IOC Radar
TLP:WHITE99 IOCs

Maltrail IOC for 2026-06-03

CO
CIRCL OSINT Feed
Published June 3, 2026Original Report

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREleinkideen.comeddvbaz.icunuser-login.nskrm.dyn…CAPABILITYLummaPlugXVICTIMunknown
Adversary
Infrastructure(6)
Capability(2)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise99

TypeIndicatorConfidenceScoreFirst Seen
Domainleinkideen.com
loadermalwarenetwork
High
72
Jun 3, 26
Domaineddvbaz.icu
malwarenetworkrat
High
72
Jun 3, 26
Domainnuser-login.nskrm.dynv6.net
aptespionagemalware
High
72
Jun 3, 26
Domainblbnchard.lol
malwarenetworkrat
High
72
Jun 3, 26
Domainfuelleg.info
loadermalwarenetwork
High
72
Jun 3, 26
Domainytrtyab.icu
loadermalwarenetwork
High
72
Jun 3, 26
Domainfilepineplanet.online
malwarenetworkrat
High
72
Jun 3, 26
IP45.182.189.98
aptespionagemalware
High
72
Jun 3, 26
Domainnblog4krs.dynu.org
aptespionagemalware
High
72
Jun 3, 26
IP195.177.94.62
malwarenetworkrat
High
72
Jun 3, 26
Domainnid.naver.craftleds.com
aptespionagemalware
High
72
Jun 3, 26
Domaintals1ex.dynv6.net
aptespionagemalware
High
72
Jun 3, 26
Domaintyhbnee.icu
malwarenetworkrat
High
72
Jun 3, 26
Domainthenarcjournal.com
aptespionagemalware
High
72
Jun 3, 26
Domainfilehiddenvalley.com
malwarenetworkrat
High
72
Jun 3, 26
SHA1242ead648a89ceffbf7933c088a47a5fcf25f4f2
file-hashmalwarerat
High
72
Jun 3, 26
Domainskyhanni.net
malwarenetworkrat
High
72
Jun 3, 26
SHA14d526f11dd41cc39d349c00bcc4361953bce41b3
aptespionagefile-hash
High
72
Jun 3, 26
Domainns1.astahin.com
aptespionagemalware
High
74
Jun 3, 26
SHA1395f67e5765af4a98021f7f74c8c6ff50fb72c8e
aptespionagefile-hash
High
72
Jun 3, 26
Domainntaxe9otp.dynv6.net
aptespionagemalware
High
72
Jun 3, 26
SHA123232e97ede9dae4db4fcfe065f4795d7b16ec61
file-hashmalwarerat
High
72
Jun 3, 26
IP101.42.104.134
botnetmalwarenetwork
High
86
Jun 2, 26
Domainns2.astahin.com
aptespionagemalware
High
74
Jun 3, 26
Domainfilehorizoncastle.online
malwarenetworkrat
High
72
Jun 3, 26
IP45.13.212.253
aptespionagemalware
High
72
Jun 3, 26
Domainnskrm.dynv6.net
aptespionagemalware
High
72
Jun 3, 26
Domainoopple.icu
malwarenetworkrat
High
72
Jun 3, 26
SHA139d6973f904df841a91e55ce8c2154654b12b6a8
file-hashloadermalware
High
72
Jun 3, 26
Domainfilegoldenengine.online
malwarenetworkrat
High
72
Jun 3, 26
Domainnid-user.hets22ex.dns.army
aptespionagemalware
High
72
Jun 3, 26
SHA14aacd763401a47494bcdf0c5619606924f138656
aptespionagefile-hash
High
72
Jun 3, 26
Domainweedhack.to
malwarenetworkrat
High
72
Jun 3, 26
SHA256b4f02aaa43b86d151c11a945d01e9b60eb37227e2a552cc67ecdcb475e21eb67
file-hashmalwarerat
High
72
Jun 3, 26
SHA16899ef534ad323f43dc030e93be8221cd633c7dc
file-hashmalwarerat
High
72
Jun 3, 26
Domainncodckpass.dns.navy
aptespionagemalware
High
72
Jun 3, 26
Domaincdn.eddvbaz.icu
malwarenetworkrat
High
72
Jun 3, 26
Domainoonaent.icu
malwarenetworkrat
High
72
Jun 3, 26
Domainwixstudio.com
malwarenetworkrat
High
72
Jun 3, 26
Domainfilestormcoffee.online
malwarenetworkrat
High
72
Jun 3, 26
Domainwhreceiverrrrrrrrr.ru
malwarenetworkrat
High
72
Jun 3, 26
Domainhets22ex.dns.army
aptespionagemalware
High
72
Jun 3, 26
Domainsso.global-muangthai.com
aptespionagemalware
High
72
Jun 3, 26
Domainodinclient.com
malwarenetworkrat
High
72
Jun 3, 26
Domainnova-client.com
malwarenetworkrat
High
72
Jun 3, 26
Domainnaver.craftleds.com
aptespionagemalware
High
72
Jun 3, 26
Domainwhnewreceive.ru
malwarenetworkrat
High
72
Jun 3, 26
Domainntpx5ee.dns.army
aptespionagemalware
High
72
Jun 3, 26
Domainxenonclient.com
aptespionagemalware
High
72
Jun 3, 26
IP115.159.72.181
botnetmalwarenetwork
High
86
Jun 2, 26
Domainskytils.net
malwarenetworkrat
High
72
Jun 3, 26
Domaindynu.org
aptespionagemalware
High
72
Jun 3, 26
Domainfeathqz.cyou
aptespionagemalware
High
72
Jun 3, 26
Domainwhtempdomain.com
malwarenetworkrat
High
72
Jun 3, 26
Domainncodbzcheck.dynv6.net
aptespionagemalware
High
72
Jun 3, 26
Domainuunatt.icu
malwarenetworkrat
High
72
Jun 3, 26
Domainntxr12os.dns.army
aptespionagemalware
High
72
Jun 3, 26
Domainnids.nblog4krs.dynu.org
aptespionagemalware
High
72
Jun 3, 26
Domainbuyitallnow.com
aptespionagemalware
High
72
Jun 3, 26
Domaindonutdupe.xyz
malwarenetworkrat
High
72
Jun 3, 26
Domainfilegranitecamera.online
malwarenetworkrat
High
72
Jun 3, 26
Domainsimplevoicechatmod.co
malwarenetworkrat
High
72
Jun 3, 26
Domaingaragedoorscentralflorida.com
aptespionagemalware
High
72
Jun 3, 26
SHA1ff4d44454c4630d058e7e1666343525880980901
aptespionagefile-hash
High
72
Jun 3, 26
Domainwhack.cy
malwarenetworkrat
High
72
Jun 3, 26
Domainkryptonclient.gg
malwarenetworkrat
High
72
Jun 3, 26
SHA14d5e1bf8e162b900b8ba362ab8293aec48de8b6e
file-hashmalwarerat
High
72
Jun 3, 26
Domainduhjett.icu
malwarenetworkrat
High
72
Jun 3, 26
SHA25609cc7c879b7facbda5349a8d273f8fac6b9be8c3f9927820bcd04583114564eb
aptespionagefile-hash
High
72
Jun 3, 26
Domainljnkideen.com
malwarenetworkrat
High
72
Jun 3, 26
Domainfilecrimsonsignal.online
malwarenetworkrat
High
72
Jun 3, 26
SHA158e50c48a260fd0647a52de21e478cae66ceedda
aptespionagefile-hash
High
72
Jun 3, 26
URLhttps://mp.weixin.qq.com/s/3kwDMAXviaE1TUDnkYlqrg
aptespionagemalware
High
72
Jun 3, 26
SHA1c8e73242425968a41c4346f6de1e4391017e6f64
aptespionagefile-hash
High
72
Jun 3, 26
Domainnndvdoc.dynv6.net
aptespionagemalware
High
72
Jun 3, 26
Domainmarqueq.lol
malwarenetworkrat
High
72
Jun 3, 26
SHA14ac05e5847988676bfad562d6c0d49ff626e4334
aptespionagefile-hash
High
72
Jun 3, 26
Domainvolcanomountain.xyz
loadermalwarenetwork
High
72
Jun 3, 26
Domainalterasgroup.it.com
aptespionagemalware
High
72
Jun 3, 26
Domainfriendlydomain.ru
malwarenetworkrat
High
72
Jun 3, 26
Domainnid.ncodckpass.dns.navy
aptespionagemalware
High
72
Jun 3, 26
Domainwhrc.ru
malwarenetworkrat
High
72
Jun 3, 26
Domainweedhack.xyz
malwarenetworkrat
High
72
Jun 3, 26
SHA153007f48e07f7e1b5cf2aaf0d70e36985c548316
file-hashmalwarerat
High
72
Jun 3, 26
Domainn-cloud.nndvdoc.dynv6.net
aptespionagemalware
High
72
Jun 3, 26
Domainfilejadewallet.online
malwarenetworkrat
High
72
Jun 3, 26
Domainc2.olivermeowface.com
malwarenetworkrat
High
72
Jun 3, 26
Domainfilecedarwallet.online
malwarenetworkrat
High
72
Jun 3, 26
SHA1c5ae4119bcfe6df53417d2fc5b6b8b9a34fc7140
file-hashloadermalware
High
72
Jun 3, 26
SHA19ee0dd682671643f5ae4831a0f46ee9627b8f435
file-hashmalwarerat
High
72
Jun 3, 26
SHA1087ea6483d9ed8dc2f6e9d48c73775c8d06485a7
file-hashmalwarerat
High
72
Jun 3, 26
Domainxldr004.online
aptespionagemalware
High
72
Jun 3, 26
Domainmagazineschool.co.kr
aptespionagemalware
High
72
Jun 3, 26
IP43.142.9.118
malwarenetworkrat
High
72
Jun 3, 26
SHA18e2690769b86df153cc6be4b4d09dd9e4be38f52
aptespionagefile-hash
High
72
Jun 3, 26
SHA113fba8ff0f5dc6f9a01d3497de575413da031d1a
file-hashmalwarerat
High
72
Jun 3, 26
Domainwhpayment.ru
malwarenetworkrat
High
72
Jun 3, 26
IP1.117.77.166
botnetmalwarenetwork
High
86
Jun 2, 26
SHA1c115125457d9fceefcae9111acb7f7a292e32ac6
aptespionagefile-hash
High
72
Jun 3, 26

IOC Relationship Graph

IOC Relationship Graph99 total IOCs
DomainIPSHA1SHA256URL
Domain70SHA119IP7SHA2562URL1Malware2REPORTMaltrail IOC for 2026-06-0LummaPlugX
scroll to zoom · drag to pan · click IOC to open