jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT BLACKTECH indicators and references

APTTrail: APT BLACKTECH indicators and references

Ioc 2 min lectura apt-blacktech
Fecha
18 Jun 2026
Actor
apt-blacktech
Tipo
Ioc
Pais
China
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt-blacktechActor
ChinaPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT BLACKTECH. Aliases observados: APT BLACKTECH. Conteo por tipo: domain: 45, file_path: 2, ipv4: 5, url: 3.

Key Points

  • https://app.validin.com/detail?find=212.115.54.194&type=ip4&ref_id=fd9bbd3c264#tab=resolutions (# 2025-03-01)
  • https://blog.jpcert.or.jp/2018/06/plead-downloader-used-by-blacktech.html
  • https://dmpdump.github.io/posts/Kivars/
  • https://insight-jp.nttsecurity.com/post/102h7vx/blacktechflagpro (Japanese)
  • https://otx.alienvault.com/pulse/5db0438c08e53c4d7931e3f4

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT BLACKTECH. Aliases observados: APT BLACKTECH. Conteo por tipo: domain: 45, file_path: 2, ipv4: 5, url: 3.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainactivate.linkblackclover.comAPTTrail
Domainadobeupdate.serveusers.comAPTTrail
Domainamazon.panasocin.comAPTTrail
Domaincentos.onthewifi.comAPTTrail
Domaincentos1.chinabrands.xyzAPTTrail
Domaincentos2.chinabrands.xyzAPTTrail
Domaincentosupdate.dynamic-dns.netAPTTrail
Domaincentosupdates.comAPTTrail
Domaincentrosupdate.proxydns.comAPTTrail
Domainconfig.zapto.orgAPTTrail
Domaincsp.fortinetline.comAPTTrail
Domainem.totalpople.infoAPTTrail
Domainevergo.dnset.comAPTTrail
Domainfibtec.jkub.comAPTTrail
Domainfortinetline.comAPTTrail
Domaingstrap.jkub.comAPTTrail
Domainharb.bbsindex.comAPTTrail
Domainherace.https443.orgAPTTrail
Domainidonotknow.lflinkup.comAPTTrail
Domainidonotknow.lflinkup.netAPTTrail
Domainidonotknow.serveusers.comAPTTrail
Domaininkeslive.comAPTTrail
Domainlinuxhome.jkub.comAPTTrail
Domainmacfee-update.serveftp.comAPTTrail
Domainmicrosoftonline.com.authorizeddns.netAPTTrail
Domainmicrosoftvm.netAPTTrail
Domainns1001.centosupdates.comAPTTrail
Domainoffice.panasocin.comAPTTrail
Domainokinawas.ssl443.orgAPTTrail
Domainorg.misecure.comAPTTrail

Referencias

Diamond Model

Adversary
apt-blacktech
Ver perfil →
Victim
APTTrail: APT BLACKTECH indicators and references
China
Capability
Ioc
Infrastructure
activate.linkblackclover.com
adobeupdate.serveusers.com
amazon.panasocin.com
centos.onthewifi.com

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain activate.linkblackclover.com APTTrail VT OffSec SOCRadar
Domain adobeupdate.serveusers.com APTTrail VT OffSec SOCRadar
Domain amazon.panasocin.com APTTrail VT OffSec SOCRadar
Domain centos.onthewifi.com APTTrail VT OffSec SOCRadar
Domain centos1.chinabrands.xyz APTTrail VT OffSec SOCRadar
Domain centos2.chinabrands.xyz APTTrail VT OffSec SOCRadar
Domain centosupdate.dynamic-dns.net APTTrail VT OffSec SOCRadar
Domain centosupdates.com APTTrail VT OffSec SOCRadar
Domain centrosupdate.proxydns.com APTTrail VT OffSec SOCRadar
Domain config.zapto.org APTTrail VT OffSec SOCRadar
Domain csp.fortinetline.com APTTrail VT OffSec SOCRadar
Domain em.totalpople.info APTTrail VT OffSec SOCRadar
Domain evergo.dnset.com APTTrail VT OffSec SOCRadar
Domain fibtec.jkub.com APTTrail VT OffSec SOCRadar
Domain fortinetline.com APTTrail VT OffSec SOCRadar
Domain gstrap.jkub.com APTTrail VT OffSec SOCRadar
Domain harb.bbsindex.com APTTrail VT OffSec SOCRadar
Domain herace.https443.org APTTrail VT OffSec SOCRadar
Domain idonotknow.lflinkup.com APTTrail VT OffSec SOCRadar
Domain idonotknow.lflinkup.net APTTrail VT OffSec SOCRadar
Domain idonotknow.serveusers.com APTTrail VT OffSec SOCRadar
Domain inkeslive.com APTTrail VT OffSec SOCRadar
Domain linuxhome.jkub.com APTTrail VT OffSec SOCRadar
Domain macfee-update.serveftp.com APTTrail VT OffSec SOCRadar
Domain microsoftonline.com.authorizeddns.net APTTrail VT OffSec SOCRadar
Domain microsoftvm.net APTTrail VT OffSec SOCRadar
Domain ns1001.centosupdates.com APTTrail VT OffSec SOCRadar
Domain office.panasocin.com APTTrail VT OffSec SOCRadar
Domain okinawas.ssl443.org APTTrail VT OffSec SOCRadar
Domain org.misecure.com APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-blacktech en el blog → Ver apt-blacktech en IntelTracker → URL IntelTracker: app.validin.com→ URL IntelTracker: blog.jpcert.or.jp→ URL IntelTracker: dmpdump.github.io→ URL IntelTracker: insight-jp.nttsecurity.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: twitter.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: app.validin.com→ Fuente OSINT: blog.jpcert.or.jp→ Fuente OSINT: dmpdump.github.io→ Fuente OSINT: insight-jp.nttsecurity.com → Buscar apt-blacktech en APTTrail → Repositorio APTTrail → Mas incidentes en China → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen