jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: actinium indicators and references

APTTrail: actinium indicators and references

Ioc 2 min lectura actinium
Fecha
18 Jun 2026
Actor
actinium
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
actiniumActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a actinium. Aliases observados: actinium, apt-c-53, armageddon, bluealpha, gammadrop, gammaload, glowsand, glowspark, hive0051, primitive bear, pterodo, shuckworm. Conteo por tipo: domain: 50455, file_path: 1130, ipv4: 28, url: 208.

Key Points

  • http://lists.emergingthreats.net/pipermail/emerging-sigs/2021-November/030492.html
  • http://researchcenter.paloaltonetworks.com/2017/02/unit-42-title-gamaredon-group-toolset-evolution/
  • https://aaqeel01.wordpress.com/2021/01/18/docx-files-template-injection/
  • https://app.any.run/tasks/008c9df0-96b2-4616-9b75-d6a95ee74457/
  • https://app.any.run/tasks/17575220-f087-4baa-bc96-3d9bdb0f10ed/

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a actinium. Aliases observados: actinium, apt-c-53, armageddon, bluealpha, gammadrop, gammaload, glowsand, glowspark, hive0051, primitive bear, pterodo, shuckworm. Conteo por tipo: domain: 50455, file_path: 1130, ipv4: 28, url: 208.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain0.elitoras.ruAPTTrail
Domain0.hustorla.ruAPTTrail
Domain001912184.retarus.ruAPTTrail
Domain02.belkort.ruAPTTrail
Domain02.bortogat.ruAPTTrail
Domain02.domasq.ruAPTTrail
Domain02.elitoras.ruAPTTrail
Domain02.timerto.ruAPTTrail
Domain02.vadilops.ruAPTTrail
Domain02.voranfi.ruAPTTrail
Domain03.bortogat.ruAPTTrail
Domain03.domasq.ruAPTTrail
Domain03.elitoras.ruAPTTrail
Domain03.protimas.ruAPTTrail
Domain03.vadilops.ruAPTTrail
Domain03.voranfi.ruAPTTrail
Domain032xwkhts.corolain.ruAPTTrail
Domain043.libellus.ruAPTTrail
Domain04djgx9h1.corolain.ruAPTTrail
Domain06ez6x.moolin.ruAPTTrail
Domain0apkhude1h8biwnd.spotifik.ruAPTTrail
Domain0e42557e7ebf4251bad6d1e53a680dfb.hopers.ruAPTTrail
Domain0ejbfnz2mkneq14e46.moolin.ruAPTTrail
Domain0enhzs.moolin.ruAPTTrail
Domain0f6vi2h1w.corolain.ruAPTTrail
Domain0gcqbjhae4qj.metanat.ruAPTTrail
Domain0gg2nmb5vnea.jolotras.ruAPTTrail
Domain0hwo4ajnr.corolain.ruAPTTrail
Domain0ievltomh.corolain.ruAPTTrail
Domain0ivrlzyk.moolin.ruAPTTrail

Referencias

Diamond Model

Adversary
actinium
Ver perfil →
Victim
APTTrail: actinium indicators and references
Capability
Ioc
Infrastructure
0.elitoras.ru
0.hustorla.ru
001912184.retarus.ru
02.belkort.ru

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 0.elitoras.ru APTTrail VT OffSec SOCRadar
Domain 0.hustorla.ru APTTrail VT OffSec SOCRadar
Domain 001912184.retarus.ru APTTrail VT OffSec SOCRadar
Domain 02.belkort.ru APTTrail VT OffSec SOCRadar
Domain 02.bortogat.ru APTTrail VT OffSec SOCRadar
Domain 02.domasq.ru APTTrail VT OffSec SOCRadar
Domain 02.elitoras.ru APTTrail VT OffSec SOCRadar
Domain 02.timerto.ru APTTrail VT OffSec SOCRadar
Domain 02.vadilops.ru APTTrail VT OffSec SOCRadar
Domain 02.voranfi.ru APTTrail VT OffSec SOCRadar
Domain 03.bortogat.ru APTTrail VT OffSec SOCRadar
Domain 03.domasq.ru APTTrail VT OffSec SOCRadar
Domain 03.elitoras.ru APTTrail VT OffSec SOCRadar
Domain 03.protimas.ru APTTrail VT OffSec SOCRadar
Domain 03.vadilops.ru APTTrail VT OffSec SOCRadar
Domain 03.voranfi.ru APTTrail VT OffSec SOCRadar
Domain 032xwkhts.corolain.ru APTTrail VT OffSec SOCRadar
Domain 043.libellus.ru APTTrail VT OffSec SOCRadar
Domain 04djgx9h1.corolain.ru APTTrail VT OffSec SOCRadar
Domain 06ez6x.moolin.ru APTTrail VT OffSec SOCRadar
Domain 0apkhude1h8biwnd.spotifik.ru APTTrail VT OffSec SOCRadar
Domain 0e42557e7ebf4251bad6d1e53a680dfb.hopers.ru APTTrail VT OffSec SOCRadar
Domain 0ejbfnz2mkneq14e46.moolin.ru APTTrail VT OffSec SOCRadar
Domain 0enhzs.moolin.ru APTTrail VT OffSec SOCRadar
Domain 0f6vi2h1w.corolain.ru APTTrail VT OffSec SOCRadar
Domain 0gcqbjhae4qj.metanat.ru APTTrail VT OffSec SOCRadar
Domain 0gg2nmb5vnea.jolotras.ru APTTrail VT OffSec SOCRadar
Domain 0hwo4ajnr.corolain.ru APTTrail VT OffSec SOCRadar
Domain 0ievltomh.corolain.ru APTTrail VT OffSec SOCRadar
Domain 0ivrlzyk.moolin.ru APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor actinium en el blog → Ver actinium en IntelTracker → URL IntelTracker: lists.emergingthreats.net→ URL IntelTracker: researchcenter.paloaltonetworks.com→ URL IntelTracker: aaqeel01.wordpress.com→ URL IntelTracker: app.any.run→ URL IntelTracker: app.any.run→ URL IntelTracker: app.any.run → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: lists.emergingthreats.net→ Fuente OSINT: researchcenter.paloaltonetworks.com→ Fuente OSINT: aaqeel01.wordpress.com→ Fuente OSINT: app.any.run → Buscar actinium en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen