jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT COLDWASTREL indicators and references

APTTrail: APT COLDWASTREL indicators and references

Ioc 2 min lectura apt-coldwastrel
Fecha
18 Jun 2026
Actor
apt-coldwastrel
Tipo
Ioc
Pais
Russia
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
1TTPs
apt-coldwastrelActor
RussiaPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT COLDWASTREL. Aliases observados: APT COLDWASTREL. Conteo por tipo: domain: 105.

Key Points

  • https://app.validin.com/detail?find=38.180.18.59&type=ip4&ref_id=3160b1058e5#tab=resolutions
  • https://app.validin.com/detail?type=ip&find=38.180.87.136#tab=resolutions
  • https://citizenlab.ca/2024/08/sophisticated-phishing-targets-russias-perceived-enemies-around-the-globe/
  • https://en.fofa.info/result?qbase64=aGVhZGVyX2hhc2g9Ii0xNjkyOTY3NzM4IiAmJiBzZXJ2ZXI9PSJuZ2lueC8xLjE4LjAiICYmIGFzbj0iMjA2ODA0Ig%3D%3D
  • https://en.fofa.info/result?qbase64=aGVhZGVyX2hhc2g9IjY1ODMyNjkwMSIgJiYgamFybT0iMjdkNDBkNDBkMDAwNDBkMDAwNDJkNDNkMDAwMDAwNGFjMjRlNzdkNzY2NDY4NjdmMGY2YTBjNmQ5YjliYjAiICYmIHNlcnZlcj09Im5naW54LzEuMTguMCIgJiYgaXA9IjM4LjE4MC44Ni44Ny8xNiI%3D

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT COLDWASTREL. Aliases observados: APT COLDWASTREL. Conteo por tipo: domain: 105.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainaccount-api.cloudstorageservice.onlineAPTTrail
Domainaccount-api.onlinestorageroute.spaceAPTTrail
Domainaccount-api.protondrive.onlineAPTTrail
Domainaccount.email-pm.meAPTTrail
Domainaccount.onlinestorageroute.spaceAPTTrail
Domainaccount.open-button.comAPTTrail
Domainaccount.proton-drive.meAPTTrail
Domainaccount.proton-service.servicesAPTTrail
Domainaccount.proton-verify.meAPTTrail
Domainaccount.proton.shared-urls.meAPTTrail
Domainaccount.protondrive.cloudAPTTrail
Domainaccount.protondrive.onlineAPTTrail
Domainaccount.protondrive.onlinestorageroute.spaceAPTTrail
Domainaccount.protondrive.servicesAPTTrail
Domainaccount.secure-pm.meAPTTrail
Domainaccount.service-pm.meAPTTrail
Domainaccount.service-proton.comAPTTrail
Domainaccount.service-proton.meAPTTrail
Domainaccount.services-proton.meAPTTrail
Domainaccounts-proton.meAPTTrail
Domainaccounts.support-ukr.netAPTTrail
Domaincenter-facebook.comAPTTrail
Domaincivic-synergy.onlineAPTTrail
Domaincloudstorageservice.onlineAPTTrail
Domaindecryptor.meAPTTrail
Domaindesktop-facebook.comAPTTrail
Domaindocument-decryption.meAPTTrail
Domaindrive-proton.comAPTTrail
Domaindrive.link-pm.meAPTTrail
Domaindrive.proton-verify.meAPTTrail

Referencias

Diamond Model

Adversary
apt-coldwastrel
Ver perfil →
Victim
APTTrail: APT COLDWASTREL indicators and references
Russia
Capability
Ioc
1 TTPs MITRE
Infrastructure
account-api.cloudstorageservice.online
account-api.onlinestorageroute.space
account-api.protondrive.online
account.email-pm.me

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain account-api.cloudstorageservice.online APTTrail VT OffSec SOCRadar
Domain account-api.onlinestorageroute.space APTTrail VT OffSec SOCRadar
Domain account-api.protondrive.online APTTrail VT OffSec SOCRadar
Domain account.email-pm.me APTTrail VT OffSec SOCRadar
Domain account.onlinestorageroute.space APTTrail VT OffSec SOCRadar
Domain account.open-button.com APTTrail VT OffSec SOCRadar
Domain account.proton-drive.me APTTrail VT OffSec SOCRadar
Domain account.proton-service.services APTTrail VT OffSec SOCRadar
Domain account.proton-verify.me APTTrail VT OffSec SOCRadar
Domain account.proton.shared-urls.me APTTrail VT OffSec SOCRadar
Domain account.protondrive.cloud APTTrail VT OffSec SOCRadar
Domain account.protondrive.online APTTrail VT OffSec SOCRadar
Domain account.protondrive.onlinestorageroute.space APTTrail VT OffSec SOCRadar
Domain account.protondrive.services APTTrail VT OffSec SOCRadar
Domain account.secure-pm.me APTTrail VT OffSec SOCRadar
Domain account.service-pm.me APTTrail VT OffSec SOCRadar
Domain account.service-proton.com APTTrail VT OffSec SOCRadar
Domain account.service-proton.me APTTrail VT OffSec SOCRadar
Domain account.services-proton.me APTTrail VT OffSec SOCRadar
Domain accounts-proton.me APTTrail VT OffSec SOCRadar
Domain accounts.support-ukr.net APTTrail VT OffSec SOCRadar
Domain center-facebook.com APTTrail VT OffSec SOCRadar
Domain civic-synergy.online APTTrail VT OffSec SOCRadar
Domain cloudstorageservice.online APTTrail VT OffSec SOCRadar
Domain decryptor.me APTTrail VT OffSec SOCRadar
Domain desktop-facebook.com APTTrail VT OffSec SOCRadar
Domain document-decryption.me APTTrail VT OffSec SOCRadar
Domain drive-proton.com APTTrail VT OffSec SOCRadar
Domain drive.link-pm.me APTTrail VT OffSec SOCRadar
Domain drive.proton-verify.me APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-coldwastrel en el blog → Ver apt-coldwastrel en IntelTracker → URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com→ URL IntelTracker: citizenlab.ca→ URL IntelTracker: en.fofa.info→ URL IntelTracker: en.fofa.info→ URL IntelTracker: search.censys.io → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: app.validin.com→ Fuente OSINT: app.validin.com→ Fuente OSINT: citizenlab.ca→ Fuente OSINT: en.fofa.info → Buscar apt-coldwastrel en APTTrail → Repositorio APTTrail → Mas incidentes en Russia → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen