jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: apt-c-50 indicators and references

APTTrail: apt-c-50 indicators and references

Ioc 2 min lectura apt-c-50
Fecha
18 Jun 2026
Actor
apt-c-50
Tipo
Ioc
Pais
United States
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt-c-50Actor
United StatesPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a apt-c-50. Aliases observados: apt-c-50. Conteo por tipo: domain: 23, file_path: 13, ipv4: 1, url: 5.

Key Points

  • https://github.com/ti-research-io/ti/blob/main/ioc_extender/ET_Lazarus.json
  • https://mp.weixin.qq.com/s/yaLC8gs-U92X6WnYzuuQ7w
  • https://otx.alienvault.com/pulse/5d9db01cc5328d4649e0594c
  • https://research.checkpoint.com/domestic-kitten-an-iranian-surveillance-operation/
  • https://twitter.com/blackorbird/status/1181868468620017665 (# Cyrus Attack)

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a apt-c-50. Aliases observados: apt-c-50. Conteo por tipo: domain: 23, file_path: 13, ipv4: 1, url: 5.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainandroidsecurityupdate.comAPTTrail
Domainandroidsystemsupdate.comAPTTrail
Domainandroidsystemswebview.comAPTTrail
Domainappsoftupdate.comAPTTrail
Domainarzdigitals.comAPTTrail
Domainfirmwaresystemupdate.comAPTTrail
Domaingeorgethompson.spaceAPTTrail
Domaingoogleassisstants.comAPTTrail
Domaingoogleservicesforar.comAPTTrail
Domaingoogleupdateservicese.comAPTTrail
Domaingooglextabv.comAPTTrail
Domainlohefeshordeh.netAPTTrail
Domainnewportschoolupdateserver.comAPTTrail
Domainns1.googleassisstants.comAPTTrail
Domainns2.googleassisstants.comAPTTrail
Domainpadre914.comAPTTrail
Domainronaldlubbers.siteAPTTrail
Domainsarayemaghale.hami24.netAPTTrail
Domainstevenwentz.comAPTTrail
Domainsystemdriverupdate.comAPTTrail
Domainychatonline.netAPTTrail
Domainydownyload.netAPTTrail
Domainynewnow.netAPTTrail
FILE_PATH/farahv2.apkAPTTrail
FILE_PATH/hass/answer.phpAPTTrail
FILE_PATH/hass/get-function.phpAPTTrail
FILE_PATH/hass/upload-log.phpAPTTrail
FILE_PATH/mmh/gt-func.phpAPTTrail
FILE_PATH/mmh/lg-upld.phpAPTTrail
FILE_PATH/mmh/on-answ.phpAPTTrail

Referencias

Diamond Model

Adversary
apt-c-50
Ver perfil →
Victim
APTTrail: apt-c-50 indicators and references
United States
Capability
Ioc
Infrastructure
androidsecurityupdate.com
androidsystemsupdate.com
androidsystemswebview.com
appsoftupdate.com

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain androidsecurityupdate.com APTTrail VT OffSec SOCRadar
Domain androidsystemsupdate.com APTTrail VT OffSec SOCRadar
Domain androidsystemswebview.com APTTrail VT OffSec SOCRadar
Domain appsoftupdate.com APTTrail VT OffSec SOCRadar
Domain arzdigitals.com APTTrail VT OffSec SOCRadar
Domain firmwaresystemupdate.com APTTrail VT OffSec SOCRadar
Domain georgethompson.space APTTrail VT OffSec SOCRadar
Domain googleassisstants.com APTTrail VT OffSec SOCRadar
Domain googleservicesforar.com APTTrail VT OffSec SOCRadar
Domain googleupdateservicese.com APTTrail VT OffSec SOCRadar
Domain googlextabv.com APTTrail VT OffSec SOCRadar
Domain lohefeshordeh.net APTTrail VT OffSec SOCRadar
Domain newportschoolupdateserver.com APTTrail VT OffSec SOCRadar
Domain ns1.googleassisstants.com APTTrail VT OffSec SOCRadar
Domain ns2.googleassisstants.com APTTrail VT OffSec SOCRadar
Domain padre914.com APTTrail VT OffSec SOCRadar
Domain ronaldlubbers.site APTTrail VT OffSec SOCRadar
Domain sarayemaghale.hami24.net APTTrail VT OffSec SOCRadar
Domain stevenwentz.com APTTrail VT OffSec SOCRadar
Domain systemdriverupdate.com APTTrail VT OffSec SOCRadar
Domain ychatonline.net APTTrail VT OffSec SOCRadar
Domain ydownyload.net APTTrail VT OffSec SOCRadar
Domain ynewnow.net APTTrail VT OffSec SOCRadar
FILE_PATH /farahv2.apk APTTrail VT OffSec SOCRadar
FILE_PATH /hass/answer.php APTTrail VT OffSec SOCRadar
FILE_PATH /hass/get-function.php APTTrail VT OffSec SOCRadar
FILE_PATH /hass/upload-log.php APTTrail VT OffSec SOCRadar
FILE_PATH /mmh/gt-func.php APTTrail VT OffSec SOCRadar
FILE_PATH /mmh/lg-upld.php APTTrail VT OffSec SOCRadar
FILE_PATH /mmh/on-answ.php APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-c-50 en el blog → Ver apt-c-50 en IntelTracker → URL IntelTracker: github.com→ URL IntelTracker: mp.weixin.qq.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: research.checkpoint.com→ URL IntelTracker: twitter.com→ URL IntelTracker: twitter.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: github.com→ Fuente OSINT: mp.weixin.qq.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: research.checkpoint.com → Buscar apt-c-50 en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen