Maltrail IOC for 2026-05-26
Maltrail IOC for 2026-05-26
AI Analysis
Technical Summary
The threat intelligence entry catalogs multiple IOCs related to malware activity observed on 2026-05-26, including suspicious domains, IP addresses, and URLs linked to different malware families or campaigns. The data is derived from manual OSINT collection and external network activity analysis. No CVE or specific exploit information is associated. The report serves as an observational feed to aid detection and monitoring rather than describing a new vulnerability or active exploit.
Potential Impact
The impact is primarily related to the presence of malware-related network indicators that could signify ongoing or potential malicious activity. No direct exploit or vulnerability is described, and no known active exploitation is reported. The medium severity reflects the potential risk these IOCs pose for detection and response efforts but does not indicate an immediate critical threat.
Mitigation Recommendations
No official patch or remediation is available or applicable as this is an IOC feed rather than a vulnerability report. Security teams should incorporate these indicators into their detection tools and monitoring systems to identify potential malicious activity. No urgent action beyond standard threat intelligence integration is indicated.
Indicators of Compromise
- url: https://api.github.com/repos/stamparm/maltrail/commits/adefdc022653f48bf60a39b8c566dd05eaf05ded
- url: https://www.virustotal.com/gui/ip-address/154.7.253.166/relations
- domain: exactupdate.com
- domain: invokeupdate.com
- domain: mothechurh.com
- url: https://api.github.com/repos/stamparm/maltrail/commits/5fef578f8a6e787c3e2059c7e66f16076d9887e4
- domain: frozetk.cyou
- url: https://api.github.com/repos/stamparm/maltrail/commits/c4d89e3d64416bc94e2322f7bb654a643550ae60
- ip: 72.61.123.154
- url: https://api.github.com/repos/stamparm/maltrail/commits/5c5e9150a879bf48ab8d6e4e1cbc921224bb1d3b
- domain: vaultchainblockpulse.com
- url: https://api.github.com/repos/stamparm/maltrail/commits/34c42104085f7bdaa7383bbb77ffd77539f5af00
- url: https://x.com/Fact_Finder03/status/2059208168299733103
- url: https://www.virustotal.com/gui/file/2874868daf6660876cec6a903d2bbb9b437d8d2ff173d8bc39e6f18a016ed838/detection
- ip: 82.39.86.48
- url: https://api.github.com/repos/stamparm/maltrail/commits/4eb3201a66ccc727a7d4a68fa125dde0faf65ab6
- domain: analityc-cdn.org
- domain: socket-analytics.net
- url: https://api.github.com/repos/stamparm/maltrail/commits/1ffff12f999254e327664dca5ebd6e28241981be
Maltrail IOC for 2026-05-26
Description
Maltrail IOC for 2026-05-26
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The threat intelligence entry catalogs multiple IOCs related to malware activity observed on 2026-05-26, including suspicious domains, IP addresses, and URLs linked to different malware families or campaigns. The data is derived from manual OSINT collection and external network activity analysis. No CVE or specific exploit information is associated. The report serves as an observational feed to aid detection and monitoring rather than describing a new vulnerability or active exploit.
Potential Impact
The impact is primarily related to the presence of malware-related network indicators that could signify ongoing or potential malicious activity. No direct exploit or vulnerability is described, and no known active exploitation is reported. The medium severity reflects the potential risk these IOCs pose for detection and response efforts but does not indicate an immediate critical threat.
Mitigation Recommendations
No official patch or remediation is available or applicable as this is an IOC feed rather than a vulnerability report. Security teams should incorporate these indicators into their detection tools and monitoring systems to identify potential malicious activity. No urgent action beyond standard threat intelligence integration is indicated.
Technical Details
- Uuid
- 7fd6bbec-320e-48c5-b09d-79519e533f11
- Original Timestamp
- 1779793206
Indicators of Compromise
Url
| Value | Description | Copy |
|---|---|---|
urlhttps://api.github.com/repos/stamparm/maltrail/commits/adefdc022653f48bf60a39b8c566dd05eaf05ded | osx_atomic | |
urlhttps://www.virustotal.com/gui/ip-address/154.7.253.166/relations | osx_atomic | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/5fef578f8a6e787c3e2059c7e66f16076d9887e4 | lummac2 | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/c4d89e3d64416bc94e2322f7bb654a643550ae60 | apt_lazarus | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/5c5e9150a879bf48ab8d6e4e1cbc921224bb1d3b | apt_lazarus | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/34c42104085f7bdaa7383bbb77ffd77539f5af00 | indirat | |
urlhttps://x.com/Fact_Finder03/status/2059208168299733103 | indirat | |
urlhttps://www.virustotal.com/gui/file/2874868daf6660876cec6a903d2bbb9b437d8d2ff173d8bc39e6f18a016ed838/detection | indirat | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/4eb3201a66ccc727a7d4a68fa125dde0faf65ab6 | magentocore | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/1ffff12f999254e327664dca5ebd6e28241981be | magentocore |
Domain
| Value | Description | Copy |
|---|---|---|
domainexactupdate.com | osx_atomic | |
domaininvokeupdate.com | osx_atomic | |
domainmothechurh.com | osx_atomic | |
domainfrozetk.cyou | lummac2 | |
domainvaultchainblockpulse.com | apt_lazarus | |
domainanalityc-cdn.org | magentocore | |
domainsocket-analytics.net | magentocore |
Ip
| Value | Description | Copy |
|---|---|---|
ip72.61.123.154 | apt_lazarus | |
ip82.39.86.48 | indirat |
Threat ID: 6a158834891d628fdc242258
Added to database: 5/26/2026, 11:47:00 AM
Last enriched: 5/26/2026, 12:02:08 PM
Last updated: 5/26/2026, 7:56:52 PM
Views: 11
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.