Resumen APTTrail
APTTrail mantiene indicadores publicos asociados a APT DEATHSTALKER. Aliases observados: APT DEATHSTALKER. Conteo por tipo: domain: 167, ipv4: 4, url: 14.
Indicadores de Compromiso (IOCs)
| Tipo | Valor | Contexto |
|---|---|---|
| Domain | admex.org | APTTrail |
| Domain | adsoftpic.com | APTTrail |
| Domain | affijay.com | APTTrail |
| Domain | agagian.com | APTTrail |
| Domain | aidobe-update.com | APTTrail |
| Domain | allmedicalpro.com | APTTrail |
| Domain | allrivercenter.com | APTTrail |
| Domain | amazonappservice.com | APTTrail |
| Domain | amazoncld.com | APTTrail |
| Domain | amazoncontent.org | APTTrail |
| Domain | ammaze.org | APTTrail |
| Domain | amzbooks.org | APTTrail |
| Domain | amznapis.com | APTTrail |
| Domain | anyfoodappz.com | APTTrail |
| Domain | anypicsave.com | APTTrail |
| Domain | apidevops.org | APTTrail |
| Domain | apiygate.com | APTTrail |
| Domain | appcellor.com | APTTrail |
| Domain | apple-sdk.com | APTTrail |
| Domain | atomarket.org | APTTrail |
| Domain | audio-azure.com | APTTrail |
| Domain | azure-affiliate.com | APTTrail |
| Domain | azurecfd.com | APTTrail |
| Domain | azurecontents.com | APTTrail |
| Domain | azureservicesapi.com | APTTrail |
| Domain | bookfinder-ltd.com | APTTrail |
| Domain | borisjns.com | APTTrail |
| Domain | cargoargs.com | APTTrail |
| Domain | cashcores.org | APTTrail |
| Domain | check-avg.co | APTTrail |
Referencias
- https://archive.f-secure.com/weblog/archives/00002803.html
- https://otx.alienvault.com/pulse/5f43eff7af4508bf663e17ea
- https://otx.alienvault.com/pulse/5fc9193078e666899f4cc5a7
- https://securelist.com/deathstalker-mercenary-triumvirate/98177/
- https://securelist.com/deathstalker-targets-legal-entities-with-new-janicab-variant/108131/
- https://securelist.com/vilerat-deathstalkers-continuous-strike/107075/
- https://securelist.com/what-did-deathstalker-hide-between-two-ferns/99616/ (# PowerPepper)
- https://twitter.com/z0ul_/status/1389328825855746051 (# PyVil RAT)