jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT DRAGONOK indicators and references

APTTrail: APT DRAGONOK indicators and references

Ioc 1 min lectura apt-dragonok
Fecha
18 Jun 2026
Actor
apt-dragonok
Tipo
Ioc
Pais
Japan
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

21IOCs
0TTPs
apt-dragonokActor
JapanPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT DRAGONOK. Aliases observados: APT DRAGONOK. Conteo por tipo: domain: 14.

Key Points

  • http://www.morphick.com/resources/news/deep-dive-dragonok-rambo-backdoor
  • https://app.any.run/tasks/ceb18346-8e01-4abe-89b9-97b44b14c9a0/
  • https://app.validin.com/detail?find=153.234.67.222&type=ip4&ref_id=d4329fdcf8a#tab=resolutions
  • https://researchcenter.paloaltonetworks.com/2015/04/unit-42-identifies-new-dragonok-backdoor-malware-deployed-against-japanese-targets/
  • https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-operation-quantum-entanglement.pdf

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT DRAGONOK. Aliases observados: APT DRAGONOK. Conteo por tipo: domain: 14.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainbbs.donkeyhaws.infoAPTTrail
Domainbiosnews.infoAPTTrail
Domainbusserh.mancely.comAPTTrail
Domaindonkeyhaws.infoAPTTrail
Domainghostale.comAPTTrail
Domainhttp.donkeyhaws.infoAPTTrail
Domainhttps.osakaintec.comAPTTrail
Domainjpaols.comAPTTrail
Domainmoafee.comAPTTrail
Domainndbssh.comAPTTrail
Domainphp.marbletemps.comAPTTrail
Domainpktmedia.comAPTTrail
Domainskyppee.comAPTTrail
Domainycbackap.comAPTTrail

Referencias

Diamond Model

Adversary
apt-dragonok
Ver perfil →
Victim
APTTrail: APT DRAGONOK indicators and references
Japan
Capability
Ioc
Infrastructure
bbs.donkeyhaws.info
biosnews.info
busserh.mancely.com
donkeyhaws.info

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

16 enlaces
Domain
www.fireeye.com
IOC compartido
Domain
app.validin.com
IOC compartido
Domain
app.any.run
IOC compartido
Domain
researchcenter.paloaltonetworks.com
IOC compartido
IntelTracker / OSINT link
www.morphick.com
apt-dragonok
enlace asociado al actor
IntelTracker / OSINT link
app.any.run
apt-dragonok
enlace asociado al actor
IntelTracker / OSINT link
app.validin.com
apt-dragonok
enlace asociado al actor
IntelTracker / OSINT link
researchcenter.paloaltonetworks.com
apt-dragonok
enlace asociado al actor
IntelTracker / OSINT link
www.fireeye.com
apt-dragonok
enlace asociado al actor
IntelTracker / OSINT link
www.lac.co.jp
apt-dragonok
enlace asociado al actor
IntelTracker / OSINT link
github.com
apt-dragonok
enlace asociado al actor
IntelTracker / OSINT link
raw.githubusercontent.com
apt-dragonok
enlace asociado al actor
Nodo actual
APTTrail: APT DRAGONOK indicators and references
apt-dragonok · Japan
Victima
APTTrail: APT REAPER indicators and references
researchcenter.paloaltonetworks.com www.fireeye.com
IOC compartido
Victima
APTTrail: apt-c-12 indicators and references
www.fireeye.com
IOC compartido
Victima
APTTrail: APT 18 indicators and references
www.fireeye.com
IOC compartido
Victima
APTTrail: apt-c-48 indicators and references
app.validin.com
IOC compartido
Victima
APTTrail: apt-c-60 indicators and references
app.validin.com
IOC compartido
Victima
APTTrail: APT DOCLESS indicators and references
app.any.run
IOC compartido
Victima
APTTrail: BlackGuard indicators and references
app.validin.com
IOC compartido
Victima
APTTrail: Bronze Highland indicators and references
app.any.run
IOC compartido

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain bbs.donkeyhaws.info APTTrail VT OffSec SOCRadar
Domain biosnews.info APTTrail VT OffSec SOCRadar
Domain busserh.mancely.com APTTrail VT OffSec SOCRadar
Domain donkeyhaws.info APTTrail VT OffSec SOCRadar
Domain ghostale.com APTTrail VT OffSec SOCRadar
Domain http.donkeyhaws.info APTTrail VT OffSec SOCRadar
Domain https.osakaintec.com APTTrail VT OffSec SOCRadar
Domain jpaols.com APTTrail VT OffSec SOCRadar
Domain moafee.com APTTrail VT OffSec SOCRadar
Domain ndbssh.com APTTrail VT OffSec SOCRadar
Domain php.marbletemps.com APTTrail VT OffSec SOCRadar
Domain pktmedia.com APTTrail VT OffSec SOCRadar
Domain skyppee.com APTTrail VT OffSec SOCRadar
Domain ycbackap.com APTTrail VT OffSec SOCRadar
IP 153.234.67.222 Extraido del contenido VT OffSec SOCRadar
Domain www.morphick.com Extraido del contenido VT OffSec SOCRadar
Domain app.any.run Extraido del contenido VT OffSec SOCRadar
Domain app.validin.com Extraido del contenido VT OffSec SOCRadar
Domain researchcenter.paloaltonetworks.com Extraido del contenido VT OffSec SOCRadar
Domain www.fireeye.com Extraido del contenido VT OffSec SOCRadar
Domain www.lac.co.jp Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-dragonok en el blog → Ver apt-dragonok en IntelTracker → URL IntelTracker: www.morphick.com→ URL IntelTracker: app.any.run→ URL IntelTracker: app.validin.com→ URL IntelTracker: researchcenter.paloaltonetworks.com→ URL IntelTracker: www.fireeye.com→ URL IntelTracker: www.lac.co.jp → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: www.morphick.com→ Fuente OSINT: app.any.run→ Fuente OSINT: app.validin.com→ Fuente OSINT: researchcenter.paloaltonetworks.com → Buscar apt-dragonok en APTTrail → Repositorio APTTrail → Mas incidentes en Japan → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen