Resumen APTTrail
APTTrail mantiene indicadores publicos asociados a APT NEWSPENGUIN. Aliases observados: APT NEWSPENGUIN. Conteo por tipo: domain: 3.
Indicadores de Compromiso (IOCs)
| Tipo | Valor | Contexto |
|---|---|---|
| Domain | updates.win32.live | APTTrail |
| Domain | win32.live | APTTrail |
| Domain | windowsupdates.shop | APTTrail |
Referencias
- https://blogs.blackberry.com/en/2023/02/newspenguin-a-previously-unknown-threat-actor-targets-pakistan-with-advanced-espionage-tool
- https://twitter.com/__0XYC__/status/1617408058573094914
- https://twitter.com/dimitribest/status/1623648275134914562
- https://twitter.com/doc_guard/status/1617483771275784192
- https://www.virustotal.com/gui/file/80326b1e151e8348307114c8115e275c2fd63f0d2eb1dfacb6eca9840cf98525/detection
- https://www.virustotal.com/gui/ip-address/185.198.59.109/relations
- https://www.virustotal.com/gui/ip-address/51.222.103.8/relations