Reconnecting to live updates…
Maltrail IOC for 2026-05-28
Severity: mediumType: malware
Maltrail IOC for 2026-05-28
AI Analysis
Technical Summary
The report details a malware-related IOC identified by Maltrail on 2026-05-28, sourced from CIRCL OSINT. It highlights observed network activity linked to potential malicious behavior but lacks detailed technical indicators or affected software versions. No exploits or patches are noted, indicating this is an observational threat intelligence entry rather than a vulnerability with a direct remediation path.
Potential Impact
The impact is assessed as medium risk based on the source classification. Without specific exploit details or affected software, the direct operational impact is unclear. This IOC may assist defenders in detecting suspicious network activity but does not describe an active exploit or vulnerability.
Mitigation Recommendations
No patch or official remediation is available for this IOC. Security teams should incorporate this IOC into their detection and monitoring tools as appropriate. Since this is an observational intelligence feed entry, no urgent remediation actions are indicated.
Indicators of Compromise
- url: https://api.github.com/repos/stamparm/maltrail/commits/aac56e72066aaad298d6778e3ca67fd7fe668b0e
- domain: 0twjc657tu.v6.navy
- domain: 6hnz.t6n0tgju441.v6.navy
- domain: bndj4daps7.v6.navy
- domain: closecont.casacam.net
- domain: dbxtbfvj2t.dns.navy
- domain: gr1jt7j8j0s.dns.navy
- domain: ipsnver.jumpingcrab.com
- domain: nid-naversoc.servemp3.com
- domain: nid-token.bumbleshrimp.com
- domain: nid.6hnz.t6n0tgju441.v6.navy
- domain: t6n0tgju441.v6.navy
- domain: wos-nver.abrdns.com
- url: https://api.github.com/repos/stamparm/maltrail/commits/1e2f38f858952f2355a9379e823440d9bbe2e150
- domain: ai-scanclaw.org
- domain: opnclawx.pro
- domain: pump-streaming.live
- domain: pumpfunlivestream.fun
- domain: rugspulls-pump.fun
- domain: sray-tkn.live
- domain: tradesback-pump.fun
- url: https://api.github.com/repos/stamparm/maltrail/commits/3015d9276a01f8f858fa53a235726a4987a10001
- domain: bushesbone.xyz
- url: https://api.github.com/repos/stamparm/maltrail/commits/d8e45ee7609376da86adeeb10830785fd7d8fea2
- domain: vinted-login.de
- url: https://api.github.com/repos/stamparm/maltrail/commits/89f0f47f45651986c6c45b86e8ad645676dc817e
- domain: uoqwf.com
- domain: jellywax.xyz
- url: https://api.github.com/repos/stamparm/maltrail/commits/3879ec39c57ff85f772943e5edc48fc8549c5ab9
- ip: 185.254.99.243
- url: https://api.github.com/repos/stamparm/maltrail/commits/c6447cd15e4c1949a57301ec95406ed6a71d8bcd
- url: https://x.com/masaomi346/status/2059891873897230469
- url: https://www.virustotal.com/gui/file/be2f367e4e2d20e52125562a6b888f164509d8e9d22eb7503c3544b1bff6905d/detection
- domain: deybc.xyz
- domain: fewwq.xyz
- domain: swwxq.xyz
- domain: aswdfgr.fewwq.xyz
- domain: fdserr.deybc.xyz
- domain: rb.zxhtp.xyz
- url: https://api.github.com/repos/stamparm/maltrail/commits/9ee1cc2470660aa5d724ebe9d56aa5e3c52dc1fd
- url: https://x.com/Fact_Finder03/status/2059900480319561918
- ip: 146.19.213.198
- url: https://api.github.com/repos/stamparm/maltrail/commits/645a255650f660d262eb277cec2477fb5c007e30
- url: https://x.com/Fact_Finder03/status/2059895698674573720
- ip: 213.91.211.200
- url: https://api.github.com/repos/stamparm/maltrail/commits/70c1512697d57b4177fc8e0907e101336e96a668
- domain: 2brpj4v0n4f.dns.navy
- domain: 3r5ab8.7bh35m2hwx9.dns.army
- domain: 3smb1kpyd2.v6.rocks
- domain: 6tfdyi2c8x.v6.navy
- domain: 6unv9e8nulu.v6.navy
- domain: 77ilircskf.dns.navy
- domain: 7bh35m2hwx9.dns.army
- domain: 9a3jpx.3smb1kpyd2.v6.rocks
- domain: a6rvf4ib57.v6.navy
- domain: asdf.3r5ab8.7bh35m2hwx9.dns.army
- domain: d8hr0a.nyg5bs4d6k.dns.navy
- domain: dkcbes0zyl.dynv6.net
- domain: e96b10oymz.v6.navy
- domain: finory.giize.com
- domain: fjyl3b6c83.v6.navy
- domain: gg8efhpx2o.v6.army
- domain: gha84kbfex6.dns.navy
- domain: ia0xaabpip7.v6.navy
- domain: ipscode.dns.army
- domain: j7uv8yww6la.dns.navy
- domain: k6i55ovcoy3.dns.navy
- domain: loadmis.abrdns.com
- domain: mois.cloud-ip.cc
- domain: most-works.freeddns.org
- domain: mt115ng6nd.dynv6.net
- domain: ndoc.nnclod.ezgateway.net
- domain: nidsupport.dns.army
- domain: nms.loadmis.abrdns.com
- domain: nnclod.ezgateway.net
- domain: nnverlog.ezgateway.net
- domain: npayvoice.bumbleshrimp.com
- domain: npsdoc.dns.navy
- domain: nsupport.ipse.ro
- domain: nts-team.accesscam.org
- domain: ntsogeu.yyuyy.com
- domain: ntt-suggest.most-works.freeddns.org
- domain: ntt-suggest.oijoho.1cooldns.com
- domain: ntvcorp-ins2th.dns.army
- domain: ntvcorp-ins61th.dns.army
- domain: nuser.flashhub.net
- domain: nxsign.nuser.flashhub.net
- domain: nyg5bs4d6k.dns.navy
- domain: oijoho.1cooldns.com
- domain: paperdoc.nnverlog.ezgateway.net
- domain: payment-doc.whois.cloud-ip.cc
- domain: polic-go-kr.9a3jpx.3smb1kpyd2.v6.rocks
- domain: service-nid.d8hr0a.nyg5bs4d6k.dns.navy
- domain: tat0donzfr.dynv6.net
- domain: uy0hb4hpg3.dns.navy
- domain: whois.cloud-ip.cc
- domain: xu8c4wc8q3.dns.army
- url: https://api.github.com/repos/stamparm/maltrail/commits/96c243c43f05097afc4d059a11252443cce7b8b8
- url: https://x.com/Fact_Finder03/status/2059878006529941583
- url: https://x.com/Fact_Finder03/status/2059892930677281022
- ip: 144.172.98.102
- ip: 194.87.24.4
- url: https://api.github.com/repos/stamparm/maltrail/commits/7c8d3cb2b8b56e9e56dadcbcc01007bba6b153ab
- domain: razefti.cyou
- domain: weekfoc.cyou
- url: https://api.github.com/repos/stamparm/maltrail/commits/3427f6b6c204cee52875d69907778f3c8b057d3e
- domain: cashbackpumps.fun
- domain: login-pumps.fun
- domain: opnclawx.club
- domain: opnclawx.fun
- domain: opnclawx.live
- domain: pumplan.fun
- domain: sray-tkn.club
- domain: sray-tkn.fun
- domain: sray-tkn.pro
- domain: traderback-pump.fun
- url: https://api.github.com/repos/stamparm/maltrail/commits/1fa5812ed27ed693596b345dd5f035b45cc7100c
- domain: cdn.eyhae.icu
- domain: cdn.oiajmee.icu
- domain: gaheha.icu
- domain: iunme.icu
- url: https://api.github.com/repos/stamparm/maltrail/commits/bb85d5484a6d7743d0b7a674e9141fda2496764c
- domain: ledon.pics
- domain: zendlock.shop
- url: https://api.github.com/repos/stamparm/maltrail/commits/7b9e804edebef6aa86f42a15c75d613994108370
- domain: atlpropertymanagers.com
- domain: austinbariatrics.com
- domain: huttonagency.com
- domain: luminousfinancialgroup.com
- domain: newmexicomartialarts.com
- domain: nxvmss.com
- domain: nxvmss.org
- url: https://api.github.com/repos/stamparm/maltrail/commits/56d62e47d43a14c28be31209e1eeca9db55176c0
- domain: bruneau.lol
- url: https://api.github.com/repos/stamparm/maltrail/commits/77e92585db9c0279b4d2fb09c89dbec60952541d
- domain: aeecikhnhcigjcb.top
- domain: anjigggnlmbabdh.top
- domain: asdgt632.top
- domain: asfna7y21.top
- domain: ausbzty1.top
- domain: bas621s1.top
- domain: basy6vy29.top
- domain: basydtda2.top
- domain: bbggendnefaclee.top
- domain: bhbafcenajiigdm.top
- domain: cabahjhnjkblncg.top
- domain: cjmmcjbnhbhkcfk.top
- domain: ddeebgaalmaeifb.top
- domain: dihggggnmgifedm.top
- domain: dmjkacnaaigmngh.top
- domain: dsybba12jf.top
- domain: egbcmnlaeengegm.top
- domain: faghljkahbfnjhe.top
- domain: fda233yvs22.top
- domain: fimnkgiallmhbhk.top
- domain: fmlbeeegnenidii.top
- domain: gainblbgglmkajf.top
- domain: ggchdbcgcbgcjia.top
- domain: hdflnemgnellkkd.top
- domain: hiafaiagjhfdfkl.top
- domain: illdlblgcaefcli.top
- domain: jfcjkljggklnhla.top
- domain: jnibjiigjgdhmmf.top
- domain: keldahngkbliikc.top
- domain: kinhheghndkbdml.top
- domain: lcfngbfhcndjjnd.top
- domain: lklffldhfjjcaai.top
- domain: mchekdknbjjfnbe.top
- url: https://api.github.com/repos/stamparm/maltrail/commits/7bb636ff6f8f5c5f887dd7bbffbc12f781b1ad85
- url: https://x.com/bsforvt727/status/2059702037970092285
- url: https://www.virustotal.com/gui/file/9dd0cca5d0ccc541e98e94c477ded35800fc36ea4e4e2fa70e00a4fb5eec9b4a/detection
- domain: minneapolisseor.com
- url: https://api.github.com/repos/stamparm/maltrail/commits/07ecc012b63b41aef451e83f57621c52b0b5cc7b
- domain: 12uddfpfbm0g8vj2kc88icm.live
- domain: 2f58r4o2w4uaki0oy9buvrbr1u1.live
- domain: 2x9bivbkv2luxiri9wpg0gj.live
- domain: 39f9o5uy4t062hy6qp0qrl6camy.live
- domain: 5h7237b08pl35i0ow.live
- domain: 8gjdpmt6f9p5137ry.live
- domain: 8vfxjji3wytyuo62zkiuzug.live
- domain: a21l2twoei81gcuqxswylxv.live
- domain: bdrzdkmhptog63b4rgl1oid.live
- domain: bsqdsgv6gy4s1f8r1h2t2tt.live
- domain: c29t1jqg9qfc16yycas6eq0jyhz.live
- domain: c92h6lox3ca5sululsc8xj3droa.live
- domain: cjra7dxleijv92qj9x20d4ajxy0.live
- domain: d1dammmq952j5yda04ysp1xh38o.live
- domain: dth8fichtiwkpzsrpd0u5af.live
- domain: h278qr0fdkoxrxgbzymfxm3h8l0.live
- domain: hsom19cebbst5xjpv393j6r.live
- domain: irzw9u6620zo75i9xt6fm37.live
- domain: ktz1p5oguotdgazvqu7819gq27t.live
- domain: lw8pa3e19imz9g3j0f77j1yoygl.live
- domain: m7dhmwrggg3045bg0d0zuw55ybx.live
- domain: mjjwci7p5dtqvs0y4yk730e.live
- domain: mp41a2r2r0po47isu2jjdeud8l2.live
- domain: myfgxrmjlkex9awhh.live
- domain: o3hbi2gjue5bkwvdb2alpdw9s1w.live
- domain: oy22gp4f128y3xxzhhwm109lim6.live
- domain: p3uys7hj55yb8lp3cwo4699.live
- domain: sfefqd202672kzmr95o5iqicr9s.live
- domain: wlzfw14yc98dv1ctxayww9yix2b.live
- domain: xca4rd1c6oufmf62r.live
- domain: xtpygc5amfbcjowdo.live
- domain: ygblr7tba45ssezkglljvb0.live
- domain: zkatlu6jqojaxdtqsdr84ft.live
- url: https://api.github.com/repos/stamparm/maltrail/commits/e7e918b07952caf2e4a88847c881d96ca24e6eb7
- url: https://x.com/masaomi346/status/2059151415822729651
- domain: pinescope11.com
- url: https://api.github.com/repos/stamparm/maltrail/commits/f5b5904ea485814f08eb33a51a63286487f908ca
- url: https://x.com/masaomi346/status/2059406031470604519
- url: https://www.virustotal.com/gui/file/5c80dcde0f7e0507a6ecccd462170a3da80a1c9c61f0a6e39f20e7d866467755/detection
- ip: 38.47.227.212
- domain: 8o1vlv0s7bv7gmx74cb9i3c1edp.live
- url: https://api.github.com/repos/stamparm/maltrail/commits/afefdc0599b43e08428053fa6ffe4e000027119d
- domain: aogradar.com
- domain: pesagram.com
- domain: meckdichjgckfaa.top
- domain: mmicceahmciekbf.top
- domain: napox8cyz3.top
- domain: nasytz621a.top
- domain: nkmkjnjnegcneck.top
- domain: nyta3g41.top
- domain: saduvhnb562.top
- domain: shbayv623.top
- domain: snau381.top
- domain: uasdhvuzi3.top
- url: https://api.github.com/repos/stamparm/maltrail/commits/a6c0eb8256e9f24e78ec1f25979342e186a16d18
- domain: 39.vote-list.live
- domain: 3v.list-tools.top
- domain: 3v.tools-list.top
- domain: 3x.vote-tools.top
- domain: 6g.list-tools.live
- domain: allpcdownload.run
- domain: analyzr.fun
- domain: applicationnew.click
- domain: applicationwin.xyz
- domain: applicationwindows.xyz
- domain: apploadwindows.xyz
- domain: downloadapplication.xyz
- domain: downloadbox.click
- domain: downloaddawin.xyz
- domain: downloadforpro.run
- domain: downloadfree.run
- domain: downloadinpc.info
- domain: downloadmega.run
- domain: downloadpc.info
- domain: downloadtopwin.info
- domain: downloadwin.info
- domain: downloadwindows.info
- domain: downloadwindows.run
- domain: glitchmaw.click
- domain: glowwindows.xyz
- domain: hh.apploadwindows.xyz
- domain: iinkeedien.com
- domain: im.androidapkhouse.com
- domain: installhelper.sbs
- domain: leenkdiin.com
- domain: leenkideen.com
- domain: linkidiin.com
- domain: linkjden.click
- domain: newdownoald.xyz
- domain: openclawsai.top
- domain: pcdownloadwin.xyz
- domain: picturelatona.info
- domain: privnnote.com
- domain: runwindowsapp.click
- domain: safepalcard.cc
- domain: scaledownload.click
- domain: ultradownload.run
- domain: ultradownloadfast.info
- domain: ultradownloadfast.run
- domain: w3trust.app
- domain: windowsdownload.info
- domain: winprodownload.info
- url: https://api.github.com/repos/stamparm/maltrail/commits/51a2de4fa62e9f2a4666236db6d957db2dc334fc
- domain: 6g.tools-list.live
- domain: 6i.vote-tools.live
- domain: androidapkhouse.com
- domain: androidappdownloads.com
- domain: applicationeasy.xyz
- domain: clearviewdownload.com
- domain: cq.streamoaccess.com
- domain: downloadbest.run
- domain: downloadfile.run
- domain: downloadforwindows.xyz
- domain: downloadfree.info
- domain: downloadinpc.run
- domain: downloadme.run
- domain: downloadpc.run
- domain: downloadspeed.run
- domain: downloadwin.run
- domain: eazydownload.icu
- domain: fastdownloadpc.click
- domain: fastdownloadwin.info
- domain: genoptimus-order.info
- domain: joinapplication.click
- domain: le.windowsstoreapp.xyz
- domain: linckidin.com
- domain: linkdeen.com
- domain: linkeydeen.com
- domain: linkodyn.click
- domain: list-tools.live
- domain: list-tools.top
- domain: lo.nowapplication.click
- domain: moonsnot-tool.life
- domain: moonsnot-tool.pro
- domain: newappdownload.xyz
- domain: newdownloadwindows.info
- domain: newwindowspc.click
- domain: nowapplication.click
- domain: o.vote-list.top
- domain: on.clearviewdownload.com
- domain: optimusgen-humanoid.one
- domain: pcdownload.click
- domain: portalwindows.xyz
- domain: storeapplication.click
- domain: tools-list.live
- domain: tools-list.top
- domain: ui.androidappdownloads.com
- domain: vote-list.live
- domain: vote-list.top
- domain: vote-tools.live
- domain: vote-tools.top
- domain: windowsdownload.run
- domain: windowsstoreapp.xyz
- url: https://api.github.com/repos/stamparm/maltrail/commits/3762bc7070b4a30e5d909b687326816a6b31c5c4
- domain: aktivnedni.digital
- domain: analyzr.live
- domain: analyzr.top
- domain: buducnostvnass.digital
- domain: celyobraz.digital
- domain: cestadnes.digital
- domain: cestapokoja.digital
- domain: cistaenergia.digital
- domain: cistamysel.digital
- domain: cistesrdce.digital
- domain: cistyzivot.digital
- domain: devwatch.fun
- domain: devwatch.live
- domain: devwatch.pro
- domain: devwatch.top
- domain: dobravolba.digital
- domain: dobryzaklad.digital
- domain: domacarada.digital
- domain: domaceznalosti.digital
- domain: dropscan.top
- domain: e-leadlens-studio.world
- domain: e-the-byloft.world
- domain: jasnadoba.digital
- domain: jasnyciels.digital
- domain: jasnyzivot.digital
- domain: kludnyzivot.digital
- domain: krasnydomov.digital
- domain: mudrarada.digital
- domain: mudryzivot.digital
- domain: nasapriroda.digital
- domain: naspokoj.digital
- domain: naspribeh.digital
- domain: nassvets.digital
- domain: novastranka.digital
- domain: odkazdnes.digital
- domain: pevnaviera.digital
- domain: pevnybod.digital
- domain: pevnymost.digital
- domain: pevnypostoj.digital
- domain: pravysmer.digital
- domain: privnoute.com
- domain: rodinnekorene.digital
- domain: rodinnykruh.digital
- domain: skusenostiplus.digital
- domain: skutocnahodnota.digital
- domain: spolocnacesta.digital
- domain: striebornacesta.digital
- domain: svetlybod.digital
- domain: svetpoznania.digital
- domain: tradiciadnes.digital
- domain: zivakultura.digital
- domain: zivavoda.digital
- domain: zivotnaskusenost.digital
- domain: zivotnavyzva.digital
- domain: zivotnehodnoty.digital
- domain: zivotnekroky.digital
- domain: zivotnybalans.digital
- domain: zivotnykruhs.digital
- domain: zlatabrana.digital
- domain: zlatecasy.digital
- url: https://api.github.com/repos/stamparm/maltrail/commits/9278935a8ebec28dbc723924a242cd02e3104a92
- domain: iscanx.pro
- domain: solray.fun
- domain: solray.top
- domain: xscaner.vip
- url: https://api.github.com/repos/stamparm/maltrail/commits/5dafe6e191ac36c574f15bf12d712014ca5b6ef5
- domain: 0jijrwbzxzzxz04.xyz
- domain: 1klr14xvlodpt18.xyz
- domain: 2v67nmviky2aczb.xyz
- domain: 4guaf1vxjrtnmfs.xyz
- domain: 4spjohmlk2cbc55.xyz
- domain: fdknt8mcjkn9igh.xyz
- domain: kyramoore.xyz
- domain: rdbrlyim38rbi76.xyz
- domain: vfbw5h0ev2wszvo.xyz
- domain: wihrcsdmq9jpp7x.xyz
Maltrail IOC for 2026-05-28
0
MediumMalwaretlp:clearmalwaremisp:threat-level="medium-risk"misp:event-type="observation"misp:automation-level="unsupervised"type:osintosint:lifetime="perpetual"osint:source-type="manual-collection"
Published: Wed May 27 2026 (05/27/2026, 00:00:00 UTC)
Source: CIRCL OSINT Feed
Description
Maltrail IOC for 2026-05-28
AI-Powered Analysis
Machine-generated threat intelligence
AILast updated: 05/28/2026, 15:03:25 UTC
Technical Analysis
The report details a malware-related IOC identified by Maltrail on 2026-05-28, sourced from CIRCL OSINT. It highlights observed network activity linked to potential malicious behavior but lacks detailed technical indicators or affected software versions. No exploits or patches are noted, indicating this is an observational threat intelligence entry rather than a vulnerability with a direct remediation path.
Potential Impact
The impact is assessed as medium risk based on the source classification. Without specific exploit details or affected software, the direct operational impact is unclear. This IOC may assist defenders in detecting suspicious network activity but does not describe an active exploit or vulnerability.
Mitigation Recommendations
No patch or official remediation is available for this IOC. Security teams should incorporate this IOC into their detection and monitoring tools as appropriate. Since this is an observational intelligence feed entry, no urgent remediation actions are indicated.
Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro
Technical Details
- Uuid
- 92b12a00-26ca-4092-a480-fece3ad6f9d5
- Original Timestamp
- 1779969606
Indicators of Compromise
Url
| Value | Description | Copy |
|---|---|---|
urlhttps://api.github.com/repos/stamparm/maltrail/commits/aac56e72066aaad298d6778e3ca67fd7fe668b0e | apt_kimsuky | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/1e2f38f858952f2355a9379e823440d9bbe2e150 | osx_nova | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/3015d9276a01f8f858fa53a235726a4987a10001 | offloader | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/d8e45ee7609376da86adeeb10830785fd7d8fea2 | osx_atomic | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/89f0f47f45651986c6c45b86e8ad645676dc817e | osx_atomic | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/3879ec39c57ff85f772943e5edc48fc8549c5ab9 | nexus | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/c6447cd15e4c1949a57301ec95406ed6a71d8bcd | android_roamingmantis | |
urlhttps://x.com/masaomi346/status/2059891873897230469 | android_roamingmantis | |
urlhttps://www.virustotal.com/gui/file/be2f367e4e2d20e52125562a6b888f164509d8e9d22eb7503c3544b1bff6905d/detection | android_roamingmantis | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/9ee1cc2470660aa5d724ebe9d56aa5e3c52dc1fd | c2_panel | |
urlhttps://x.com/Fact_Finder03/status/2059900480319561918 | c2_panel | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/645a255650f660d262eb277cec2477fb5c007e30 | hermes_c2 | |
urlhttps://x.com/Fact_Finder03/status/2059895698674573720 | hermes_c2 | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/70c1512697d57b4177fc8e0907e101336e96a668 | apt_kimsuky | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/96c243c43f05097afc4d059a11252443cce7b8b8 | c2_panel | |
urlhttps://x.com/Fact_Finder03/status/2059878006529941583 | c2_panel | |
urlhttps://x.com/Fact_Finder03/status/2059892930677281022 | c2_panel | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/7c8d3cb2b8b56e9e56dadcbcc01007bba6b153ab | lummac2 | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/3427f6b6c204cee52875d69907778f3c8b057d3e | osx_nova | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/1fa5812ed27ed693596b345dd5f035b45cc7100c | android_fvncbot | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/bb85d5484a6d7743d0b7a674e9141fda2496764c | magentocore | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/7b9e804edebef6aa86f42a15c75d613994108370 | apt_unc2465 | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/56d62e47d43a14c28be31209e1eeca9db55176c0 | ek_landupdate808 | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/77e92585db9c0279b4d2fb09c89dbec60952541d | mintsloader | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/7bb636ff6f8f5c5f887dd7bbffbc12f781b1ad85 | vidar | |
urlhttps://x.com/bsforvt727/status/2059702037970092285 | vidar | |
urlhttps://www.virustotal.com/gui/file/9dd0cca5d0ccc541e98e94c477ded35800fc36ea4e4e2fa70e00a4fb5eec9b4a/detection | vidar | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/07ecc012b63b41aef451e83f57621c52b0b5cc7b | fakeapp | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/e7e918b07952caf2e4a88847c881d96ca24e6eb7 | osx_atomic | |
urlhttps://x.com/masaomi346/status/2059151415822729651 | osx_atomic | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/f5b5904ea485814f08eb33a51a63286487f908ca | fakeapp | |
urlhttps://x.com/masaomi346/status/2059406031470604519 | fakeapp | |
urlhttps://www.virustotal.com/gui/file/5c80dcde0f7e0507a6ecccd462170a3da80a1c9c61f0a6e39f20e7d866467755/detection | fakeapp | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/afefdc0599b43e08428053fa6ffe4e000027119d | osx_nova | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/a6c0eb8256e9f24e78ec1f25979342e186a16d18 | osx_nova | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/51a2de4fa62e9f2a4666236db6d957db2dc334fc | osx_nova | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/3762bc7070b4a30e5d909b687326816a6b31c5c4 | osx_nova | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/9278935a8ebec28dbc723924a242cd02e3104a92 | osx_nova | |
urlhttps://api.github.com/repos/stamparm/maltrail/commits/5dafe6e191ac36c574f15bf12d712014ca5b6ef5 | apt_unc6691 |
Domain
| Value | Description | Copy |
|---|---|---|
domain0twjc657tu.v6.navy | apt_kimsuky | |
domain6hnz.t6n0tgju441.v6.navy | apt_kimsuky | |
domainbndj4daps7.v6.navy | apt_kimsuky | |
domainclosecont.casacam.net | apt_kimsuky | |
domaindbxtbfvj2t.dns.navy | apt_kimsuky | |
domaingr1jt7j8j0s.dns.navy | apt_kimsuky | |
domainipsnver.jumpingcrab.com | apt_kimsuky | |
domainnid-naversoc.servemp3.com | apt_kimsuky | |
domainnid-token.bumbleshrimp.com | apt_kimsuky | |
domainnid.6hnz.t6n0tgju441.v6.navy | apt_kimsuky | |
domaint6n0tgju441.v6.navy | apt_kimsuky | |
domainwos-nver.abrdns.com | apt_kimsuky | |
domainai-scanclaw.org | osx_nova | |
domainopnclawx.pro | osx_nova | |
domainpump-streaming.live | osx_nova | |
domainpumpfunlivestream.fun | osx_nova | |
domainrugspulls-pump.fun | osx_nova | |
domainsray-tkn.live | osx_nova | |
domaintradesback-pump.fun | osx_nova | |
domainbushesbone.xyz | offloader | |
domainvinted-login.de | osx_atomic | |
domainuoqwf.com | osx_atomic | |
domainjellywax.xyz | osx_atomic | |
domaindeybc.xyz | android_roamingmantis | |
domainfewwq.xyz | android_roamingmantis | |
domainswwxq.xyz | android_roamingmantis | |
domainaswdfgr.fewwq.xyz | android_roamingmantis | |
domainfdserr.deybc.xyz | android_roamingmantis | |
domainrb.zxhtp.xyz | android_roamingmantis | |
domain2brpj4v0n4f.dns.navy | apt_kimsuky | |
domain3r5ab8.7bh35m2hwx9.dns.army | apt_kimsuky | |
domain3smb1kpyd2.v6.rocks | apt_kimsuky | |
domain6tfdyi2c8x.v6.navy | apt_kimsuky | |
domain6unv9e8nulu.v6.navy | apt_kimsuky | |
domain77ilircskf.dns.navy | apt_kimsuky | |
domain7bh35m2hwx9.dns.army | apt_kimsuky | |
domain9a3jpx.3smb1kpyd2.v6.rocks | apt_kimsuky | |
domaina6rvf4ib57.v6.navy | apt_kimsuky | |
domainasdf.3r5ab8.7bh35m2hwx9.dns.army | apt_kimsuky | |
domaind8hr0a.nyg5bs4d6k.dns.navy | apt_kimsuky | |
domaindkcbes0zyl.dynv6.net | apt_kimsuky | |
domaine96b10oymz.v6.navy | apt_kimsuky | |
domainfinory.giize.com | apt_kimsuky | |
domainfjyl3b6c83.v6.navy | apt_kimsuky | |
domaingg8efhpx2o.v6.army | apt_kimsuky | |
domaingha84kbfex6.dns.navy | apt_kimsuky | |
domainia0xaabpip7.v6.navy | apt_kimsuky | |
domainipscode.dns.army | apt_kimsuky | |
domainj7uv8yww6la.dns.navy | apt_kimsuky | |
domaink6i55ovcoy3.dns.navy | apt_kimsuky | |
domainloadmis.abrdns.com | apt_kimsuky | |
domainmois.cloud-ip.cc | apt_kimsuky | |
domainmost-works.freeddns.org | apt_kimsuky | |
domainmt115ng6nd.dynv6.net | apt_kimsuky | |
domainndoc.nnclod.ezgateway.net | apt_kimsuky | |
domainnidsupport.dns.army | apt_kimsuky | |
domainnms.loadmis.abrdns.com | apt_kimsuky | |
domainnnclod.ezgateway.net | apt_kimsuky | |
domainnnverlog.ezgateway.net | apt_kimsuky | |
domainnpayvoice.bumbleshrimp.com | apt_kimsuky | |
domainnpsdoc.dns.navy | apt_kimsuky | |
domainnsupport.ipse.ro | apt_kimsuky | |
domainnts-team.accesscam.org | apt_kimsuky | |
domainntsogeu.yyuyy.com | apt_kimsuky | |
domainntt-suggest.most-works.freeddns.org | apt_kimsuky | |
domainntt-suggest.oijoho.1cooldns.com | apt_kimsuky | |
domainntvcorp-ins2th.dns.army | apt_kimsuky | |
domainntvcorp-ins61th.dns.army | apt_kimsuky | |
domainnuser.flashhub.net | apt_kimsuky | |
domainnxsign.nuser.flashhub.net | apt_kimsuky | |
domainnyg5bs4d6k.dns.navy | apt_kimsuky | |
domainoijoho.1cooldns.com | apt_kimsuky | |
domainpaperdoc.nnverlog.ezgateway.net | apt_kimsuky | |
domainpayment-doc.whois.cloud-ip.cc | apt_kimsuky | |
domainpolic-go-kr.9a3jpx.3smb1kpyd2.v6.rocks | apt_kimsuky | |
domainservice-nid.d8hr0a.nyg5bs4d6k.dns.navy | apt_kimsuky | |
domaintat0donzfr.dynv6.net | apt_kimsuky | |
domainuy0hb4hpg3.dns.navy | apt_kimsuky | |
domainwhois.cloud-ip.cc | apt_kimsuky | |
domainxu8c4wc8q3.dns.army | apt_kimsuky | |
domainrazefti.cyou | lummac2 | |
domainweekfoc.cyou | lummac2 | |
domaincashbackpumps.fun | osx_nova | |
domainlogin-pumps.fun | osx_nova | |
domainopnclawx.club | osx_nova | |
domainopnclawx.fun | osx_nova | |
domainopnclawx.live | osx_nova | |
domainpumplan.fun | osx_nova | |
domainsray-tkn.club | osx_nova | |
domainsray-tkn.fun | osx_nova | |
domainsray-tkn.pro | osx_nova | |
domaintraderback-pump.fun | osx_nova | |
domaincdn.eyhae.icu | android_fvncbot | |
domaincdn.oiajmee.icu | android_fvncbot | |
domaingaheha.icu | android_fvncbot | |
domainiunme.icu | android_fvncbot | |
domainledon.pics | magentocore | |
domainzendlock.shop | magentocore | |
domainatlpropertymanagers.com | apt_unc2465 | |
domainaustinbariatrics.com | apt_unc2465 | |
domainhuttonagency.com | apt_unc2465 | |
domainluminousfinancialgroup.com | apt_unc2465 | |
domainnewmexicomartialarts.com | apt_unc2465 | |
domainnxvmss.com | apt_unc2465 | |
domainnxvmss.org | apt_unc2465 | |
domainbruneau.lol | ek_landupdate808 | |
domainaeecikhnhcigjcb.top | mintsloader | |
domainanjigggnlmbabdh.top | mintsloader | |
domainasdgt632.top | mintsloader | |
domainasfna7y21.top | mintsloader | |
domainausbzty1.top | mintsloader | |
domainbas621s1.top | mintsloader | |
domainbasy6vy29.top | mintsloader | |
domainbasydtda2.top | mintsloader | |
domainbbggendnefaclee.top | mintsloader | |
domainbhbafcenajiigdm.top | mintsloader | |
domaincabahjhnjkblncg.top | mintsloader | |
domaincjmmcjbnhbhkcfk.top | mintsloader | |
domainddeebgaalmaeifb.top | mintsloader | |
domaindihggggnmgifedm.top | mintsloader | |
domaindmjkacnaaigmngh.top | mintsloader | |
domaindsybba12jf.top | mintsloader | |
domainegbcmnlaeengegm.top | mintsloader | |
domainfaghljkahbfnjhe.top | mintsloader | |
domainfda233yvs22.top | mintsloader | |
domainfimnkgiallmhbhk.top | mintsloader | |
domainfmlbeeegnenidii.top | mintsloader | |
domaingainblbgglmkajf.top | mintsloader | |
domainggchdbcgcbgcjia.top | mintsloader | |
domainhdflnemgnellkkd.top | mintsloader | |
domainhiafaiagjhfdfkl.top | mintsloader | |
domainilldlblgcaefcli.top | mintsloader | |
domainjfcjkljggklnhla.top | mintsloader | |
domainjnibjiigjgdhmmf.top | mintsloader | |
domainkeldahngkbliikc.top | mintsloader | |
domainkinhheghndkbdml.top | mintsloader | |
domainlcfngbfhcndjjnd.top | mintsloader | |
domainlklffldhfjjcaai.top | mintsloader | |
domainmchekdknbjjfnbe.top | mintsloader | |
domainminneapolisseor.com | vidar | |
domain12uddfpfbm0g8vj2kc88icm.live | fakeapp | |
domain2f58r4o2w4uaki0oy9buvrbr1u1.live | fakeapp | |
domain2x9bivbkv2luxiri9wpg0gj.live | fakeapp | |
domain39f9o5uy4t062hy6qp0qrl6camy.live | fakeapp | |
domain5h7237b08pl35i0ow.live | fakeapp | |
domain8gjdpmt6f9p5137ry.live | fakeapp | |
domain8vfxjji3wytyuo62zkiuzug.live | fakeapp | |
domaina21l2twoei81gcuqxswylxv.live | fakeapp | |
domainbdrzdkmhptog63b4rgl1oid.live | fakeapp | |
domainbsqdsgv6gy4s1f8r1h2t2tt.live | fakeapp | |
domainc29t1jqg9qfc16yycas6eq0jyhz.live | fakeapp | |
domainc92h6lox3ca5sululsc8xj3droa.live | fakeapp | |
domaincjra7dxleijv92qj9x20d4ajxy0.live | fakeapp | |
domaind1dammmq952j5yda04ysp1xh38o.live | fakeapp | |
domaindth8fichtiwkpzsrpd0u5af.live | fakeapp | |
domainh278qr0fdkoxrxgbzymfxm3h8l0.live | fakeapp | |
domainhsom19cebbst5xjpv393j6r.live | fakeapp | |
domainirzw9u6620zo75i9xt6fm37.live | fakeapp | |
domainktz1p5oguotdgazvqu7819gq27t.live | fakeapp | |
domainlw8pa3e19imz9g3j0f77j1yoygl.live | fakeapp | |
domainm7dhmwrggg3045bg0d0zuw55ybx.live | fakeapp | |
domainmjjwci7p5dtqvs0y4yk730e.live | fakeapp | |
domainmp41a2r2r0po47isu2jjdeud8l2.live | fakeapp | |
domainmyfgxrmjlkex9awhh.live | fakeapp | |
domaino3hbi2gjue5bkwvdb2alpdw9s1w.live | fakeapp | |
domainoy22gp4f128y3xxzhhwm109lim6.live | fakeapp | |
domainp3uys7hj55yb8lp3cwo4699.live | fakeapp | |
domainsfefqd202672kzmr95o5iqicr9s.live | fakeapp | |
domainwlzfw14yc98dv1ctxayww9yix2b.live | fakeapp | |
domainxca4rd1c6oufmf62r.live | fakeapp | |
domainxtpygc5amfbcjowdo.live | fakeapp | |
domainygblr7tba45ssezkglljvb0.live | fakeapp | |
domainzkatlu6jqojaxdtqsdr84ft.live | fakeapp | |
domainpinescope11.com | osx_atomic | |
domain8o1vlv0s7bv7gmx74cb9i3c1edp.live | fakeapp | |
domainaogradar.com | osx_nova | |
domainpesagram.com | osx_nova | |
domainmeckdichjgckfaa.top | mintsloader | |
domainmmicceahmciekbf.top | mintsloader | |
domainnapox8cyz3.top | mintsloader | |
domainnasytz621a.top | mintsloader | |
domainnkmkjnjnegcneck.top | mintsloader | |
domainnyta3g41.top | mintsloader | |
domainsaduvhnb562.top | mintsloader | |
domainshbayv623.top | mintsloader | |
domainsnau381.top | mintsloader | |
domainuasdhvuzi3.top | mintsloader | |
domain39.vote-list.live | osx_nova | |
domain3v.list-tools.top | osx_nova | |
domain3v.tools-list.top | osx_nova | |
domain3x.vote-tools.top | osx_nova | |
domain6g.list-tools.live | osx_nova | |
domainallpcdownload.run | osx_nova | |
domainanalyzr.fun | osx_nova | |
domainapplicationnew.click | osx_nova | |
domainapplicationwin.xyz | osx_nova | |
domainapplicationwindows.xyz | osx_nova | |
domainapploadwindows.xyz | osx_nova | |
domaindownloadapplication.xyz | osx_nova | |
domaindownloadbox.click | osx_nova | |
domaindownloaddawin.xyz | osx_nova | |
domaindownloadforpro.run | osx_nova | |
domaindownloadfree.run | osx_nova | |
domaindownloadinpc.info | osx_nova | |
domaindownloadmega.run | osx_nova | |
domaindownloadpc.info | osx_nova | |
domaindownloadtopwin.info | osx_nova | |
domaindownloadwin.info | osx_nova | |
domaindownloadwindows.info | osx_nova | |
domaindownloadwindows.run | osx_nova | |
domainglitchmaw.click | osx_nova | |
domainglowwindows.xyz | osx_nova | |
domainhh.apploadwindows.xyz | osx_nova | |
domainiinkeedien.com | osx_nova | |
domainim.androidapkhouse.com | osx_nova | |
domaininstallhelper.sbs | osx_nova | |
domainleenkdiin.com | osx_nova | |
domainleenkideen.com | osx_nova | |
domainlinkidiin.com | osx_nova | |
domainlinkjden.click | osx_nova | |
domainnewdownoald.xyz | osx_nova | |
domainopenclawsai.top | osx_nova | |
domainpcdownloadwin.xyz | osx_nova | |
domainpicturelatona.info | osx_nova | |
domainprivnnote.com | osx_nova | |
domainrunwindowsapp.click | osx_nova | |
domainsafepalcard.cc | osx_nova | |
domainscaledownload.click | osx_nova | |
domainultradownload.run | osx_nova | |
domainultradownloadfast.info | osx_nova | |
domainultradownloadfast.run | osx_nova | |
domainw3trust.app | osx_nova | |
domainwindowsdownload.info | osx_nova | |
domainwinprodownload.info | osx_nova | |
domain6g.tools-list.live | osx_nova | |
domain6i.vote-tools.live | osx_nova | |
domainandroidapkhouse.com | osx_nova | |
domainandroidappdownloads.com | osx_nova | |
domainapplicationeasy.xyz | osx_nova | |
domainclearviewdownload.com | osx_nova | |
domaincq.streamoaccess.com | osx_nova | |
domaindownloadbest.run | osx_nova | |
domaindownloadfile.run | osx_nova | |
domaindownloadforwindows.xyz | osx_nova | |
domaindownloadfree.info | osx_nova | |
domaindownloadinpc.run | osx_nova | |
domaindownloadme.run | osx_nova | |
domaindownloadpc.run | osx_nova | |
domaindownloadspeed.run | osx_nova | |
domaindownloadwin.run | osx_nova | |
domaineazydownload.icu | osx_nova | |
domainfastdownloadpc.click | osx_nova | |
domainfastdownloadwin.info | osx_nova | |
domaingenoptimus-order.info | osx_nova | |
domainjoinapplication.click | osx_nova | |
domainle.windowsstoreapp.xyz | osx_nova | |
domainlinckidin.com | osx_nova | |
domainlinkdeen.com | osx_nova | |
domainlinkeydeen.com | osx_nova | |
domainlinkodyn.click | osx_nova | |
domainlist-tools.live | osx_nova | |
domainlist-tools.top | osx_nova | |
domainlo.nowapplication.click | osx_nova | |
domainmoonsnot-tool.life | osx_nova | |
domainmoonsnot-tool.pro | osx_nova | |
domainnewappdownload.xyz | osx_nova | |
domainnewdownloadwindows.info | osx_nova | |
domainnewwindowspc.click | osx_nova | |
domainnowapplication.click | osx_nova | |
domaino.vote-list.top | osx_nova | |
domainon.clearviewdownload.com | osx_nova | |
domainoptimusgen-humanoid.one | osx_nova | |
domainpcdownload.click | osx_nova | |
domainportalwindows.xyz | osx_nova | |
domainstoreapplication.click | osx_nova | |
domaintools-list.live | osx_nova | |
domaintools-list.top | osx_nova | |
domainui.androidappdownloads.com | osx_nova | |
domainvote-list.live | osx_nova | |
domainvote-list.top | osx_nova | |
domainvote-tools.live | osx_nova | |
domainvote-tools.top | osx_nova | |
domainwindowsdownload.run | osx_nova | |
domainwindowsstoreapp.xyz | osx_nova | |
domainaktivnedni.digital | osx_nova | |
domainanalyzr.live | osx_nova | |
domainanalyzr.top | osx_nova | |
domainbuducnostvnass.digital | osx_nova | |
domaincelyobraz.digital | osx_nova | |
domaincestadnes.digital | osx_nova | |
domaincestapokoja.digital | osx_nova | |
domaincistaenergia.digital | osx_nova | |
domaincistamysel.digital | osx_nova | |
domaincistesrdce.digital | osx_nova | |
domaincistyzivot.digital | osx_nova | |
domaindevwatch.fun | osx_nova | |
domaindevwatch.live | osx_nova | |
domaindevwatch.pro | osx_nova | |
domaindevwatch.top | osx_nova | |
domaindobravolba.digital | osx_nova | |
domaindobryzaklad.digital | osx_nova | |
domaindomacarada.digital | osx_nova | |
domaindomaceznalosti.digital | osx_nova | |
domaindropscan.top | osx_nova | |
domaine-leadlens-studio.world | osx_nova | |
domaine-the-byloft.world | osx_nova | |
domainjasnadoba.digital | osx_nova | |
domainjasnyciels.digital | osx_nova | |
domainjasnyzivot.digital | osx_nova | |
domainkludnyzivot.digital | osx_nova | |
domainkrasnydomov.digital | osx_nova | |
domainmudrarada.digital | osx_nova | |
domainmudryzivot.digital | osx_nova | |
domainnasapriroda.digital | osx_nova | |
domainnaspokoj.digital | osx_nova | |
domainnaspribeh.digital | osx_nova | |
domainnassvets.digital | osx_nova | |
domainnovastranka.digital | osx_nova | |
domainodkazdnes.digital | osx_nova | |
domainpevnaviera.digital | osx_nova | |
domainpevnybod.digital | osx_nova | |
domainpevnymost.digital | osx_nova | |
domainpevnypostoj.digital | osx_nova | |
domainpravysmer.digital | osx_nova | |
domainprivnoute.com | osx_nova | |
domainrodinnekorene.digital | osx_nova | |
domainrodinnykruh.digital | osx_nova | |
domainskusenostiplus.digital | osx_nova | |
domainskutocnahodnota.digital | osx_nova | |
domainspolocnacesta.digital | osx_nova | |
domainstriebornacesta.digital | osx_nova | |
domainsvetlybod.digital | osx_nova | |
domainsvetpoznania.digital | osx_nova | |
domaintradiciadnes.digital | osx_nova | |
domainzivakultura.digital | osx_nova | |
domainzivavoda.digital | osx_nova | |
domainzivotnaskusenost.digital | osx_nova | |
domainzivotnavyzva.digital | osx_nova | |
domainzivotnehodnoty.digital | osx_nova | |
domainzivotnekroky.digital | osx_nova | |
domainzivotnybalans.digital | osx_nova | |
domainzivotnykruhs.digital | osx_nova | |
domainzlatabrana.digital | osx_nova | |
domainzlatecasy.digital | osx_nova | |
domainiscanx.pro | osx_nova | |
domainsolray.fun | osx_nova | |
domainsolray.top | osx_nova | |
domainxscaner.vip | osx_nova | |
domain0jijrwbzxzzxz04.xyz | apt_unc6691 | |
domain1klr14xvlodpt18.xyz | apt_unc6691 | |
domain2v67nmviky2aczb.xyz | apt_unc6691 | |
domain4guaf1vxjrtnmfs.xyz | apt_unc6691 | |
domain4spjohmlk2cbc55.xyz | apt_unc6691 | |
domainfdknt8mcjkn9igh.xyz | apt_unc6691 | |
domainkyramoore.xyz | apt_unc6691 | |
domainrdbrlyim38rbi76.xyz | apt_unc6691 | |
domainvfbw5h0ev2wszvo.xyz | apt_unc6691 | |
domainwihrcsdmq9jpp7x.xyz | apt_unc6691 |
Ip
| Value | Description | Copy |
|---|---|---|
ip185.254.99.243 | nexus | |
ip146.19.213.198 | c2_panel | |
ip213.91.211.200 | hermes_c2 | |
ip144.172.98.102 | c2_panel | |
ip194.87.24.4 | c2_panel | |
ip38.47.227.212 | fakeapp |
Threat ID: 6a1855b5e29bf47b50f7d6b9
Added to database: 5/28/2026, 2:48:21 PM
Last enriched: 5/28/2026, 3:03:25 PM
Last updated: 5/29/2026, 6:52:18 PM
Views: 14
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Sort by
Loading community insights…
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
PRO
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Please log in to the Console to use AI analysis features.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Breach by OffSeqOFFSEQFRIENDS — 25% OFF
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
OffSeq TrainingCredly Certified
Lead Pen Test Professional
Technical5-day eLearningPECB Accredited