IOC Radar
TLP:WHITE105 IOCs

Maltrail IOC for 2026-06-11

CO
CIRCL OSINT Feed
Published June 11, 2026Original Report

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREkh.baehtz-vermessung.…chadapress.com23.27.125.5CAPABILITYLummaVidarVICTIMunknown
Adversary
Infrastructure(6)
Capability(2)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise105

TypeIndicatorConfidenceScoreFirst Seen
Domainkh.baehtz-vermessung.de
malwarenetwork
High
68
Jun 12, 26
Domainchadapress.com
malwarenetwork
High
68
Jun 12, 26
IP23.27.125.5
malwarenetwork
High
69
Jun 12, 26
IP23.27.50.182
malwarenetwork
High
68
Jun 12, 26
Domainmail.aluppaa.com
malwarenetwork
High
68
Jun 12, 26
SHA2567b03fb383a5ce784a3cb9b0f8a76a84e984d14e553de5d98faff3d07d9793085
file-hashmalwarestealer
High
70
Jun 11, 26
Domainclaude-docs.com
malwarenetwork
High
68
Jun 12, 26
SHA256b7d17e11406a15c3a407ecfcb4d4f982edc2e4e18f2c4c177afd6b0bbb27de31
file-hashmalware
High
68
Jun 12, 26
SHA13c2f5bddea4103e962b36726f2834cc8c64f1ba0
aptespionageexploit
High
70
Jun 11, 26
SHA1ecf3a4dc48d24114e106ecf6de6e0f12e89a97e1
aptespionageexploit
High
70
Jun 11, 26
Domainaluppaa.com
malwarenetwork
High
68
Jun 12, 26
Domainmacos-claude.com
malwarenetwork
High
68
Jun 12, 26
Domainexcellence-analyze-experiment-installing.trycloudflare.com
malwarenetwork
High
68
Jun 12, 26
IP65.21.96.129
malwarenetworkstealer
High
70
Jun 11, 26
Domainwwxik2s.top
malwarenetwork
High
70
Jun 11, 26
Domainjiugui22.com
malwarenetworkrat
High
70
Jun 11, 26
SHA1f7c0ad302c64ba5a204772f825c6402b7b9fdb3c
file-hashmalwarestealer
High
70
Jun 11, 26
SHA1edd9ef8608bebc5c8948ff07100f6ef46fa09190
file-hashmalwarestealer
High
70
Jun 11, 26
Domainoxdo.xyz
aptespionagemalware
High
70
Jun 11, 26
SHA1e6dcdd819144f27dd90f986ba9d07b4db4a58a02
aptespionagefile-hash
High
70
Jun 11, 26
SHA1112335dc55320341bce6b7f22c879bc244edbc26
aptespionagefile-hash
High
68
Jun 12, 26
Domainimbyter.com
malwarenetwork
High
70
Jun 11, 26
Domaindatasecure-service.vercel.app
aptespionageexploit
High
70
Jun 11, 26
IP163.245.220.108
aptespionagemalware
High
70
Jun 11, 26
Domaincdn.ytrtyab.icu
malwarenetwork
High
70
Jun 11, 26
Domainbaehtz-vermessung.de
malwarenetwork
High
68
Jun 12, 26
Domainillummxiem.hubtischonline.de
malwarenetwork
High
68
Jun 12, 26
IP204.10.194.239
malwarenetwork
High
70
Jun 11, 26
IP23.27.175.16
malwarenetwork
High
68
Jun 12, 26
SHA15a14d790a9ba314b5ece2111b40eb8d106fb7389
file-hashmalware
High
70
Jun 11, 26
Domainmeinurlaubinkroatien.de
malwarenetwork
High
68
Jun 12, 26
Domainak.wwxik2s.top
malwarenetwork
High
70
Jun 11, 26
IP216.173.64.48
malwarenetwork
High
68
Jun 12, 26
URLhttps://mp.weixin.qq.com/s/jH60_sYtZjJZWtVc5d277g
aptespionagemalware
High
70
Jun 11, 26
SHA18862a819e18a0489f94da0d1403089f1f128bc69
file-hashmalware
High
68
Jun 12, 26
SHA1bd2a70c2c18803ba4d3c43c4212fe86853d6e3d4
file-hashmalwarestealer
High
70
Jun 11, 26
SHA11899bf672dcbfbd75cfd1d436db5eead7a3fffa1
aptespionagefile-hash
High
70
Jun 11, 26
SHA1859051f9a5b0fbc8ec8473a84fd53b04bb3004b1
file-hashmalware
High
70
Jun 11, 26
Domainvscode-ip-address-checking.vercel.app
aptespionageexploit
High
70
Jun 11, 26
Domainmicronsoftwares.com
malwarenetworkstealer
High
70
Jun 11, 26
Domainwap.windblowestate.com
malwarenetwork
High
68
Jun 12, 26
SHA186d74a40f342cf9d04b00df2b1a4319cd6f939da
file-hashmalware
High
70
Jun 11, 26
SHA1959f5ed026a208d895d3e95589cfa63b75e56be1
aptespionageexploit
High
70
Jun 11, 26
Domaincloudflare1.vercel.app
aptespionageexploit
High
70
Jun 11, 26
IP45.249.90.92
malwarenetwork
High
68
Jun 12, 26
Domainclaude-code-docs-dvlr2jpuuw.edgeone.app
malwarenetwork
High
68
Jun 12, 26
Domainappuntistack.com
malwarenetwork
High
68
Jun 12, 26
Domainclintonlakemarina.com
malwarenetwork
High
68
Jun 12, 26
Domainmacos-claude.online
malwarenetwork
High
68
Jun 12, 26
Domainculpadehuk.hubtischonline.de
malwarenetwork
High
68
Jun 12, 26
SHA146a14575b5393b070a5ff10c0c179b6b89622ddb
file-hashmalware
High
68
Jun 12, 26
IP136.0.8.67
malwarenetwork
High
68
Jun 12, 26
Domaincdn.zeqfge.icu
malwarenetworkstealer
High
70
Jun 11, 26
IP23.27.164.151
malwarenetwork
High
68
Jun 12, 26
IP23.27.51.243
malwarenetwork
High
68
Jun 12, 26
IP216.173.65.149
malwarenetwork
High
62
Jun 12, 26
IP166.88.90.78
malwarenetwork
High
68
Jun 12, 26
IP23.27.142.71
malwarenetwork
High
68
Jun 12, 26
Domainrcogenasia.com
aptespionagemalware
High
68
Jun 12, 26
SHA1cac5c21b0c2630cec988ce50dee69466ccc5e24c
file-hashmalware
High
70
Jun 11, 26
IP136.0.7.192
malwarenetwork
High
68
Jun 12, 26
Domaincolesms.top
malwarenetwork
High
70
Jun 11, 26
IP136.0.10.99
malwarenetwork
High
68
Jun 12, 26
Domaincpanel.rcogenasia.com
malwarenetwork
High
68
Jun 12, 26
SHA1c1138ed0d2bb5745191ebacaf3710c03a7ae5418
aptespionagefile-hash
High
70
Jun 11, 26
Domaindownloadclouddata.com
aptespionagemalware
High
70
Jun 11, 26
Domainvscode-ip-checking-nine.vercel.app
aptespionageexploit
High
70
Jun 11, 26
SHA19a51200f3b90c7af54c220f2526db6f36d63294d
aptespionageexploit
High
70
Jun 11, 26
IP8.218.196.168
malwarenetworkrat
High
70
Jun 11, 26
Domaincostumes-met-zum-refinance.trycloudflare.com
aptespionagemalware
High
70
Jun 11, 26
Domainnesciuntctsti.hubtischonline.de
malwarenetwork
High
68
Jun 12, 26
IP216.173.64.154
malwarenetwork
High
68
Jun 12, 26
IP185.132.54.136
malwarenetwork
High
68
Jun 12, 26
Domainhubtischonline.de
malwarenetwork
High
68
Jun 12, 26
IP23.27.202.105
malwarenetwork
High
68
Jun 12, 26
Domain3d.rcogenasia.com
aptespionagemalware
High
68
Jun 12, 26
IP38.60.224.210
malwarenetwork
High
70
Jun 11, 26
SHA15355f5b99b0b9ad9f7053206439a16cd806a1036
file-hashmalware
High
68
Jun 12, 26
Domainwingthings-texas.com
malwarenetwork
High
68
Jun 12, 26
IP142.111.135.156
malwarenetwork
High
68
Jun 12, 26
Domainpublic.mexc.co.com
malwarenetworkstealer
High
70
Jun 11, 26
SHA1c5a822cd8783de9363ff8e504528da5a08f515ca
file-hashmalwarerat
High
70
Jun 11, 26
SHA256adff46b9cdccb4c75b3b8a236b3c799e4d6184a3d8ada97bf7f076db20102165
file-hashmalwarestealer
High
70
Jun 11, 26
IP149.104.87.94
malwarenetwork
High
70
Jun 11, 26
Domainblog.imbyter.com
malwarenetwork
High
70
Jun 11, 26
SHA1e4caf146451b10a86e7d7caff1755edff91e6182
file-hashmalware
High
68
Jun 12, 26
IP91.92.243.90
malwarenetwork
High
68
Jun 12, 26
Domaincolor.imbyter.com
malwarenetwork
High
70
Jun 11, 26
SHA121269b305abd633d1278097eace5015dec234fda
file-hashmalwarerat
High
70
Jun 11, 26
SHA1e89fc8cacba42f5b8d037a10946cbe76e4bf44ed
file-hashmalware
High
70
Jun 11, 26
SHA13a666616b48662049435aa6a4e3c5eda123b9cf7
file-hashmalware
High
70
Jun 11, 26
Domaingomezdown.cc
malwarenetwork
High
70
Jun 11, 26
Domainproemre.space
aptespionageexploit
High
70
Jun 11, 26
SHA14bdf5fc99069086b6b93c180d1d63707fa2841e4
file-hashmalwarestealer
High
70
Jun 11, 26
SHA256446aad1d86aaf82a32f7e63bd0dd34cb2ac85ca2a412b9bea2122fb5506ddac1
file-hashmalwarerat
High
86
Jun 11, 26
SHA2568f7cbdf63a7d08ffc2035a80886081798ce77b519b514eea574781bb54120125
botnetfile-hashmalware
High
86
Jun 11, 26
Domainhelloworld-sub.pages.dev
aptespionagemalware
High
70
Jun 11, 26
SHA1ca12d94bcafb10d268d9c272559c2c507a583e6d
file-hashmalware
High
68
Jun 12, 26
Domainpremiere-sunday-citizens-afford.trycloudflare.com
malwarenetwork
High
68
Jun 12, 26
Domainporrowtqjx.hubtischonline.de
malwarenetwork
High
68
Jun 12, 26
IP192.3.16.34
malwarenetworkstealer
High
70
Jun 11, 26
Domainun.meinurlaubinkroatien.de
malwarenetwork
High
68
Jun 12, 26
IP104.234.18.91
botnetloadermalware
High
78
Jun 11, 26
IP64.89.162.159
malwarenetworkrat
High
70
Jun 11, 26
IP23.27.175.37
malwarenetworkproxy
High
62
Jun 12, 26

IOC Relationship Graph

IOC Relationship Graph105 total IOCs
DomainIPSHA256SHA1URL
Domain46IP28SHA125SHA2565URL1Malware2REPORTMaltrail IOC for 2026-06-1LummaVidar
scroll to zoom · drag to pan · click IOC to open