlc7zqdhdhdeyjn1gnij3u.zk1x.com
domain: zoom-x2l120fe7yq3t0.jigrayco.com
domain: zoom.awaresec.de
domain: zoom.bayern-lda.de
domain: zoom.beta.dataviberpm.com
domain: zoom.brandeins-magazin.de
domain: zoom.ciudadanos-cs.org
domain: zoom.das-reha-portal.de
domain: zoom.datavibe.com
domain: zoom.epa2.de
domain: zoom.flilx.cn
domain: zoom.icon-league.de
domain: zoom.institution-medizin.de
domain: zoom.jenbunk.com
domain: zoom.maoffers.net
domain: zoom.markt-gapa.de
domain: zoom.ministeriumbw.de
domain: zoom.oberbayern-bezirk.de
domain: zoom.themovie.group
domain: zoom.us.who3.info
domain: zoom.us38web.us
domain: zoom.us4web-zoom.com
domain: zoom.us90web.us
domain: zoomcalls.xyz
domain: zoomconnet.online
domain: zoommeets.us
domain: zoomupgrade.com
domain: zooom-cal-imvite-zoom-session.org
domain: zoooomm.it.com
domain: zooooom.it.com
domain: zoorn.me

Source: CIRCL OSINT Feed

Published: Mon Apr 06 2026

Maltrail IOC for 2026-04-07

Medium

Malwaretlp:clear malware misp:threat-level="medium-risk"misp:event-type="observation"misp:automation-level="unsupervised"type:osint osint:lifetime="perpetual"osint:source-type="manual-collection"

Published: Mon Apr 06 2026 (04/06/2026, 00:00:00 UTC)

Source: CIRCL OSINT Feed

Vendor/Project: tlp

Product: clear

Description

Maltrail IOC for 2026-04-07

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 04/07/2026, 17:46:07 UTC

Technical Analysis

Potential Impact

Mitigation Recommendations

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Uuid: e4635f7f-a3e2-4b68-932b-44411b27ae88
Original Timestamp: 1775577631

Indicators of Compromise

Url

Value	Description	Copy
urlhttps://api.github.com/repos/stamparm/maltrail/commits/e80d3fab22f4d3fc0c1ff37a51a0afe2ad3fc7fb	apt_unc6691
urlhttps://api.github.com/repos/stamparm/maltrail/commits/400eac356c69beefd3b2edd58edb3777fcf1f576	adaptix_c2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/9efe67eeaa48b5f6d91e692f5620483a718c5f29	hak5cloud_c2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/d51204cdb47fac97375ba271d6bc255e93e97cd4	lummac2
urlhttps://www.virustotal.com/gui/file/81e2a43a2e5ff619294d195aaaba2eb9c7d3d4bdbb19fce5adf262857a237fe5/detection	lummac2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/c5617a29e5221a268a23562657c1a779f35aeb3f	lummac2
urlhttps://www.virustotal.com/gui/file/6c1450fdd81c480196863e6fe65af06d2024aef1adb9ab6074f16ba7fdfec83e/detection	lummac2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/2db19b77daa44af51f50d09f9a189e9dc9676175	lummac2
urlhttps://www.virustotal.com/gui/file/004691505ae774938b46b7191ea9f216b391c705eef3b86fec3c2921c75f54f0/detection	lummac2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/9b8f767c26ae802c5fb1b45840c2feb7e9ac62f5	lummac2
urlhttps://www.virustotal.com/gui/file/243764069cc3793e4817a3dccb74a945f0e4a4dd41d87e67912f5359bbf62f16/detection	lummac2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/e03bef747a0c68a41154e46b2e0ad3eed5093fe8	offloader
urlhttps://api.github.com/repos/stamparm/maltrail/commits/0ffa179007a3405628423f9729a5013f40b6efe7	supershell_c2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/96d0454171218ec6c5dada0acdfc37b84fec3557	lummac2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/237ebf640040be7b2e06e6d29974e8f01379d130	ta569
urlhttps://www.virustotal.com/gui/file/1e1612621c12fa11bfa02e45eec71d55ad6e9850bd45005ba6f0b5d957c8f343/detection	ta569
urlhttps://www.virustotal.com/gui/file/48bc0ca70c2d1fea34ee60c818fa0fa1dc80cf8dc64182d9293888968d3857a0/detection	ta569
urlhttps://api.github.com/repos/stamparm/maltrail/commits/67bccab87569c65186ae56b2c84c7d9a8afe7ac7	ek_zphp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/5421ea0119991d970553c790289faa76d3978a9a	powershell_injector
urlhttps://www.virustotal.com/gui/file/37721e6b938293cab3193367c9f53226baef67eb3b233c76aef376ad0ca42106/detection	powershell_injector
urlhttps://api.github.com/repos/stamparm/maltrail/commits/68db47f74de85cd6d0a693b300174ec86abf5b52	apt_unc2465
urlhttps://api.github.com/repos/stamparm/maltrail/commits/777091c09fcbb5a37b9dd3976317140862b88dbe	android_joker
urlhttps://api.github.com/repos/stamparm/maltrail/commits/078da743485e63a4b23da153b193df6d6ae28ab0	microstealer
urlhttps://api.github.com/repos/stamparm/maltrail/commits/a4f47a8d01955d033ce0485c90cced1d939a74ac	osx_atomic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/bf13f4e6ce94a0e52465b6f98c83188fdfea65c4	flag
urlhttps://x.com/Fact_Finder03/status/2041413960940085524	flag
urlhttps://api.github.com/repos/stamparm/maltrail/commits/c2515d7a57e43e2ca952cf413fd8a2ba5ccae67f	apt_bluenoroff
urlhttps://x.com/_SEAL_Org/status/2041289021503005128	apt_bluenoroff
urlhttps://api.github.com/repos/stamparm/maltrail/commits/34554bc365fc08983f153f9903b2f64e54aae362	powershell_injector
urlhttps://x.com/ShanHolo/status/2041417789483708689	powershell_injector
urlhttps://www.virustotal.com/gui/file/7766ba103dc56f1f6c0ee9fadeb0cfe79327a3264863dbed25dd7f37d9abe04a/detection	powershell_injector
urlhttps://api.github.com/repos/stamparm/maltrail/commits/0d4e94e4f97ccdac6a89ded74e11286717a931aa	exa
urlhttps://x.com/Fact_Finder03/status/2041392682145374395	exa
urlhttps://api.github.com/repos/stamparm/maltrail/commits/9f8ddec4db9fa3ac04e34de10d352af9fb48634e	aurac2
urlhttps://x.com/whoamix302/status/2041107798575181983	aurac2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/78e679504a666b85db680c3021df2bd20ec0a413	blackteam
urlhttps://x.com/Fact_Finder03/status/2041416508421849211	blackteam
urlhttps://api.github.com/repos/stamparm/maltrail/commits/eeeda038a6485e1dbfd0b8cf6d9ef75360628488	generic
urlhttps://x.com/smica83/status/2040192208138096669	generic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/ecf1024364539a067731e86daae4f97d7f8b43d1	osx_atomic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/63bf4ea6c4196180433ec4170812ca00378291a4	osx_atomic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/cf3316b6e2c2b1a9f84c8ea335187850a95f05b9	hacked_npmrepos
urlhttps://x.com/abh1sek/status/2041160413778460947	hacked_npmrepos
urlhttps://api.github.com/repos/stamparm/maltrail/commits/ec6d60c2c2db17d74118eb9b10aa5152ea6fee64	osx_atomic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/9ccca12a3d438cd4817774e8e1ed4192c220b0f0	osx_atomic
urlhttps://x.com/volrant136/status/2041165158139961381	osx_atomic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/7dc7163aa3d24de432c0007cd74c63f035fde359	android_joker
urlhttps://api.github.com/repos/stamparm/maltrail/commits/e1610be5466cc96a819b945a7118aff30a318646	ek_clearfake
urlhttps://api.github.com/repos/stamparm/maltrail/commits/17ddbbfd69fa7ee3505a61da0a0cba74ba10b0f6	ek_clearfake
urlhttps://api.github.com/repos/stamparm/maltrail/commits/22e51b6c8fac3f4c739b768f64acb49b9a69cd80	maskgram
urlhttps://x.com/smica83/status/2041269758151020655	maskgram
urlhttps://tria.ge/260406-1gkbyafs6x/behavioral1	maskgram
urlhttps://www.virustotal.com/gui/file/84b6ce21535041f998e7c21a0d426e8ffab18b7575313cc1b070b3f44db1225f/detection	maskgram
urlhttps://api.github.com/repos/stamparm/maltrail/commits/b2fd501e75785bc0b3e61f1565d8fda230d17a00	netsupport
urlhttps://x.com/malwrhunterteam/status/2041443385647469056	netsupport
urlhttps://www.virustotal.com/gui/file/252756d856eda174d3a18c0210a1861476ce7bf286472b91940914e0a6f506f5/detection	netsupport
urlhttps://api.github.com/repos/stamparm/maltrail/commits/d7747eeb1b642d4c206132723fa9196fc9e4d508	yanisma
urlhttps://x.com/suyog41/status/2041475268716773782	yanisma
urlhttps://www.virustotal.com/gui/file/244aa0b040da62acec167007f35658c069df96117bd875005e674e0690e386c6/detection	yanisma
urlhttps://www.virustotal.com/gui/file/0e67638a2d2187784a46bcb7d3a26ecda29fb1a0f9df1b4ab6537cf9a2e6aa2f/detection	yanisma
urlhttps://api.github.com/repos/stamparm/maltrail/commits/a46d50facebca0d0e95ec6fcfcf5a874ef0f28b7	quasarrat
urlhttps://www.virustotal.com/gui/file/8f31c06c8e7ea9eb451bf26666ac4a958bb485b2a8b71feace1981633b116c92/detection	quasarrat
urlhttps://api.github.com/repos/stamparm/maltrail/commits/1723d86ce4eb249b54e695548e00345cdf2ff994	audit_ransomware
urlhttps://x.com/fbgwls245/status/2041333078518587563	audit_ransomware
urlhttps://api.github.com/repos/stamparm/maltrail/commits/412404c368f16f86251ca0dd951a26706ca602f6	gh0strat
urlhttps://x.com/smica83/status/2041480947896344875	gh0strat
urlhttps://tria.ge/260407-nrj3psgs31/behavioral1	gh0strat
urlhttps://www.virustotal.com/gui/file/4e718cb2e0972cbf7667b699c0ead3a76bdc9d4a194159e4e5b315cec362f089/detection	gh0strat
urlhttps://api.github.com/repos/stamparm/maltrail/commits/4957e77b3522e23822689b1c263f7d66bd89fccb	generic
urlhttps://x.com/smica83/status/2041479566724571468	generic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/143e8c90d57ea024721e03d2bf8dc12451815e6f	magentocore
urlhttps://x.com/sdcyberresearch/status/2041467751928131592	magentocore
urlhttps://api.github.com/repos/stamparm/maltrail/commits/9914f05c88276cebf7a3a502f1e8980775cbb973	elf_gafgyt
urlhttps://www.virustotal.com/gui/file/01a61df6707822b6fdf56ec5cf4a7e144c4b30d56e8ddc2b65577b24d5d4f49d/detection	elf_gafgyt
urlhttps://api.github.com/repos/stamparm/maltrail/commits/4f3a217196293001ede41b0f594d20a9e5f951a3	offloader
urlhttps://api.github.com/repos/stamparm/maltrail/commits/4d95535806bf5f543380705f7a1732ed59b521a1	connectwise
urlhttps://x.com/SansLimit3/status/2041247689736937776	connectwise
urlhttps://www.virustotal.com/gui/file/2a0af4ecd6bf09b3fefd1c0c5a2e973bd6aee7877934cf80d3fb5c8bf0108810/detection	connectwise
urlhttps://api.github.com/repos/stamparm/maltrail/commits/64213cdad82b338fa4ab4e32920af458ad247b68	offloader
urlhttps://api.github.com/repos/stamparm/maltrail/commits/49bb3d604550e408abe9ac2de4fb7416a7cea7e4	fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/c801f96ed12a6d7dc7769fd3792dab4414f25fa2	fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/4127d3dcc3590c947a81bb869b6a24feac94a50d	fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/203c726cef7a46f6ef47a9f174f9088222bf070e	osx_nova
urlhttps://www.netskope.com/blog/from-clickfix-to-maas-exposing-a-modular-windows-rat-and-its-admin-panel	osx_nova
urlhttps://github.com/netskopeoss/NetskopeThreatLabsIOCs/blob/main/Malware/NodeJS_MAAS/IOCs/README.md	osx_nova
urlhttps://api.github.com/repos/stamparm/maltrail/commits/9c196058e44957ac845f48589874712baf74a3dd	yurei
urlhttps://x.com/BushidoToken/status/2039303939347365989	yurei
urlhttps://www.team-cymru.com/post/yurei-double-extortion-ransomware-campaign-toolkit	yurei
urlhttps://api.github.com/repos/stamparm/maltrail/commits/b8e96294d745e0c0134aaa89002e5ca681920153	powershell_injector
urlhttps://www.virustotal.com/gui/file/18f79e4032e8ad64ac4c25aed4f2e9e6e510582d45a6126b9184a307a9ca480a/detection	powershell_injector
urlhttps://www.virustotal.com/gui/file/68829f1aaf370b9199d3b3ceb90ddb1516caef6582369aa4ca1740c7d617de70/detection	powershell_injector
urlhttps://api.github.com/repos/stamparm/maltrail/commits/458d167fb7afd53510e539ef9d5cc2a55490772f	cyberstrikeai
urlhttps://api.github.com/repos/stamparm/maltrail/commits/6c7a2663b26e3e41057ba658f235425e7272fec4	fakeapp
urlhttps://x.com/1ZRR4H/status/2041514871875932395	fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/82db040e5e00dd26b8763ad4e398671e39fac12d	hacked_npmrepos
urlhttps://safedep.io/malicious-npm-strapi-plugin-events-c2-agent	hacked_npmrepos
urlhttps://api.github.com/repos/stamparm/maltrail/commits/1a16f2ab1ff630c51244ad1cc8e4e0c7c0883b1b	fakeapp
urlhttps://x.com/miltinh0c/status/2041130081372852516	fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/a75d4cbfc3ca5c353fb6d642818983780b2165d6	fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/c97b4ce8d0232fa41ff26fab5cf32104f7897e4e	lummac2
urlhttps://www.virustotal.com/gui/ip-address/91.92.243.168/relations	lummac2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/a870a3af1ab1eafb4a8e0249cbc02cf4343f5154	fakeapp
urlhttps://x.com/ctrlaltintel/status/2041525537068232997	fakeapp

Domain

Value	Description	Copy
domain54mx4.com	apt_unc6691
domaingreensignal.vip	adaptix_c2
domainadmin.thotera.com	hak5cloud_c2
domainautoconfig.thotera.com	hak5cloud_c2
domainpolishswimgownsayjwui.shops	lummac2
domainstxarnavig.live	lummac2
domaindynamiczl.lives	lummac2
domainpolishswimgownsayjwui.shop	lummac2
domaindynamiczl.live	lummac2
domainboreholeconstruction.org	lummac2
domainboardmagic.info	offloader
domaincountrypipe.space	offloader
domainspoonducks.cfd	offloader
domaintoothdinosaurs.space	offloader
domaincertif.cyou	lummac2
domaingooseg.cyou	lummac2
domainhidatt.cyou	lummac2
domainpolecy.cyou	lummac2
domainst-images.socalpocis.org	ta569
domainblitomra.top	ek_zphp
domainbruvqqex.top	ek_zphp
domainbruxelti.top	ek_zphp
domaindreniko.top	ek_zphp
domainmunqera.top	ek_zphp
domainqanivor.top	ek_zphp
domainqerunvax.top	ek_zphp
domainqlorexa.top	ek_zphp
domainramvito.top	ek_zphp
domaintirqavem.top	ek_zphp
domainwexlunto.top	ek_zphp
domainzorpelix.top	ek_zphp
domainworkbenche.com	apt_unc2465
domainworkbencn.com	apt_unc2465
domainworkbenech.com	apt_unc2465
domaincleaf.uno	android_joker
domaindeeliy.store	android_joker
domainosminor.com	microstealer
domainproject-stor129585.pages.dev	osx_atomic
domainfukugyoulog.com	osx_atomic
domainflagbrother.uk	flag
domainuk05live.us	apt_bluenoroff
domaingrcoil.net	powershell_injector
domainmail.grcoil.net	powershell_injector
domainexastealer.com	exa
domainapi.exastealer.com	exa
domainallianceoutboundalliance.info	generic
domainallianceoutboundbridge.info	generic
domainallianceoutboundcentral.info	generic
domainallianceoutboundcircle.info	generic
domainallianceoutboundcollaborate.info	generic
domainallianceoutboundconnect.info	generic
domainallianceoutboundedge.info	generic
domainallianceoutboundexperts.info	generic
domainallianceoutboundfusion.info	generic
domainallianceoutboundgroup.info	generic
domainallianceoutboundguide.info	generic
domainallianceoutboundhq.info	generic
domainallianceoutboundhub.info	generic
domainalliancesaleshub.info	generic
domainalliancesalesnet.info	generic
domainalliancesalesnetwork.info	generic
domainalliancesalespartners.info	generic
domainalliancesalesplus.info	generic
domainalliancesalesservices.info	generic
domainalliancesalessolutions.info	generic
domainalliancesalestools.info	generic
domainalliancesalesunity.info	generic
domainalliancesalesworks.info	generic
domainalliancesalesworld.info	generic
domainalliancesaleszone.info	generic
domainbestgrowthbridge.info	generic
domainbestgrowthcentral.info	generic
domainbestgrowthcircle.info	generic
domainbestgrowthcollaborate.info	generic
domainbestgrowthconnect.info	generic
domainbestgrowthedge.info	generic
domainbestgrowthexperts.info	generic
domainbestgrowthfusion.info	generic
domainbestgrowthgroup.info	generic
domainbestgrowthguide.info	generic
domainbestgrowthhq.info	generic
domainbestgrowthhub.info	generic
domainbestgrowthlab.info	generic
domainbestgrowthnet.info	generic
domainbestgrowthnetwork.info	generic
domainbestgrowthpartners.info	generic
domainbestgrowthplus.info	generic
domainbestgrowthservices.info	generic
domainbestgrowthsolutions.info	generic
domainbestgrowthtools.info	generic
domainbestgrowthunity.info	generic
domainbestgrowthworks.info	generic
domainbestgrowthworld.info	generic
domainbestgrowthzone.info	generic
domainbestsalesalliance.info	generic
domainbestsalesbridge.info	generic
domainbestsalescentral.info	generic
domainbestsalescircle.info	generic
domainbestsalescollaborate.info	generic
domainbestsalesedge.info	generic
domainbestsalesexperts.info	generic
domainbestsalesfusion.info	generic
domainbestsalesgroup.info	generic
domainbestsalesguide.info	generic
domainbestsaleshq.info	generic
domainbestsaleshub.info	generic
domainbestsaleslab.info	generic
domainbestsalesnet.info	generic
domainbizoutreachconnect.info	generic
domainbizoutreachgrowth.info	generic
domainbizoutreachhub.info	generic
domainbizoutreachnetwork.info	generic
domainbizoutreachpartners.info	generic
domainbizoutreachsynergy.info	generic
domainbizoutreachteam.info	generic
domainbizpartnersconnect.info	generic
domainbizpartnersgrowth.info	generic
domainbizpartnership.info	generic
domainbizpartnershub.info	generic
domainbizpartnersnetwork.info	generic
domainbizpartnerzone.info	generic
domainbizprogress.info	generic
domainbizscaling.info	generic
domainbizscope.info	generic
domainbizsuccessboost.info	generic
domainbizsuccessgroup.info	generic
domainbizsuccessgrow.info	generic
domainbizsuccesshub.info	generic
domainbizsuccessjoint.info	generic
domainbizsynergize.info	generic
domainbizsynergy.info	generic
domainbizsynergyconnect.info	generic
domainbizsynergygroup.info	generic
domainbusinessnetworkhub.info	generic
domainbusinessoutreach.info	generic
domainbusinesssynergyhub.info	generic
domainbusinessteamwork.info	generic
domaincollabboost.info	generic
domaincollabbridge.info	generic
domaincollabconnectivity.info	generic
domaincollabconnectnetwork.info	generic
domaincollabconnectors.info	generic
domaincollabfirm.info	generic
domaincollabfirmconnect.info	generic
domaincollabfirmgroup.info	generic
domaincollabgrowconnect.info	generic
domaincollabgrowfirm.info	generic
domaincollabjoint.info	generic
domaincollabjump.info	generic
domaincollablink.info	generic
domaincollabnetwork.info	generic
domaincollabnetworkgrowth.info	generic
domaincollabnetworksynergy.info	generic
domaincollaboratebiz.info	generic
domaincollaborateconnect.info	generic
domaincollaborategrowth.info	generic
domaincollaborategrowthhub.info	generic
domaincollaboratehub.info	generic
domaincollabteams.info	generic
domaincollabteamwork.info	generic
domaincollabventures.info	generic
domaincollabventuresgrow.info	generic
domaincollabzone.info	generic
domainconnectadvance.info	generic
domainconnectfirm.info	generic
domainconnectfirmventures.info	generic
domainconnectgrow.info	generic
domainconnectgrowthhub.info	generic
domainconnectgrowthnetwork.info	generic
domainconnectioncollab.info	generic
domainconnectionnetwork.info	generic
domainconnectionpartners.info	generic
domainconnectionpath.info	generic
domainconnectionteam.info	generic
domainconnectivitygrowth.info	generic
domainconnectivityhub.info	generic
domainconnectivitynet.info	generic
domainconnectivityoutreach.info	generic
domainconnectivitypartners.info	generic
domainconnectivitysynergy.info	generic
domainconnectjoint.info	generic
domainconnectpartners.info	generic
domainconnectpartnership.info	generic
domainconnectsynergic.info	generic
domainconnectsynergize.info	generic
domainconnectsynergy.info	generic
domainconnectsynergyhub.info	generic
domainconnectteam.info	generic
domainexpandconnect.info	generic
domainexpandfirm.info	generic
domainexpandjoint.info	generic
domainexpandsynergy.info	generic
domainexpandteam.info	generic
domainfirmadvance.info	generic
domainfirmboost.info	generic
domainfirmboostjumpconnect.info	generic
domainfirmboostventures.info	generic
domainfirmbridge.info	generic
domainfirmcollab.info	generic
domainfirmconnect.info	generic
domainfirmconnectgroup.info	generic
domainfirmconnectgrow.info	generic
domainfirmconnectivity.info	generic
domainfirmconnectpath.info	generic
domainfirmconnectscope.info	generic
domainfirmconnectventures.info	generic
domainfirmcrew.info	generic
domainfirmcrewconnect.info	generic
domainjointgrowthcircle.info	generic
domainjointgrowthcollaborate.info	generic
domainjointgrowthconnect.info	generic
domainjointgrowthedge.info	generic
domainjointgrowthfusion.info	generic
domainjointgrowthgroup.info	generic
domainjointgrowthguide.info	generic
domainjointgrowthhq.info	generic
domainjointgrowthhub.info	generic
domainjointgrowthlab.info	generic
domainjointgrowthnet.info	generic
domainjointgrowthnetwork.info	generic
domainjointgrowthpartners.info	generic
domainjointgrowthplus.info	generic
domainjointgrowthservices.info	generic
domainjointgrowthsolutions.info	generic
domainjointgrowthtools.info	generic
domainjointgrowthunity.info	generic
domainjointgrowthworks.info	generic
domainjointgrowthworld.info	generic
domainjointgrowthzone.info	generic
domainmaxgrowthalliance.info	generic
domainmaxgrowthbridge.info	generic
domainmaxgrowthcentral.info	generic
domainmaxgrowthcircle.info	generic
domainoutreachconnectivity.info	generic
domainoutreachconnectors.info	generic
domainoutreachdynamics.info	generic
domainoutreachfirm.info	generic
domainoutreachgrowthhub.info	generic
domainsuccessgrow.info	generic
domainteamworkoutreach.info	generic
domainteamworkpartners.info	generic
domainteamworksynergies.info	generic
domainteamworksynergy.info	generic
domainteamworkzone.info	generic
domainteamzoneconnect.info	generic
domainteamzonegrow.info	generic
domainventureboost.info	generic
domainventurecrew.info	generic
domainventurefirmconnect.info	generic
domainventuresgrowhub.info	generic
domainventuresgrowth.info	generic
domainventuresgrowthboost.info	generic
domainventuresgrowthfirm.info	generic
domainventuresjoint.info	generic
domainventuresjointconnect.info	generic
domainventuresuccess.info	generic
domainventuresuccesshub.info	generic
domainventuresuccesszone.info	generic
domainanotherkindofdrew.com	osx_atomic
domainastralpacketcore2.lat	osx_atomic
domaincosmicrelayhub2.homes	osx_atomic
domaincosmicrelayhub4.pics	osx_atomic
domainedgepointweb.buzz	osx_atomic
domaineverydaygateweb.buzz	osx_atomic
domainfairfieldshop.buzz	osx_atomic
domainfrontierbase.buzz	osx_atomic
domaingenericflownet.buzz	osx_atomic
domaingraystonehub.buzz	osx_atomic
domainhyperdatamesh3.mom	osx_atomic
domainneuralstreamcore2.mom	osx_atomic
domainorbitdatasync1.sbs	osx_atomic
domainorbitdatasync5.pics	osx_atomic
domainstellarnodehub2.baby	osx_atomic
domainstellarnodehub4.pics	osx_atomic
domainultranodecluster1.lat	osx_atomic
domainagentq.digital	osx_atomic
domainastralpacketcore1.cyou	osx_atomic
domainastralpacketcore1.lat	osx_atomic
domainastralpacketcore3.cyou	osx_atomic
domainastralpacketcore4.baby	osx_atomic
domainastralpacketcore5.mom	osx_atomic
domainastralpacketcore5.pics	osx_atomic
domaincosmicrelayhub1.pics	osx_atomic
domaincosmicrelayhub1.xyz	osx_atomic
domaincosmicrelayhub2.pics	osx_atomic
domaincosmicrelayhub3.baby	osx_atomic
domaincosmicrelayhub3.mom	osx_atomic
domaincosmicrelayhub3.pics	osx_atomic
domaincosmicrelayhub4.baby	osx_atomic
domaincosmicrelayhub4.cfd	osx_atomic
domaincosmicrelayhub5.lol	osx_atomic
domaindataprismcore2.cyou	osx_atomic
domaindataprismcore3.cfd	osx_atomic
domainfluxstoragehub4.sbs	osx_atomic
domainfluxstoragehub5.cyou	osx_atomic
domainfotbal247.com	osx_atomic
domaingumbollworks.com	osx_atomic
domainhyperdatamesh2.baby	osx_atomic
domainhyperdatamesh2.cyou	osx_atomic
domainhyperdatamesh2.lat	osx_atomic
domainhyperdatamesh3.xyz	osx_atomic
domainhyperdatamesh4.lat	osx_atomic
domainhyperdatamesh4.lol	osx_atomic
domainhyperdatamesh5.baby	osx_atomic
domainhyperdatamesh5.lat	osx_atomic
domainhyperdatamesh5.pics	osx_atomic
domainluxfork.com	osx_atomic
domainmmdemo.online	osx_atomic
domainmoneycompasshq.com	osx_atomic
domainnebulasyncforge2.mom	osx_atomic
domainnebulasyncforge2.sbs	osx_atomic
domainnebulasyncforge3.cyou	osx_atomic
domainnebulasyncforge4.mom	osx_atomic
domainneuralstreamcore1.cfd	osx_atomic
domainneuralstreamcore1.mom	osx_atomic
domainneuralstreamcore1.pics	osx_atomic
domainneuralstreamcore1.xyz	osx_atomic
domainneuralstreamcore2.cyou	osx_atomic
domainneuralstreamcore2.homes	osx_atomic
domainneuralstreamcore2.lat	osx_atomic
domainneuralstreamcore2.lol	osx_atomic
domainneuralstreamcore2.sbs	osx_atomic
domainneuralstreamcore3.baby	osx_atomic
domainneuralstreamcore3.lol	osx_atomic
domainneuralstreamcore3.pics	osx_atomic
domainneuralstreamcore3.xyz	osx_atomic
domainneuralstreamcore4.cfd	osx_atomic
domainneuralstreamcore4.homes	osx_atomic
domainneuralstreamcore4.lol	osx_atomic
domainneuralstreamcore4.mom	osx_atomic
domainneuralstreamcore5.baby	osx_atomic
domainneuralstreamcore5.cfd	osx_atomic
domainneuralstreamcore5.xyz	osx_atomic
domainorbitdatasync1.cyou	osx_atomic
domainorbitdatasync1.homes	osx_atomic
domainorbitdatasync1.mom	osx_atomic
domainorbitdatasync2.cyou	osx_atomic
domainorbitdatasync2.lol	osx_atomic
domainorbitdatasync2.mom	osx_atomic
domainorbitdatasync2.pics	osx_atomic
domainorbitdatasync4.baby	osx_atomic
domainorbitdatasync4.mom	osx_atomic
domainorbitdatasync4.sbs	osx_atomic
domainorbitdatasync5.cfd	osx_atomic
domainorbitdatasync5.cyou	osx_atomic
domainorbitstreamvault1.cfd	osx_atomic
domainorbitstreamvault2.mom	osx_atomic
domainorbitstreamvault3.baby	osx_atomic
domainorbitstreamvault4.cfd	osx_atomic
domainorbitstreamvault4.pics	osx_atomic
domainpet-care-mastery.com	osx_atomic
domainquantumcachegrid1.cyou	osx_atomic
domainquantumcachegrid3.homes	osx_atomic
domainquantumcachegrid3.lol	osx_atomic
domainquantumcachegrid4.baby	osx_atomic
domainquantumcachegrid4.lat	osx_atomic
domainquantumcachegrid5.sbs	osx_atomic
domainquantumcachegrid5.xyz	osx_atomic
domainquantumfluxgrid1.lol	osx_atomic
domainquantumfluxgrid2.homes	osx_atomic
domainquantumfluxgrid2.mom	osx_atomic
domainquantumfluxgrid3.lat	osx_atomic
domainquantumfluxgrid3.pics	osx_atomic
domainquantumfluxgrid4.cyou	osx_atomic
domainquantumfluxgrid4.lat	osx_atomic
domainquantumfluxgrid4.lol	osx_atomic
domainquantumfluxgrid4.pics	osx_atomic
domainquantumfluxgrid4.sbs	osx_atomic
domainquantumfluxgrid5.cyou	osx_atomic
domainquantumfluxgrid5.sbs	osx_atomic
domainquantumfluxgrid5.xyz	osx_atomic
domainstellarbackupnode1.lat	osx_atomic
domainstellarbackupnode2.cfd	osx_atomic
domainstellarbackupnode3.cyou	osx_atomic
domainstellarbackupnode3.lat	osx_atomic
domainstellarbackupnode3.xyz	osx_atomic
domainstellarbackupnode4.mom	osx_atomic
domainstellarbackupnode5.homes	osx_atomic
domainstellarnodehub1.baby	osx_atomic
domainstellarnodehub1.cyou	osx_atomic
domainstellarnodehub2.xyz	osx_atomic
domainstellarnodehub3.baby	osx_atomic
domainstellarnodehub3.sbs	osx_atomic
domainstellarnodehub4.cfd	osx_atomic
domainstellarnodehub4.mom	osx_atomic
domainstellarnodehub5.cyou	osx_atomic
domainstellarnodehub5.mom	osx_atomic
domainstellarnodehub5.xyz	osx_atomic
domainultranodecluster1.baby	osx_atomic
domainultranodecluster1.pics	osx_atomic
domainultranodecluster2.cyou	osx_atomic
domainultranodecluster2.mom	osx_atomic
domainultranodecluster2.sbs	osx_atomic
domainultranodecluster3.cyou	osx_atomic
domainultranodecluster4.cyou	osx_atomic
domainultranodecluster4.mom	osx_atomic
domainultranodecluster4.sbs	osx_atomic
domainultranodecluster5.cfd	osx_atomic
domainultranodecluster5.mom	osx_atomic
domainwebvormgeving.com	osx_atomic
domainjsonkeeper.com	hacked_npmrepos
domainairvoyagero.com	osx_atomic
domainanydomen.net	osx_atomic
domainkettlewhisper.icu	osx_atomic
domainmsne.shop	osx_atomic
domainpauseinterior.xyz	osx_atomic
domaintubestore.digital	osx_atomic
domain1l.domenpozh.net	osx_atomic
domaind5.tubestore.digital	osx_atomic
domainmail.pauseinterior.xyz	osx_atomic
domainy8.anydomen.net	osx_atomic
domainbiglights.net	osx_atomic
domainnew88top.com	osx_atomic
domainbiskt.cloud	android_joker
domaintg999.me	ek_clearfake
domain25vsikqn.easttea.in.net	ek_clearfake
domainadmin.tg999.me	ek_clearfake
domainage-logic.lookyouthful.in.net	ek_clearfake
domainamp-v1.amperelose.in.net	ek_clearfake
domainanydomen.info	ek_clearfake
domainartodigital.id	ek_clearfake
domainautoconfig.nokfitwear.com.br	ek_clearfake
domainautodiscover.apexdigitech.net	ek_clearfake
domainautodiscover.donohosting.com	ek_clearfake
domainautodiscover.incubolabs.com	ek_clearfake
domainbanne-shi.catflow.in.net	ek_clearfake
domainbig02.bigamyprogramm.in.net	ek_clearfake
domainbin-monitor.recycleroach.in.net	ek_clearfake
domainbrain-scan.neurogrid.in.net	ek_clearfake
domainbuttonfrost.icu	ek_clearfake
domaincalc-engine.hammermathemat.in.net	ek_clearfake
domaincedarclient.slowcube.in.net	ek_clearfake
domainclea-line.inksky.in.net	ek_clearfake
domainclearpane.sheetglass.in.net	ek_clearfake
domainclevergeriatric.icu	ek_clearfake
domainclip-ten.blowoff.in.net	ek_clearfake
domaincloth-net.technofabric.in.net	ek_clearfake
domaincorvet-sync.corvetsynchron.in.net	ek_clearfake
domaindbiecm.easttea.in.net	ek_clearfake
domaindeal-proxy.confoundsoldout.in.net	ek_clearfake
domaindepoff.flowwow.in.net	ek_clearfake
domaindesign-v1.commundesign.in.net	ek_clearfake
domaindisc-v9.grimasdiscuss.in.net	ek_clearfake
domainesaul-frostline.esaulsnow.in.net	ek_clearfake
domainevegelenmasor.xyz	ek_clearfake
domainevolution.plataformasai.com	ek_clearfake
domainf6.rememberer.digital	ek_clearfake
domainface-lift.lookyouthful.in.net	ek_clearfake
domainfc.nextbridge.digital	ek_clearfake
domainfi.opticforge.digital	ek_clearfake
domaing0-data-z9.viametrica.in.net	ek_clearfake
domaingeo-p1levector.geodesistpile.in.net	ek_clearfake
domainhnjutai.net	ek_clearfake
domainhot-sauce.caliphsaucy.in.net	ek_clearfake
domainhzrenxiao.com	ek_clearfake
domainjycxjx.com	ek_clearfake
domainkofcsacredhearttampa.org	ek_clearfake
domainlearn-gate.edunoppress.in.net	ek_clearfake
domainmaze-check.confoundsoldout.in.net	ek_clearfake
domainmeasur0-mark.backyard.in.net	ek_clearfake
domainmesh-cloud.technofabric.in.net	ek_clearfake
domainmind-node.neurogrid.in.net	ek_clearfake
domainmusik.bio	ek_clearfake
domainnmgixmc.catflow.in.net	ek_clearfake
domainnocode.artodigital.id	ek_clearfake
domainopenclaw.flowsolo.app	ek_clearfake
domainopenpure.catflow.in.net	ek_clearfake
domainpalace-gate.caliphsaucy.in.net	ek_clearfake
domainpixel-view.digiframe.in.net	ek_clearfake
domainpuzz-sync.confoundsoldout.in.net	ek_clearfake
domainqvibhf.com	ek_clearfake
domainrabbit-v1.rabbitfarm.in.net	ek_clearfake
domainreage2-crest.darkboll.in.net	ek_clearfake
domainriv3-node.catflat.in.net	ek_clearfake
domainsecure-key.cryptolayer.in.net	ek_clearfake
domainsftpin.com	ek_clearfake
domainsnack-api.balkarbelyashi.in.net	ek_clearfake
domainsorteio.orientefarma.com.br	ek_clearfake
domainstatic-cdn.digiframe.in.net	ek_clearfake
domainsurveyrock.geodesistpile.in.net	ek_clearfake
domaintalk-sync.grimasdiscuss.in.net	ek_clearfake
domaintanxionglouru.top	ek_clearfake
domaintanxionglouru1.top	ek_clearfake
domaintanxionglouru2.top	ek_clearfake
domaintanxionglouru3.top	ek_clearfake
domaintanxionglouru4.top	ek_clearfake
domaintanxionglouru5.top	ek_clearfake
domaintanxionglouru6.top	ek_clearfake
domaintg999.pro	ek_clearfake
domaintool-logic.hammermathemat.in.net	ek_clearfake
domaintr4d3-sheet.flowwow.in.net	ek_clearfake
domainuniatende.noai.com.br	ek_clearfake
domainunifi.lan.devusercode.net	ek_clearfake
domainw9m2kx.alaspasteur.in.net	ek_clearfake
domainwash-logic.okiselwhiten.in.net	ek_clearfake
domainweldoxis.in.net	ek_clearfake
domainwww.evegelenmasor.xyz	ek_clearfake
domainwww.musik.bio	ek_clearfake
domainx5-gate-33.arcostruttura.in.net	ek_clearfake
domainxinxinfiber.com	ek_clearfake
domainxkiwkg.com	ek_clearfake
domainyinshengjiuyu.top	ek_clearfake
domainyinshengjiuyu0.top	ek_clearfake
domainyinshengjiuyu1.top	ek_clearfake
domainyinshengjiuyu2.top	ek_clearfake
domainyinshengjiuyu3.top	ek_clearfake
domainyinshengjiuyu5.top	ek_clearfake
domainzc.xxacgyun.top	ek_clearfake
domainswiftyswap.com	ek_clearfake
domainhongkongplazaworks.top	maskgram
domainambitions.tech	netsupport
domainblockbaster.top	netsupport
domainelasysaresearch.biz	netsupport
domaingoinsideit.com	netsupport
domaingoinsideitmore.com	netsupport
domaingosidefastandpure.com	netsupport
domainhomeshieldins.org	netsupport
domainmikabooks.com	netsupport
domainonboardingforzarace.com	netsupport
domainpowerbioreceipt.com	netsupport
domainwingsidedev.monster	netsupport
domain6tdqqaxftvradka5d2frzgwixis7fmro7rfh4ettzcx7jfapkebe6jad.onion	audit_ransomware
domainvaeth.cn	gh0strat
domaingem-mixed-expert-struct.trycloudflare.com	generic
domainteak.gen.tr	offloader
domain489483896l.top	connectwise
domainabp-tw6.top	connectwise
domainabrainbladtide.top	connectwise
domainaddoins.top	connectwise
domainadmin.fesst.top	connectwise
domainadmin.rannkinmoneysc.top	connectwise
domainadvancesc.top	connectwise
domainagqot2451.top	connectwise
domainakin.defencingm.top	connectwise
domainallforoons.top	connectwise
domainap6w-tf4.top	connectwise
domainaphalxixpanel.top	connectwise
domainapp.abrainbladtide.top	connectwise
domainapp.busting0setup.top	connectwise
domainapp.pinnnoplockzuz.top	connectwise
domainapp.rnewamikol01.top	connectwise
domainappllus.top	connectwise
domainatbhu-25.top	connectwise
domainazhelp.top	connectwise
domainbizabizadealsvvi.top	connectwise
domainblinksings.top	connectwise
domainbookviriandeals.top	connectwise
domainbp6yr-79.top	connectwise
domainbreenchwithoutborders.top	connectwise
domainbsupport.top	connectwise
domainbuissine.top	connectwise
domainburffring.top	connectwise
domainbusting0setup.top	connectwise
domainc63av-i8.top	connectwise
domaincarecsj.top	connectwise
domainccxpanelx.top	connectwise
domaincheaptousscreen.top	connectwise
domainchepoz.top	connectwise
domainconnect-invite.top	connectwise
domainconnectguru.top	connectwise
domaincorematrixadmin.top	connectwise
domaincrenmolate.top	connectwise
domaindebugbuddybi.top	connectwise
domaindefencingm.top	connectwise
domaindemssz-nnow.top	connectwise
domaindentallifecoaching.top	connectwise
domaindigitalconnectappuser.top	connectwise
domaindinsons.top	connectwise
domaindmcmd.top	connectwise
domaindrclosermendeals71l.top	connectwise
domaindrsol.top	connectwise
domaindzy.secureset.top	connectwise
domainemishop.top	connectwise
domainemistocks.top	connectwise
domainemptytolerance.top	connectwise
domainep7e-3ed.top	connectwise
domainfesnings.top	connectwise
domainfesst.top	connectwise
domainfslkjhgfdd.top	connectwise
domainfutummn.top	connectwise
domaingetleets.top	connectwise
domaingodpanel.top	connectwise
domaingranitepeaknet.top	connectwise
domaingreatmosts.top	connectwise
domaingronot.top	connectwise
domaingsmpro.top	connectwise
domaingtstore.top	connectwise
domainguce.blinksings.top	connectwise
domainhantfaconnect.top	connectwise
domainhaskba.top	connectwise
domainhelpbsl.top	connectwise
domainhiddenconsole.top	connectwise
domainhitpanel.top	connectwise
domainhk.secureset.top	connectwise
domainhkrabag.top	connectwise
domainholtvad.top	connectwise
domainhomenmade.top	connectwise
domainhopics.top	connectwise
domainidpcare.top	connectwise
domainjamscreen.top	connectwise
domainjboi.top	connectwise
domainjdsfrw-11.top	connectwise
domainjellybot.top	connectwise
domainkailefoodsdeals.top	connectwise
domainkellyxxpanel.top	connectwise
domainlmf-93dy.top	connectwise
domainloveenin.top	connectwise
domainlzior-95a.top	connectwise
domainmainpatron.top	connectwise
domainmdr-xe4s.top	connectwise
domainmhrapanl.top	connectwise
domainmyscreenfriend.top	connectwise
domainnaturalpath.top	connectwise
domainnatyiepanel.top	connectwise
domainneondebuggerbi.top	connectwise
domainnerdshubsavvy.top	connectwise
domainnewtimfor.top	connectwise
domainnexusbackendsys.top	connectwise
domainobstrinitromanual.top	connectwise
domainoffslinses.top	connectwise
domainoqtii2skreen.top	connectwise
domainorikori.orireofero.top	connectwise
domainorireofero.top	connectwise
domainowlxpc.top	connectwise
domainparlless.top	connectwise
domainpinnnoplockzuz.top	connectwise
domainpotarucu.top	connectwise
domainrannkinmoneysc.top	connectwise
domainrecordadaptersbiz.top	connectwise
domainreservservers.top	connectwise
domainretoup.top	connectwise
domainreywnotification.top	connectwise
domainrnewamikol01.top	connectwise
domainruthl3ssw1zard.top	connectwise
domainscr90.top	connectwise
domainsecure.obstrinitromanual.top	connectwise
domainsecure.varfootball.top	connectwise
domainsecureset.top	connectwise
domainsignto.top	connectwise
domainsnoopofthe.top	connectwise
domainstacks-sc.top	connectwise
domainstayingsan3.top	connectwise
domainstewise.top	connectwise
domainstocksmarket.top	connectwise
domainsukriopeap.top	connectwise
domainsupersender.top	connectwise
domainsupport.snoopofthe.top	connectwise
domainthefixwizardbyte.top	connectwise
domainthelifechurchhomebas.top	connectwise
domaintwirrewnss.top	connectwise
domaintzthelp.top	connectwise
domainudcare.top	connectwise
domainuniccloud.top	connectwise
domainuzvlive.top	connectwise
domainvarfootball.top	connectwise
domainvoxilate.top	connectwise
domainworydwidehuc.top	connectwise
domainwphelp.top	connectwise
domainyufuiosiwk.top	connectwise
domainzaza1sm1.top	connectwise
domainzcmpro.top	connectwise
domainziy8-fd4.top	connectwise
domainzscrewssa.top	connectwise
domainzynthara.top	connectwise
domainmillimanonlinelogin.go2omega.com	fakeapp
domain9goooglemeetts.live	fakeapp
domaindescamisad.sbs	fakeapp
domainnexttoconnekt.click	fakeapp
domainsiteinsight.bond	fakeapp
domain9r.vc-whatsapp.hl.cn	fakeapp
domain9t.tg-whatsapp.hl.cn	fakeapp
domain9v.uh-whatsapp.hl.cn	fakeapp
domainakmzr-whatsapp.com.cn	fakeapp
domainaxqtp-whatsapp.hl.cn	fakeapp
domainaxrqp-whatsapp.com.cn	fakeapp
domaindzqvp-whatsapp.com.cn	fakeapp
domainfqpmr-whatsapp.hl.cn	fakeapp
domainfzqmr-whatsapp.com.cn	fakeapp
domaingqvxt-whatsapp.com.cn	fakeapp
domainkzpmr-whatsapp.hl.cn	fakeapp
domainlmqxt-whatsapp.com.cn	fakeapp
domainmlqzr-whatsapp.com.cn	fakeapp
domainmqvtr-whatsapp.com.cn	fakeapp
domainmxptr-whatsapp.com.cn	fakeapp
domainmxqvr-whatsapp.com.cn	fakeapp
domainpqvxm-whatsapp.com.cn	fakeapp
domainrmxqt-whatsapp.com.cn	fakeapp
domainrtzmq-whatsapp.com.cn	fakeapp
domaintg-whatsapp.hl.cn	fakeapp
domainuh-whatsapp.hl.cn	fakeapp
domainvbqmr-whatsapp.hl.cn	fakeapp
domainvc-whatsapp.hl.cn	fakeapp
domainwss-akzwr-whatsapp.com.cn	fakeapp
domainwss-bvkpa-whatsapp.com.cn	fakeapp
domainwss-lmtrx-whatsapp.com.cn	fakeapp
domainwss-lpmqr-whatsapp.com.cn	fakeapp
domainwss-nqzrv-whatsapp.com.cn	fakeapp
domainwss-pzlmx-whatsapp.com.cn	fakeapp
domainwss-qrtxp-whatsapp.com.cn	fakeapp
domainwss-rwkxm-whatsapp.com.cn	fakeapp
domainwss-rxzma-whatsapp.com.cn	fakeapp
domainwss-vmpxr-whatsapp.com.cn	fakeapp
domainwss-wxkpt-whatsapp.com.cn	fakeapp
domainwss-zpqva-whatsapp.com.cn	fakeapp
domainzrkpm-whatsapp.hl.cn	fakeapp
domaincloud-verificate.com	osx_nova
domainyuhvgbzsa66biqeatbmdvfo5b5jjefcmz5t2vjuvco5qtdkshfpabyid.onion	osx_nova
domaingoogle-meetingsnow.click	fakeapp
domaingoogle-meetingsnow.us	fakeapp
domaingooglemeet-meetings.us	fakeapp
domaingooglemeetmenow.us	fakeapp
domainhollycanvas.xyz	fakeapp
domainmeeting-live.site	fakeapp
domaingooglemeet.meeting-live.site	fakeapp
domaingooglemeeting.meeting-live.site	fakeapp
domaininvite.hollycanvas.xyz	fakeapp
domainmail.google-meetingsnow.us	fakeapp
domainmail.googlemeet-meetings.us	fakeapp
domainmail.googlemeetmenow.us	fakeapp
domainmeet.google-meetingsnow.us	fakeapp
domainblazingapss12.cfd	fakeapp
domainblazingapss8.cfd	fakeapp
domainyesjis.com	fakeapp
domaininstantmeeting.live	fakeapp
domainpodiat.cyou	lummac2
domainsmeltd.cyou	lummac2
domain3commas.icu	fakeapp
domainaccessrecovery.info	fakeapp
domainai-game.us4web-zoom.com	fakeapp
domainapp.sypraf-group.com	fakeapp
domainapp.us01zoom.com	fakeapp
domainapp.us04zoom.com	fakeapp
domainapp.us4web-zoom.com	fakeapp
domainaushomeaffairs.com	fakeapp
domainawaresec.de	fakeapp
domainbezirk-niderbayern.de	fakeapp
domainbrandeins-magazin.de	fakeapp
domainbroonerconstructionmeetings.com	fakeapp
domainbsi-bund.info	fakeapp
domaincatatankerja.online	fakeapp
domainchat.neoscribe.us	fakeapp
domaincheckthatout.com	fakeapp
domainconnect-zoom.info	fakeapp
domainde06web.zoom.com.de	fakeapp
domaindevegas.fun	fakeapp
domaineco-gear.us4web-zoom.com	fakeapp
domainensdomain.org	fakeapp
domainepa2.de	fakeapp
domainfrankfurt-1.threeletters.tech	fakeapp
domainftp.checkthatout.com	fakeapp
domainftp.us04web-zoom.eu	fakeapp
domaingreenwayauto.sale	fakeapp
domainhamwdeonf.xyz	fakeapp
domainhealthlinepulse.com	fakeapp
domainhermes-holding-it.de	fakeapp
domainhuramovies.mov	fakeapp
domaininvitezoom.xyz	fakeapp
domainip54.ip-51-89-220.eu	fakeapp
domainipv6.srv541312.hstgr.cloud	fakeapp
domainjmpconf.com	fakeapp
domainjoin-meeting-invite-id-567765.nasbv.site	fakeapp
domainkattenn.com	fakeapp
domainkdga.be	fakeapp
domainlink.us4web-zoom.com	fakeapp
domainlivechatzoomsession.com	fakeapp
domainmail.accessrecovery.info	fakeapp
domainmail.srv541312.hstgr.cloud	fakeapp
domainmail.us11webzoom.com	fakeapp
domainmail.uswebmeetings06.com	fakeapp
domainmail.uswebmeetingzoom03.com	fakeapp
domainmail.uswebzoom03.com	fakeapp
domainmail.zoommeets.us	fakeapp
domainmatch.us4web-zoom.com	fakeapp
domainmeeting.rilara.workers.dev	fakeapp
domainmeetting.zoomus.work	fakeapp
domainmillies.pics.ngrok.pro	fakeapp
domainministeriumbw.de	fakeapp
domainmw.zoorn.me	fakeapp
domainmy-zoom-meeting.us	fakeapp
domainmy-zoom.us	fakeapp
domainmywebmeetingz.com	fakeapp
domainnaviprotocol.us	fakeapp
domainnextvmserver.xyz	fakeapp
domainns1.smpawsumber.sch.id	fakeapp
domainns2.smpawsumber.sch.id	fakeapp
domainopportunitypresentation.com	fakeapp
domainpostal-net.co.za	fakeapp
domainprivate.zoomconnet.online	fakeapp
domainrealtimezoomsession.com	fakeapp
domainrecovery-coldcard.com	fakeapp
domainrilara.workers.dev	fakeapp
domainsecure-zoom.com	fakeapp
domainsecure.solzerrealestate.com	fakeapp
domainsecure.us4web-zoom.com	fakeapp
domainsiemenshealth.eu	fakeapp
domainsmcn.edu.ar	fakeapp
domainsolzerrealestate.com	fakeapp
domainsrv541312.hstgr.cloud	fakeapp
domainstadtverwaltung-bad-toelz.de	fakeapp
domainsypraf-group.com	fakeapp
domaintest.us4web-zoom.com	fakeapp
domaintheagilepotato.com	fakeapp
domaintiaodongdog.cloud	fakeapp
domainus01zoom.com	fakeapp
domainus02web-zoom-us-j-9898711911pwd-zuhaiunzlpctcrumlydjz09omn.pages.dev	fakeapp
domainus03zoom.us	fakeapp
domainus04web-zoom.eu	fakeapp
domainus04zoom.com	fakeapp
domainus06webs.com	fakeapp
domainus07webszoom.us	fakeapp
domainus11webzoom.com	fakeapp
domainus38web.us	fakeapp
domainus4web-zoom.com	fakeapp
domainus80web-zoom.us	fakeapp
domainus90web.us	fakeapp
domainuswebmeetings06.com	fakeapp
domainuswebmeetingzoom03.com	fakeapp
domainuswebzoom03.com	fakeapp
domainvalannia.xyz	fakeapp
domainvoicetech.institute	fakeapp
domainvw.voicetech.institute	fakeapp
domainwc-42j.pages.dev	fakeapp
domainweb-updates.com	fakeapp
domainweb-zoom.cloud	fakeapp
domainweb-zoom.eu	fakeapp
domainweb.us4web-zoom.com	fakeapp
domainweb01shjfdxskljgvxdsfy.us.logfiles.help	fakeapp
domainwebdisk.srv541312.hstgr.cloud	fakeapp
domainwebmail.srv541312.hstgr.cloud	fakeapp
domainwebzoominvite05za.us	fakeapp
domainwebzoominvite05za.us.logfiles.help	fakeapp
domainwhm.srv541312.hstgr.cloud	fakeapp
domainzoom-meet.info	fakeapp
domainzoom-meeting.yhcyapi.com	fakeapp
domainzoom-meetingnow.us	fakeapp
domainzoom-metting.worktoolz.fun	fakeapp
domainzoom-opy2wnlywlc7zqdhdhdeyjn1gnij3u.zk1x.com	fakeapp
domainzoom-x2l120fe7yq3t0.jigrayco.com	fakeapp
domainzoom.awaresec.de	fakeapp
domainzoom.bayern-lda.de	fakeapp
domainzoom.beta.dataviberpm.com	fakeapp
domainzoom.brandeins-magazin.de	fakeapp
domainzoom.ciudadanos-cs.org	fakeapp
domainzoom.das-reha-portal.de	fakeapp
domainzoom.datavibe.com	fakeapp
domainzoom.epa2.de	fakeapp
domainzoom.flilx.cn	fakeapp
domainzoom.icon-league.de	fakeapp
domainzoom.institution-medizin.de	fakeapp
domainzoom.jenbunk.com	fakeapp
domainzoom.maoffers.net	fakeapp
domainzoom.markt-gapa.de	fakeapp
domainzoom.ministeriumbw.de	fakeapp
domainzoom.oberbayern-bezirk.de	fakeapp
domainzoom.themovie.group	fakeapp
domainzoom.us.who3.info	fakeapp
domainzoom.us38web.us	fakeapp
domainzoom.us4web-zoom.com	fakeapp
domainzoom.us90web.us	fakeapp
domainzoomcalls.xyz	fakeapp
domainzoomconnet.online	fakeapp
domainzoommeets.us	fakeapp
domainzoomupgrade.com	fakeapp
domainzooom-cal-imvite-zoom-session.org	fakeapp
domainzoooomm.it.com	fakeapp
domainzooooom.it.com	fakeapp
domainzoorn.me	fakeapp

Ip

Value	Description	Copy
ip102.220.91.114	supershell_c2
ip154.12.91.171	supershell_c2
ip45.205.2.56	supershell_c2
ip48.222.9.8	powershell_injector
ip195.128.248.31	exa
ip4.180.17.86	exa
ip193.181.214.66	aurac2
ip107.189.21.37	blackteam
ip144.172.87.118	blackteam
ip45.142.193.27	netsupport
ip5.252.177.209	netsupport
ip185.246.223.75	yanisma
ip182.16.88.242	gh0strat
ip213.177.179.8	magentocore
ip103.130.214.71	elf_gafgyt
ip154.194.50.229	connectwise
ip44.210.101.86	yurei
ip44.223.40.182	yurei
ip91.196.32.232	powershell_injector
ip34.29.255.251	cyberstrikeai
ip144.31.107.231	hacked_npmrepos

Threat ID: 69d542daaaed68159a3c0b5a

Added to database: 4/7/2026, 5:46:02 PM

Last enriched: 4/7/2026, 5:46:07 PM

Last updated: 4/8/2026, 12:43:53 AM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited

View courses

Maltrail IOC for 2026-04-07

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

Maltrail IOC for 2026-04-07

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Technical Details

Indicators of Compromise

Url

Domain

Ip

Community Reviews

Actions

External Links

Need more coverage?

Latest Threats

Check if your credentials are on the dark web

Lead Pen Test Professional

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility

Maltrail IOC for 2026-04-07

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

Maltrail IOC for 2026-04-07

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Technical Details

Indicators of Compromise

Url

Domain

Ip

Community Reviews

Related Threats

ThreatFox IOCs for 2026-04-07

KRVTZ-NET IDS alerts for 2026-04-07

Detections for the Axios supply chain compromise

TA416 resumes European government espionage campaigns

ThreatFox IOCs for 2026-04-06

Actions

External Links

Need more coverage?

Latest Threats

Check if your credentials are on the dark web

Lead Pen Test Professional

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility