Reconnecting to live updates…

Maltrail IOC for 2026-06-07

Severity: mediumType: malware

AI Analysis

Technical Summary

The report details a malware-related IOC identified by Maltrail on 2026-06-07, collected via manual OSINT methods from the CIRCL feed. It lacks detailed technical indicators or affected software versions. No patches or fixes exist, and no active exploitation has been confirmed. The threat is categorized under network activity and external analysis, with a medium risk level assigned based on the source data.

Potential Impact

The impact is currently limited due to the absence of known exploits in the wild and lack of detailed indicators or affected software. The medium severity suggests potential risk if the IOC corresponds to malicious network activity, but no direct compromise or vulnerability exploitation is documented.

Mitigation Recommendations

No patch or official remediation is available for this IOC. Since it is an observation from OSINT without active exploitation, defenders should monitor for related network activity using Maltrail or similar detection tools. No urgent action is mandated by the vendor or source advisory.

Indicators of Compromise

url: https://api.github.com/repos/stamparm/maltrail/commits/0bf2998852b72b76d1de88ed5218b6c9fefa0d7d
domain: hdmo.help
url: https://api.github.com/repos/stamparm/maltrail/commits/03a954e271bbeb3da7a65b31d2bd59da18edc625
url: https://www.virustotal.com/gui/ip-address/45.225.135.54/detection
ip: 45.225.135.54
url: https://api.github.com/repos/stamparm/maltrail/commits/7d08ad0007639584c1f52d482f0626636d3956cd
url: https://api.github.com/repos/stamparm/maltrail/commits/720f2a039d29774a21dba4ffd5edc0bfc3f89891
ip: 23.95.162.94
url: https://api.github.com/repos/stamparm/maltrail/commits/05624c660d4b849944ca35e160d5fc2b0566ab3d
url: https://app.validin.com/detail?find=Bank%20iD%20%3D%20va%C5%A1e%20digit%C3%A1ln%C3%AD%20ob%C4%8Danka&type=raw&ref_id=a5f01d37ae2#tab=host_pairs
domain: bankid-cz.run
domain: bankid-cz.top
domain: idbank-cz.run
domain: telegrambot.pw
url: https://api.github.com/repos/stamparm/maltrail/commits/beddef19f2a27a3983e65bdea6d04424a9113dfd
url: https://www.virustotal.com/gui/file/3dc4e6bae0421dbc3bd7c526e0c42e79a396465b2ef9c2c2cac0d59cc1750054/detection
ip: 36.50.135.229
domain: t-mail.click
domain: benstunnel.t-mail.click
domain: wvxx.dpdns.org
domain: xyx.wvxx.dpdns.org
url: https://api.github.com/repos/stamparm/maltrail/commits/77746cef7834503d0c5aeb821eac4f6040b1bc6f
url: https://x.com/smica83/status/2063496293092110394
url: https://tria.ge/260607-gcfy6shv2z/behavioral1
domain: inini.kesug.com
url: https://api.github.com/repos/stamparm/maltrail/commits/d50b275bab9c942d31306ca4afabb7cedc885305
url: https://x.com/rifteyy/status/2063272669806542871
domain: smartcheck214.world
url: https://api.github.com/repos/stamparm/maltrail/commits/400b95c332f38a42cad36dfd80398843078a58c8
domain: accgame1s.shop
domain: acclv8.click
domain: aminbantt.site
domain: aminbantt.xyz
domain: anhtuanios.site
domain: antiddos.space
domain: astshop.io.vn
domain: baokiet.shop
domain: baonongsan.online
domain: bgcloud.online
domain: bgcloud.us.kg
domain: cardgiare.store
domain: catehehe.xyz
domain: cauam.shop
domain: cheatiosvip.io.vn
domain: cheatzvip.io.vn
domain: chungchi247.online
domain: cloneviavipco.click
domain: cmedia.fun
domain: cpmodz.top
domain: datxe247.io.vn
domain: datxelientinh.io.vn
domain: dichvulights.site
domain: dichvunapgame.eu.org
domain: dichvurbl.site
domain: dichvuthueweb.site
domain: dichvuweb.fun
domain: dtmsub8386.click
domain: gdvcshn.site
domain: giadinhxofa.id.vn
domain: heiskso.store
domain: hieutranit.shop
domain: hmcsub.shop
domain: hoangtuananhdev.io.vn
domain: hqstore.site
domain: huydevlor.id.vn
domain: i-99.pro
domain: irismc.asia
domain: kangnahyeok.space
domain: kem1st.xyz
domain: khanhduy.pro
domain: khoapug.xyz
domain: kobtne.site
domain: kyphandev.site
domain: leafaid.org
domain: leanhminh.shop
domain: loimodaov.site
domain: mailmmo247.online
domain: meowblox.shop
domain: mine4fun.com
domain: minhnhat.site
domain: mizumc.xyz
domain: mnhatshop.site
domain: mriosnhat.io.vn
domain: muahangonline.site
domain: nguyencaohoai.site
domain: ninhioscrack.io.vn
domain: nstore.lol
domain: nvdhax.fun
domain: owensport.site
domain: owmkey.site
domain: quocduy.click
domain: shopaccgame.pro
domain: shopaccrblut.site
domain: shopcloneroblox.store
domain: shopmeomeo.io.vn
domain: shoproblox.site
domain: shopthomoonline.site
domain: shopvailon.click
domain: sieuthibill.online
domain: smmo.com.vn
domain: sublike5s.fun
domain: subrenhat76.io.vn
domain: subs1vip.website
domain: sunnymc.click
domain: taixiuauto.xyz
domain: techgear.fun
domain: tengumod.online
domain: thanhnienthapmuoi.com
domain: thhungmya.site
domain: thuetoolvip.site
domain: thuyquynh.site
domain: tiendeveloper.site
domain: tinophandemo.site
domain: tirusisme.online
domain: tki3t.app
domain: trieuvandung.xyz
domain: tuanminhshop.io.vn
domain: vanquyet.click
domain: vanson.site
domain: vietphuongios.site
domain: vps5s.site
domain: webhayho.io.vn
domain: xclone.site
domain: xnotee.sbs
domain: xtaboydz.io.vn
domain: yellowmc.world
url: https://api.github.com/repos/stamparm/maltrail/commits/4e4b638d38933fbe5673dc6459291b3305bf938c
url: https://app.validin.com/detail?find=v%3Dspf1%20%2Ba%20%2Bmx%20%2Bip4%3A160.191.244.99%20~all&type=raw&ref_id=104126ab34f#tab=dns
url: https://api.github.com/repos/stamparm/maltrail/commits/2547e6b3a56ba40c498e807235a1c37580d4fdb5
domain: dev4.daliajobs.com
domain: forms.dev4.daliajobs.com
domain: nida.trxs32es.dns.navy
domain: nids.trxs34es.dns.navy
domain: nidservers.trxs4es.dns.navy
domain: trxs32es.dns.navy
domain: trxs34es.dns.navy
domain: trxs4es.dns.navy
url: https://api.github.com/repos/stamparm/maltrail/commits/cdc2e1c8361f85637095b014d70e9a881ff147d2
domain: qeoin.com
domain: fileautumncastle.com
domain: filecedarcanvas.com
domain: filemeteorbridge.com
domain: filepinehorizon.com
url: https://api.github.com/repos/stamparm/maltrail/commits/c6b5b1f3bdfb5df06cb1787c4a88dd3bcba6b0e5
ip: 43.204.2.142
ip: 45.225.135.53
url: https://api.github.com/repos/stamparm/maltrail/commits/0bf87d422575387c227ee9558d614829c8675a42
domain: claimfees-pumps.fun
domain: feeback-pumps.fun
domain: losesbacks-pump.fun
domain: pump-streaminghub.fun
url: https://api.github.com/repos/stamparm/maltrail/commits/ae4891d78fa6182621c8798ae996786790cbcbeb
domain: capitalrios.com
domain: cashlatvia.com
domain: dexorith.com
domain: kalosintelligence.com
domain: nexovryn.com
domain: solventas360.com
domain: utahpoolsandspas.com
url: https://api.github.com/repos/stamparm/maltrail/commits/eb5cf4dcf8de5c088415ec4b63674b49e5a95769
domain: awegbe.icu
domain: cdn.oolpae.icu
domain: gabnen.icu
domain: ioaole.icu
domain: iommtt.icu
url: https://api.github.com/repos/stamparm/maltrail/commits/29be1a3eee76881144600765f0820d37d0375b30
domain: coffeefromarabica.monster
domain: equinixad.monster
domain: freecoffee.monster
domain: legalreads.monster
domain: nextpgh3.com
domain: picturequitting.monster
domain: tommysdemons.monster
domain: xcoffeeteaandwatherx.monster
url: https://api.github.com/repos/stamparm/maltrail/commits/e51a0429f8c0478801d520472f9b962c3e49aeb1
domain: blaze-of-glory.top
domain: cash-king-realm.xyz
domain: diamond-thunder.sbs
domain: epic-spin-club.top
domain: fewdumpsjpeg.digital
domain: happy-joy-wave.fun
url: https://api.github.com/repos/stamparm/maltrail/commits/e176252b85ce89f7f45a7b084335ca9ac550e426
domain: norrtheme.com
url: https://api.github.com/repos/stamparm/maltrail/commits/1f757499f02939353fb395eb795e89b52c0122cf
ip: 178.159.43.206
domain: 178.159.43.206.sslip.io
domain: cdn-app-software-3425.tech
domain: cdn-app-software-67423.store
domain: cdn-web-app-10.site
domain: cdn-web-app-10.tech
domain: dash-server2.servertech02.workers.dev
domain: devopstechnologies.site
domain: keystore-explorer.site
domain: moorabanco-ad.com
domain: moraabanco-ad.com
domain: morabanco-ad.com
domain: servertech02.workers.dev
domain: soft-dns-999.tech
domain: soft-dns-999001.store
domain: sys-log-7qw.workers.dev
domain: vm5042999.1nvme.had.wf
domain: white-salad-4c7f.sys-log-7qw.workers.dev
domain: za-serverhub.online
url: https://api.github.com/repos/stamparm/maltrail/commits/f7e83bc415b2488416ea9a15e9a2a065a1d30bc4
domain: 08f0.proxy-edge-c5f.workers.dev
domain: api.rvtoolacs.online
domain: app-server.comof72509.workers.dev
domain: cdn-ae.azureedge.net
domain: comof72509.workers.dev
domain: dev.rvtoolacs.online
domain: fastpanel116864.hostkey.in
domain: sejilod7488888.workers.dev
domain: server-software-cdn.azureedge.net
domain: server-software.azureedge.net
domain: soft-dns.sejilod7488888.workers.dev
domain: za.rvtoolvm.com
url: https://api.github.com/repos/stamparm/maltrail/commits/6480fb0f5a850ec16f0599dea73077df29096798
domain: 1uthid-1fgnow-slte.help
domain: accrepporttcenterr.com
domain: ayenerspoul.com
domain: centralsupportt.com
domain: client-1ufirstsour3cenow-sllte.help
domain: downpadrv.com
domain: gatewayhubservice.com.de
domain: getultraplus.com
domain: micribotv.com
domain: novaswitcher.com
domain: ouser-insurance-panel.com
url: https://api.github.com/repos/stamparm/maltrail/commits/e31d1e91d6c7d5d69b45951ae1ff3f54a85fadde
domain: meet.thefallguy.ir
domain: rich-rush-oasis.click
domain: super-gold-rush.sbs

Maltrail IOC for 2026-06-07

Severity: medium

Type: malware

Maltrail IOC for 2026-06-07

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

url: https://api.github.com/repos/stamparm/maltrail/commits/0bf2998852b72b76d1de88ed5218b6c9fefa0d7d
domain: hdmo.help
url: https://api.github.com/repos/stamparm/maltrail/commits/03a954e271bbeb3da7a65b31d2bd59da18edc625
url: https://www.virustotal.com/gui/ip-address/45.225.135.54/detection
ip: 45.225.135.54
url: https://api.github.com/repos/stamparm/maltrail/commits/7d08ad0007639584c1f52d482f0626636d3956cd
url: https://api.github.com/repos/stamparm/maltrail/commits/720f2a039d29774a21dba4ffd5edc0bfc3f89891
ip: 23.95.162.94
url: https://api.github.com/repos/stamparm/maltrail/commits/05624c660d4b849944ca35e160d5fc2b0566ab3d
url: https://app.validin.com/detail?find=Bank%20iD%20%3D%20va%C5%A1e%20digit%C3%A1ln%C3%AD%20ob%C4%8Danka&type=raw&ref_id=a5f01d37ae2#tab=host_pairs
domain: bankid-cz.run
domain: bankid-cz.top
domain: idbank-cz.run
domain: telegrambot.pw
url: https://api.github.com/repos/stamparm/maltrail/commits/beddef19f2a27a3983e65bdea6d04424a9113dfd
url: https://www.virustotal.com/gui/file/3dc4e6bae0421dbc3bd7c526e0c42e79a396465b2ef9c2c2cac0d59cc1750054/detection
ip: 36.50.135.229
domain: t-mail.click
domain: benstunnel.t-mail.click
domain: wvxx.dpdns.org
domain: xyx.wvxx.dpdns.org
url: https://api.github.com/repos/stamparm/maltrail/commits/77746cef7834503d0c5aeb821eac4f6040b1bc6f
url: https://x.com/smica83/status/2063496293092110394
url: https://tria.ge/260607-gcfy6shv2z/behavioral1
domain: inini.kesug.com
url: https://api.github.com/repos/stamparm/maltrail/commits/d50b275bab9c942d31306ca4afabb7cedc885305
url: https://x.com/rifteyy/status/2063272669806542871
domain: smartcheck214.world
url: https://api.github.com/repos/stamparm/maltrail/commits/400b95c332f38a42cad36dfd80398843078a58c8
domain: accgame1s.shop
domain: acclv8.click
domain: aminbantt.site
domain: aminbantt.xyz
domain: anhtuanios.site
domain: antiddos.space
domain: astshop.io.vn
domain: baokiet.shop
domain: baonongsan.online
domain: bgcloud.online
domain: bgcloud.us.kg
domain: cardgiare.store
domain: catehehe.xyz
domain: cauam.shop
domain: cheatiosvip.io.vn
domain: cheatzvip.io.vn
domain: chungchi247.online
domain: cloneviavipco.click
domain: cmedia.fun
domain: cpmodz.top
domain: datxe247.io.vn
domain: datxelientinh.io.vn
domain: dichvulights.site
domain: dichvunapgame.eu.org
domain: dichvurbl.site
domain: dichvuthueweb.site
domain: dichvuweb.fun
domain: dtmsub8386.click
domain: gdvcshn.site
domain: giadinhxofa.id.vn
domain: heiskso.store
domain: hieutranit.shop
domain: hmcsub.shop
domain: hoangtuananhdev.io.vn
domain: hqstore.site
domain: huydevlor.id.vn
domain: i-99.pro
domain: irismc.asia
domain: kangnahyeok.space
domain: kem1st.xyz
domain: khanhduy.pro
domain: khoapug.xyz
domain: kobtne.site
domain: kyphandev.site
domain: leafaid.org
domain: leanhminh.shop
domain: loimodaov.site
domain: mailmmo247.online
domain: meowblox.shop
domain: mine4fun.com
domain: minhnhat.site
domain: mizumc.xyz
domain: mnhatshop.site
domain: mriosnhat.io.vn
domain: muahangonline.site
domain: nguyencaohoai.site
domain: ninhioscrack.io.vn
domain: nstore.lol
domain: nvdhax.fun
domain: owensport.site
domain: owmkey.site
domain: quocduy.click
domain: shopaccgame.pro
domain: shopaccrblut.site
domain: shopcloneroblox.store
domain: shopmeomeo.io.vn
domain: shoproblox.site
domain: shopthomoonline.site
domain: shopvailon.click
domain: sieuthibill.online
domain: smmo.com.vn
domain: sublike5s.fun
domain: subrenhat76.io.vn
domain: subs1vip.website
domain: sunnymc.click
domain: taixiuauto.xyz
domain: techgear.fun
domain: tengumod.online
domain: thanhnienthapmuoi.com
domain: thhungmya.site
domain: thuetoolvip.site
domain: thuyquynh.site
domain: tiendeveloper.site
domain: tinophandemo.site
domain: tirusisme.online
domain: tki3t.app
domain: trieuvandung.xyz
domain: tuanminhshop.io.vn
domain: vanquyet.click
domain: vanson.site
domain: vietphuongios.site
domain: vps5s.site
domain: webhayho.io.vn
domain: xclone.site
domain: xnotee.sbs
domain: xtaboydz.io.vn
domain: yellowmc.world
url: https://api.github.com/repos/stamparm/maltrail/commits/4e4b638d38933fbe5673dc6459291b3305bf938c
url: https://app.validin.com/detail?find=v%3Dspf1%20%2Ba%20%2Bmx%20%2Bip4%3A160.191.244.99%20~all&type=raw&ref_id=104126ab34f#tab=dns
url: https://api.github.com/repos/stamparm/maltrail/commits/2547e6b3a56ba40c498e807235a1c37580d4fdb5
domain: dev4.daliajobs.com
domain: forms.dev4.daliajobs.com
domain: nida.trxs32es.dns.navy
domain: nids.trxs34es.dns.navy
domain: nidservers.trxs4es.dns.navy
domain: trxs32es.dns.navy
domain: trxs34es.dns.navy
domain: trxs4es.dns.navy
url: https://api.github.com/repos/stamparm/maltrail/commits/cdc2e1c8361f85637095b014d70e9a881ff147d2
domain: qeoin.com
domain: fileautumncastle.com
domain: filecedarcanvas.com
domain: filemeteorbridge.com
domain: filepinehorizon.com
url: https://api.github.com/repos/stamparm/maltrail/commits/c6b5b1f3bdfb5df06cb1787c4a88dd3bcba6b0e5
ip: 43.204.2.142
ip: 45.225.135.53
url: https://api.github.com/repos/stamparm/maltrail/commits/0bf87d422575387c227ee9558d614829c8675a42
domain: claimfees-pumps.fun
domain: feeback-pumps.fun
domain: losesbacks-pump.fun
domain: pump-streaminghub.fun
url: https://api.github.com/repos/stamparm/maltrail/commits/ae4891d78fa6182621c8798ae996786790cbcbeb
domain: capitalrios.com
domain: cashlatvia.com
domain: dexorith.com
domain: kalosintelligence.com
domain: nexovryn.com
domain: solventas360.com
domain: utahpoolsandspas.com
url: https://api.github.com/repos/stamparm/maltrail/commits/eb5cf4dcf8de5c088415ec4b63674b49e5a95769
domain: awegbe.icu
domain: cdn.oolpae.icu
domain: gabnen.icu
domain: ioaole.icu
domain: iommtt.icu
url: https://api.github.com/repos/stamparm/maltrail/commits/29be1a3eee76881144600765f0820d37d0375b30
domain: coffeefromarabica.monster
domain: equinixad.monster
domain: freecoffee.monster
domain: legalreads.monster
domain: nextpgh3.com
domain: picturequitting.monster
domain: tommysdemons.monster
domain: xcoffeeteaandwatherx.monster
url: https://api.github.com/repos/stamparm/maltrail/commits/e51a0429f8c0478801d520472f9b962c3e49aeb1
domain: blaze-of-glory.top
domain: cash-king-realm.xyz
domain: diamond-thunder.sbs
domain: epic-spin-club.top
domain: fewdumpsjpeg.digital
domain: happy-joy-wave.fun
url: https://api.github.com/repos/stamparm/maltrail/commits/e176252b85ce89f7f45a7b084335ca9ac550e426
domain: norrtheme.com
url: https://api.github.com/repos/stamparm/maltrail/commits/1f757499f02939353fb395eb795e89b52c0122cf
ip: 178.159.43.206
domain: 178.159.43.206.sslip.io
domain: cdn-app-software-3425.tech
domain: cdn-app-software-67423.store
domain: cdn-web-app-10.site
domain: cdn-web-app-10.tech
domain: dash-server2.servertech02.workers.dev
domain: devopstechnologies.site
domain: keystore-explorer.site
domain: moorabanco-ad.com
domain: moraabanco-ad.com
domain: morabanco-ad.com
domain: servertech02.workers.dev
domain: soft-dns-999.tech
domain: soft-dns-999001.store
domain: sys-log-7qw.workers.dev
domain: vm5042999.1nvme.had.wf
domain: white-salad-4c7f.sys-log-7qw.workers.dev
domain: za-serverhub.online
url: https://api.github.com/repos/stamparm/maltrail/commits/f7e83bc415b2488416ea9a15e9a2a065a1d30bc4
domain: 08f0.proxy-edge-c5f.workers.dev
domain: api.rvtoolacs.online
domain: app-server.comof72509.workers.dev
domain: cdn-ae.azureedge.net
domain: comof72509.workers.dev
domain: dev.rvtoolacs.online
domain: fastpanel116864.hostkey.in
domain: sejilod7488888.workers.dev
domain: server-software-cdn.azureedge.net
domain: server-software.azureedge.net
domain: soft-dns.sejilod7488888.workers.dev
domain: za.rvtoolvm.com
url: https://api.github.com/repos/stamparm/maltrail/commits/6480fb0f5a850ec16f0599dea73077df29096798
domain: 1uthid-1fgnow-slte.help
domain: accrepporttcenterr.com
domain: ayenerspoul.com
domain: centralsupportt.com
domain: client-1ufirstsour3cenow-sllte.help
domain: downpadrv.com
domain: gatewayhubservice.com.de
domain: getultraplus.com
domain: micribotv.com
domain: novaswitcher.com
domain: ouser-insurance-panel.com
url: https://api.github.com/repos/stamparm/maltrail/commits/e31d1e91d6c7d5d69b45951ae1ff3f54a85fadde
domain: meet.thefallguy.ir
domain: rich-rush-oasis.click
domain: super-gold-rush.sbs

Source: CIRCL OSINT Feed

Published: Sat Jun 06 2026

Maltrail IOC for 2026-06-07

Medium

Malwaretlp:clear malware misp:threat-level="medium-risk"misp:event-type="observation"misp:automation-level="unsupervised"type:osint osint:lifetime="perpetual"osint:source-type="manual-collection"

Published: Sat Jun 06 2026 (06/06/2026, 00:00:00 UTC)

Source: CIRCL OSINT Feed

Description

Maltrail IOC for 2026-06-07

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 06/07/2026, 18:48:25 UTC

Technical Analysis

Potential Impact

Mitigation Recommendations

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Uuid: 04bacec9-88d5-4088-b1ba-f4c581df4bc1
Original Timestamp: 1780855213

Indicators of Compromise

Url

Value	Description	Copy
urlhttps://api.github.com/repos/stamparm/maltrail/commits/0bf2998852b72b76d1de88ed5218b6c9fefa0d7d	android_joker
urlhttps://api.github.com/repos/stamparm/maltrail/commits/03a954e271bbeb3da7a65b31d2bd59da18edc625	sliver
urlhttps://www.virustotal.com/gui/ip-address/45.225.135.54/detection	sliver
urlhttps://api.github.com/repos/stamparm/maltrail/commits/7d08ad0007639584c1f52d482f0626636d3956cd	generic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/720f2a039d29774a21dba4ffd5edc0bfc3f89891	generic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/05624c660d4b849944ca35e160d5fc2b0566ab3d	banload
urlhttps://app.validin.com/detail?find=Bank%20iD%20%3D%20va%C5%A1e%20digit%C3%A1ln%C3%AD%20ob%C4%8Danka&type=raw&ref_id=a5f01d37ae2#tab=host_pairs	banload
urlhttps://api.github.com/repos/stamparm/maltrail/commits/beddef19f2a27a3983e65bdea6d04424a9113dfd	bankerclip
urlhttps://www.virustotal.com/gui/file/3dc4e6bae0421dbc3bd7c526e0c42e79a396465b2ef9c2c2cac0d59cc1750054/detection	bankerclip
urlhttps://api.github.com/repos/stamparm/maltrail/commits/77746cef7834503d0c5aeb821eac4f6040b1bc6f	apt_kimsuky
urlhttps://x.com/smica83/status/2063496293092110394	apt_kimsuky
urlhttps://tria.ge/260607-gcfy6shv2z/behavioral1	apt_kimsuky
urlhttps://api.github.com/repos/stamparm/maltrail/commits/d50b275bab9c942d31306ca4afabb7cedc885305	—
urlhttps://x.com/rifteyy/status/2063272669806542871	—
urlhttps://api.github.com/repos/stamparm/maltrail/commits/400b95c332f38a42cad36dfd80398843078a58c8	—
urlhttps://api.github.com/repos/stamparm/maltrail/commits/4e4b638d38933fbe5673dc6459291b3305bf938c	bankerclip
urlhttps://app.validin.com/detail?find=v%3Dspf1%20%2Ba%20%2Bmx%20%2Bip4%3A160.191.244.99%20~all&type=raw&ref_id=104126ab34f#tab=dns	bankerclip
urlhttps://api.github.com/repos/stamparm/maltrail/commits/2547e6b3a56ba40c498e807235a1c37580d4fdb5	apt_kimsuky
urlhttps://api.github.com/repos/stamparm/maltrail/commits/cdc2e1c8361f85637095b014d70e9a881ff147d2	osx_atomic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/c6b5b1f3bdfb5df06cb1787c4a88dd3bcba6b0e5	generic
urlhttps://api.github.com/repos/stamparm/maltrail/commits/0bf87d422575387c227ee9558d614829c8675a42	osx_nova
urlhttps://api.github.com/repos/stamparm/maltrail/commits/ae4891d78fa6182621c8798ae996786790cbcbeb	apt_unc2465
urlhttps://api.github.com/repos/stamparm/maltrail/commits/eb5cf4dcf8de5c088415ec4b63674b49e5a95769	android_fvncbot
urlhttps://api.github.com/repos/stamparm/maltrail/commits/29be1a3eee76881144600765f0820d37d0375b30	—
urlhttps://api.github.com/repos/stamparm/maltrail/commits/e51a0429f8c0478801d520472f9b962c3e49aeb1	—
urlhttps://api.github.com/repos/stamparm/maltrail/commits/e176252b85ce89f7f45a7b084335ca9ac550e426	tsundere
urlhttps://api.github.com/repos/stamparm/maltrail/commits/1f757499f02939353fb395eb795e89b52c0122cf	apt_unc2465
urlhttps://api.github.com/repos/stamparm/maltrail/commits/f7e83bc415b2488416ea9a15e9a2a065a1d30bc4	apt_unc2465
urlhttps://api.github.com/repos/stamparm/maltrail/commits/6480fb0f5a850ec16f0599dea73077df29096798	—
urlhttps://api.github.com/repos/stamparm/maltrail/commits/e31d1e91d6c7d5d69b45951ae1ff3f54a85fadde	—

Domain

Value	Description	Copy
domainhdmo.help	android_joker
domainbankid-cz.run	banload
domainbankid-cz.top	banload
domainidbank-cz.run	banload
domaintelegrambot.pw	banload
domaint-mail.click	bankerclip
domainbenstunnel.t-mail.click	bankerclip
domainwvxx.dpdns.org	bankerclip
domainxyx.wvxx.dpdns.org	bankerclip
domaininini.kesug.com	apt_kimsuky
domainsmartcheck214.world	—
domainaccgame1s.shop	—
domainacclv8.click	—
domainaminbantt.site	—
domainaminbantt.xyz	—
domainanhtuanios.site	—
domainantiddos.space	—
domainastshop.io.vn	—
domainbaokiet.shop	—
domainbaonongsan.online	—
domainbgcloud.online	—
domainbgcloud.us.kg	—
domaincardgiare.store	—
domaincatehehe.xyz	—
domaincauam.shop	—
domaincheatiosvip.io.vn	—
domaincheatzvip.io.vn	—
domainchungchi247.online	—
domaincloneviavipco.click	—
domaincmedia.fun	—
domaincpmodz.top	—
domaindatxe247.io.vn	—
domaindatxelientinh.io.vn	—
domaindichvulights.site	—
domaindichvunapgame.eu.org	—
domaindichvurbl.site	—
domaindichvuthueweb.site	—
domaindichvuweb.fun	—
domaindtmsub8386.click	—
domaingdvcshn.site	—
domaingiadinhxofa.id.vn	—
domainheiskso.store	—
domainhieutranit.shop	—
domainhmcsub.shop	—
domainhoangtuananhdev.io.vn	—
domainhqstore.site	—
domainhuydevlor.id.vn	—
domaini-99.pro	—
domainirismc.asia	—
domainkangnahyeok.space	—
domainkem1st.xyz	—
domainkhanhduy.pro	—
domainkhoapug.xyz	—
domainkobtne.site	—
domainkyphandev.site	—
domainleafaid.org	—
domainleanhminh.shop	—
domainloimodaov.site	—
domainmailmmo247.online	—
domainmeowblox.shop	—
domainmine4fun.com	—
domainminhnhat.site	—
domainmizumc.xyz	—
domainmnhatshop.site	—
domainmriosnhat.io.vn	—
domainmuahangonline.site	—
domainnguyencaohoai.site	—
domainninhioscrack.io.vn	—
domainnstore.lol	—
domainnvdhax.fun	—
domainowensport.site	—
domainowmkey.site	—
domainquocduy.click	—
domainshopaccgame.pro	—
domainshopaccrblut.site	—
domainshopcloneroblox.store	—
domainshopmeomeo.io.vn	—
domainshoproblox.site	—
domainshopthomoonline.site	—
domainshopvailon.click	—
domainsieuthibill.online	—
domainsmmo.com.vn	—
domainsublike5s.fun	—
domainsubrenhat76.io.vn	—
domainsubs1vip.website	—
domainsunnymc.click	—
domaintaixiuauto.xyz	—
domaintechgear.fun	—
domaintengumod.online	—
domainthanhnienthapmuoi.com	—
domainthhungmya.site	—
domainthuetoolvip.site	—
domainthuyquynh.site	—
domaintiendeveloper.site	—
domaintinophandemo.site	—
domaintirusisme.online	—
domaintki3t.app	—
domaintrieuvandung.xyz	—
domaintuanminhshop.io.vn	—
domainvanquyet.click	—
domainvanson.site	—
domainvietphuongios.site	—
domainvps5s.site	—
domainwebhayho.io.vn	—
domainxclone.site	—
domainxnotee.sbs	—
domainxtaboydz.io.vn	—
domainyellowmc.world	—
domaindev4.daliajobs.com	apt_kimsuky
domainforms.dev4.daliajobs.com	apt_kimsuky
domainnida.trxs32es.dns.navy	apt_kimsuky
domainnids.trxs34es.dns.navy	apt_kimsuky
domainnidservers.trxs4es.dns.navy	apt_kimsuky
domaintrxs32es.dns.navy	apt_kimsuky
domaintrxs34es.dns.navy	apt_kimsuky
domaintrxs4es.dns.navy	apt_kimsuky
domainqeoin.com	osx_atomic
domainfileautumncastle.com	osx_atomic
domainfilecedarcanvas.com	osx_atomic
domainfilemeteorbridge.com	osx_atomic
domainfilepinehorizon.com	osx_atomic
domainclaimfees-pumps.fun	osx_nova
domainfeeback-pumps.fun	osx_nova
domainlosesbacks-pump.fun	osx_nova
domainpump-streaminghub.fun	osx_nova
domaincapitalrios.com	apt_unc2465
domaincashlatvia.com	apt_unc2465
domaindexorith.com	apt_unc2465
domainkalosintelligence.com	apt_unc2465
domainnexovryn.com	apt_unc2465
domainsolventas360.com	apt_unc2465
domainutahpoolsandspas.com	apt_unc2465
domainawegbe.icu	android_fvncbot
domaincdn.oolpae.icu	android_fvncbot
domaingabnen.icu	android_fvncbot
domainioaole.icu	android_fvncbot
domainiommtt.icu	android_fvncbot
domaincoffeefromarabica.monster	—
domainequinixad.monster	—
domainfreecoffee.monster	—
domainlegalreads.monster	—
domainnextpgh3.com	—
domainpicturequitting.monster	—
domaintommysdemons.monster	—
domainxcoffeeteaandwatherx.monster	—
domainblaze-of-glory.top	—
domaincash-king-realm.xyz	—
domaindiamond-thunder.sbs	—
domainepic-spin-club.top	—
domainfewdumpsjpeg.digital	—
domainhappy-joy-wave.fun	—
domainnorrtheme.com	tsundere
domain178.159.43.206.sslip.io	apt_unc2465
domaincdn-app-software-3425.tech	apt_unc2465
domaincdn-app-software-67423.store	apt_unc2465
domaincdn-web-app-10.site	apt_unc2465
domaincdn-web-app-10.tech	apt_unc2465
domaindash-server2.servertech02.workers.dev	apt_unc2465
domaindevopstechnologies.site	apt_unc2465
domainkeystore-explorer.site	apt_unc2465
domainmoorabanco-ad.com	apt_unc2465
domainmoraabanco-ad.com	apt_unc2465
domainmorabanco-ad.com	apt_unc2465
domainservertech02.workers.dev	apt_unc2465
domainsoft-dns-999.tech	apt_unc2465
domainsoft-dns-999001.store	apt_unc2465
domainsys-log-7qw.workers.dev	apt_unc2465
domainvm5042999.1nvme.had.wf	apt_unc2465
domainwhite-salad-4c7f.sys-log-7qw.workers.dev	apt_unc2465
domainza-serverhub.online	apt_unc2465
domain08f0.proxy-edge-c5f.workers.dev	apt_unc2465
domainapi.rvtoolacs.online	apt_unc2465
domainapp-server.comof72509.workers.dev	apt_unc2465
domaincdn-ae.azureedge.net	apt_unc2465
domaincomof72509.workers.dev	apt_unc2465
domaindev.rvtoolacs.online	apt_unc2465
domainfastpanel116864.hostkey.in	apt_unc2465
domainsejilod7488888.workers.dev	apt_unc2465
domainserver-software-cdn.azureedge.net	apt_unc2465
domainserver-software.azureedge.net	apt_unc2465
domainsoft-dns.sejilod7488888.workers.dev	apt_unc2465
domainza.rvtoolvm.com	apt_unc2465
domain1uthid-1fgnow-slte.help	—
domainaccrepporttcenterr.com	—
domainayenerspoul.com	—
domaincentralsupportt.com	—
domainclient-1ufirstsour3cenow-sllte.help	—
domaindownpadrv.com	—
domaingatewayhubservice.com.de	—
domaingetultraplus.com	—
domainmicribotv.com	—
domainnovaswitcher.com	—
domainouser-insurance-panel.com	—
domainmeet.thefallguy.ir	—
domainrich-rush-oasis.click	—
domainsuper-gold-rush.sbs	—

Ip

Value	Description	Copy
ip45.225.135.54	sliver
ip23.95.162.94	generic
ip36.50.135.229	bankerclip
ip43.204.2.142	generic
ip45.225.135.53	generic
ip178.159.43.206	apt_unc2465

Threat ID: 6a25b971e29bf47b5002544e

Added to database: 6/7/2026, 6:33:21 PM

Last enriched: 6/7/2026, 6:48:25 PM

Last updated: 6/8/2026, 4:22:40 AM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited

View courses

Maltrail IOC for 2026-06-07

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

Maltrail IOC for 2026-06-07

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Technical Details

Indicators of Compromise

Url

Domain

Ip

Community Reviews

Actions

External Links

Need more coverage?

Latest Threats

Check if your credentials are on the dark web

Lead Pen Test Professional

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility

Maltrail IOC for 2026-06-07

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

Maltrail IOC for 2026-06-07

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Technical Details

Indicators of Compromise

Url

Domain

Ip

Community Reviews

Related Threats

ThreatFox IOCs for 2026-06-07

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

ThreatFox IOCs for 2026-06-06

Confirmed Void Dokkaebi infection on macOS — how do I figure out if VS Code Copilot agent was involved in the delivery?

Maltrail IOC for 2026-06-06

Actions

External Links

Need more coverage?

Latest Threats

Check if your credentials are on the dark web

Lead Pen Test Professional

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility