{ "Event": { "analysis": "1", "date": "2026-06-11", "extends_uuid": "", "info": "Maltrail IOC for 2026-06-12", "publish_timestamp": "1781258402", "published": true, "threat_level_id": "2", "timestamp": "1781254806", "uuid": "e8a02fe5-ac04-48dc-b71a-47e2f557780c", "Orgc": { "name": "Krawczyk Industries Limited", "uuid": "593e9fc8-be28-4cb2-a79b-43f8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#d6f264", "local": false, "name": "MALWARE", "relationship_type": "" }, { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#00ce5f", "local": false, "name": "misp:event-type=\"observation\"", "relationship_type": "" }, { "colour": "#009042", "local": false, "name": "misp:automation-level=\"unsupervised\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#0071c3", "local": false, "name": "osint:lifetime=\"perpetual\"", "relationship_type": "" }, { "colour": "#0064ac", "local": false, "name": "osint:source-type=\"manual-collection\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "android_fvncbot", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T08:00:03+00:00", "timestamp": "1781251204", "to_ids": false, "type": "url", "uuid": "37b1f85e-1c3f-46eb-a286-ffca5eca9bad", "value": "https://api.github.com/repos/stamparm/maltrail/commits/df9559fa45bedaa57b8575f79d85ebe255a40115", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "android_fvncbot", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T08:00:04+00:00", "timestamp": "1781251205", "to_ids": true, "type": "domain", "uuid": "f1d675d8-229a-4d7b-8384-41799c3b7941", "value": "easycopy-api.hirolab.space", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "android_fvncbot", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T08:00:05+00:00", "timestamp": "1781251205", "to_ids": true, "type": "domain", "uuid": "97a1d3d6-69b9-4513-aa52-4996353894d7", "value": "node.mboto.my.id", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "sectoprat", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T08:00:05+00:00", "timestamp": "1781251205", "to_ids": false, "type": "url", "uuid": "cb0af1c0-42d4-451e-98da-a669486e5c50", "value": "https://api.github.com/repos/stamparm/maltrail/commits/4a007afb5b29aa636e8c2838514a68781f02dc96", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "sectoprat", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T08:00:05+00:00", "timestamp": "1781251206", "to_ids": true, "type": "ip-dst", "uuid": "7706156f-e079-4281-8e78-805d816358bb", "value": "212.43.159.144", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "cyberstrikeai", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T08:00:06+00:00", "timestamp": "1781251206", "to_ids": false, "type": "url", "uuid": "29498973-e820-4b38-9a44-c8ffd626572e", "value": "https://api.github.com/repos/stamparm/maltrail/commits/b3e62e2d923ca350dadf3a2f55bf247c1b10bf06", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "cyberstrikeai", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T08:00:06+00:00", "timestamp": "1781251206", "to_ids": true, "type": "ip-dst", "uuid": "a36fc529-517f-4f32-a094-c6532f1e801f", "value": "104.21.20.107", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "cyberstrikeai", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T08:00:06+00:00", "timestamp": "1781251206", "to_ids": true, "type": "ip-dst", "uuid": "09fbdb18-cb53-40b4-9c5d-647e4f8fd85c", "value": "111.228.62.208", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "cyberstrikeai", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T08:00:06+00:00", "timestamp": "1781251207", "to_ids": true, "type": "ip-dst", "uuid": "25416364-31f8-40c4-8760-b08bcd4f065b", "value": "213.152.183.94", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "cyberstrikeai", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T08:00:07+00:00", "timestamp": "1781251207", "to_ids": true, "type": "ip-dst", "uuid": "45c740c8-a5e5-4ed7-ba30-494facdb8a33", "value": "54.90.231.197", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "cyberstrikeai", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T08:00:07+00:00", "timestamp": "1781251207", "to_ids": true, "type": "domain", "uuid": "5d5aa515-644a-4ecc-b8fd-da7c01b93a01", "value": "strike.sirclab.com", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "apt_kimsuky", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:03+00:00", "timestamp": "1781254803", "to_ids": false, "type": "url", "uuid": "a3596aeb-2562-4252-9c57-2a563c4a7ca9", "value": "https://api.github.com/repos/stamparm/maltrail/commits/26c03ca08f337ffffcdec59d5a181a13fcfb0876", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "apt_kimsuky", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:03+00:00", "timestamp": "1781254803", "to_ids": true, "type": "domain", "uuid": "8808e226-e8c2-4769-a720-2f04a6a33e67", "value": "ercmload15nd.dynv6.net", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "apt_kimsuky", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:03+00:00", "timestamp": "1781254804", "to_ids": true, "type": "domain", "uuid": "be1e2457-fcda-42c4-81d4-46add5cd39e4", "value": "ipsedcis.dynu.org", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "apt_kimsuky", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:04+00:00", "timestamp": "1781254804", "to_ids": true, "type": "domain", "uuid": "47ee46af-e38e-43ad-9a07-8a8e06ea4ed7", "value": "ipsedois.dynu.org", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "apt_kimsuky", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:04+00:00", "timestamp": "1781254804", "to_ids": true, "type": "domain", "uuid": "0aa691fe-d2be-4f19-b20b-7f7da8ff938e", "value": "mxot35us.dns.navy", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "apt_kimsuky", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:04+00:00", "timestamp": "1781254804", "to_ids": true, "type": "domain", "uuid": "3cef5fd1-32d3-4450-bc04-f8c667f601d4", "value": "nid-naverlvb.servepics.com", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "apt_kimsuky", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:04+00:00", "timestamp": "1781254804", "to_ids": true, "type": "domain", "uuid": "3b9a4e0f-7e60-42f2-be03-42ad31d6884c", "value": "nid-navervmt.servemp3.com", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "apt_kimsuky", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:04+00:00", "timestamp": "1781254804", "to_ids": true, "type": "domain", "uuid": "6b955398-a6cb-4825-b6f1-cf2413f40b70", "value": "nid-naverzlx.servegame.com", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "apt_kimsuky", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:04+00:00", "timestamp": "1781254805", "to_ids": true, "type": "domain", "uuid": "b45717eb-fe91-490c-9d02-0d4e8f1824c5", "value": "noreplyaccou.dynv6.net", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "apt_kimsuky", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:05+00:00", "timestamp": "1781254805", "to_ids": true, "type": "domain", "uuid": "5ac80ebf-44d2-4b61-9463-2ba96fe4a29a", "value": "sec-passe.dynv6.net", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "apt_kimsuky", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:05+00:00", "timestamp": "1781254805", "to_ids": true, "type": "domain", "uuid": "689856b3-c6df-4116-922d-a0f3778cb9e5", "value": "zonetaxload92nd.dynv6.net", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "hacked_npmrepos", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:05+00:00", "timestamp": "1781254805", "to_ids": false, "type": "url", "uuid": "3134ea30-244f-44c0-b43b-1cb6455890cc", "value": "https://api.github.com/repos/stamparm/maltrail/commits/20873dd0475c86a773640886c6e3f71145f8efec", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "hacked_npmrepos", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:05+00:00", "timestamp": "1781254805", "to_ids": false, "type": "url", "uuid": "95f67a85-fa61-4e73-99e6-70b8bf0e2153", "value": "https://x.com/KirkDerpca/status/2065225499643654213", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "hacked_npmrepos", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:05+00:00", "timestamp": "1781254805", "to_ids": true, "type": "ip-dst", "uuid": "5bcc19d0-242e-41dc-a0bc-4415c9f6f876", "value": "154.57.164.71", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "offloader", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:05+00:00", "timestamp": "1781254805", "to_ids": false, "type": "url", "uuid": "e458fcb0-c85f-4a2c-b0c0-c884e4073ada", "value": "https://api.github.com/repos/stamparm/maltrail/commits/7e4218427e0dc7caa6399d22447807ea162598e1", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "offloader", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:06+00:00", "timestamp": "1781254806", "to_ids": true, "type": "domain", "uuid": "5da66c4e-e241-47da-b8d0-790b906704ac", "value": "drinkappliance.cfd", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "offloader", "deleted": false, "disable_correlation": false, "last_seen": "2026-06-12T09:00:06+00:00", "timestamp": "1781254806", "to_ids": true, "type": "domain", "uuid": "595de0c5-967b-4957-bcd7-4c7df22f144d", "value": "proseshake.space", "Tag": [ { "colour": "#00833c", "local": false, "name": "misp:threat-level=\"medium-risk\"", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" } ] } ] } }