jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT PKPLUG indicators and references

APTTrail: APT PKPLUG indicators and references

Ioc 1 min lectura apt-pkplug
Fecha
18 Jun 2026
Actor
apt-pkplug
Tipo
Ioc
Pais
Unknown
Sector
Government
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt-pkplugActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT PKPLUG. Aliases observados: APT PKPLUG. Conteo por tipo: domain: 58.

Key Points

  • https://community.emergingthreats.net/t/ruleset-update-summary-2023-09-22-v10423/980
  • https://otx.alienvault.com/pulse/6511d6fd63ecbfd938c3580f
  • https://pan-unit42.github.io/playbook_viewer/?pb=pkplug
  • https://unit42.paloaltonetworks.com/pkplug_chinese_cyber_espionage_group_attacking_asia/
  • https://unit42.paloaltonetworks.com/stately-taurus-attacks-se-asian-government/

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT PKPLUG. Aliases observados: APT PKPLUG. Conteo por tipo: domain: 58.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain3w.tcpdo.netAPTTrail
Domainadmin.nslookupdns.comAPTTrail
Domainadminloader.comAPTTrail
Domainadminsysteminfo.comAPTTrail
Domainandphocen.comAPTTrail
Domainapp.newfacebk.comAPTTrail
Domainappupdatemoremagic.comAPTTrail
Domaincdncool.comAPTTrail
Domaincsip6.bizAPTTrail
Domaindns.cdncool.comAPTTrail
Domainfeed-5613.coderformylife.infoAPTTrail
Domaingooledriveservice.comAPTTrail
Domainhonor2020.gaAPTTrail
Domainhwmt10.w3.ezua.comAPTTrail
Domainimw100pass.imwork.netAPTTrail
Domaininfo.adminsysteminfo.comAPTTrail
Domainjackhex.md5c.comAPTTrail
Domainjackhex.md5c.netAPTTrail
Domainlala513.gicp.netAPTTrail
Domainlinkdatax.comAPTTrail
Domainlogitechwkgame.comAPTTrail
Domainlzsps.mlAPTTrail
Domainmail.queryurl.comAPTTrail
Domainmd.sony36.comAPTTrail
Domainmd5c.netAPTTrail
Domainmicrosoftdefence.comAPTTrail
Domainmicrosoftserve.comAPTTrail
Domainmxdnsv6.comAPTTrail
Domainnetvovo.windowsnetwork.orgAPTTrail
Domainnewfacebk.comAPTTrail

Referencias

Diamond Model

Adversary
apt-pkplug
Ver perfil →
Victim
APTTrail: APT PKPLUG indicators and references
Capability
Ioc
Infrastructure
3w.tcpdo.net
admin.nslookupdns.com
adminloader.com
adminsysteminfo.com

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 3w.tcpdo.net APTTrail VT OffSec SOCRadar
Domain admin.nslookupdns.com APTTrail VT OffSec SOCRadar
Domain adminloader.com APTTrail VT OffSec SOCRadar
Domain adminsysteminfo.com APTTrail VT OffSec SOCRadar
Domain andphocen.com APTTrail VT OffSec SOCRadar
Domain app.newfacebk.com APTTrail VT OffSec SOCRadar
Domain appupdatemoremagic.com APTTrail VT OffSec SOCRadar
Domain cdncool.com APTTrail VT OffSec SOCRadar
Domain csip6.biz APTTrail VT OffSec SOCRadar
Domain dns.cdncool.com APTTrail VT OffSec SOCRadar
Domain feed-5613.coderformylife.info APTTrail VT OffSec SOCRadar
Domain gooledriveservice.com APTTrail VT OffSec SOCRadar
Domain honor2020.ga APTTrail VT OffSec SOCRadar
Domain hwmt10.w3.ezua.com APTTrail VT OffSec SOCRadar
Domain imw100pass.imwork.net APTTrail VT OffSec SOCRadar
Domain info.adminsysteminfo.com APTTrail VT OffSec SOCRadar
Domain jackhex.md5c.com APTTrail VT OffSec SOCRadar
Domain jackhex.md5c.net APTTrail VT OffSec SOCRadar
Domain lala513.gicp.net APTTrail VT OffSec SOCRadar
Domain linkdatax.com APTTrail VT OffSec SOCRadar
Domain logitechwkgame.com APTTrail VT OffSec SOCRadar
Domain lzsps.ml APTTrail VT OffSec SOCRadar
Domain mail.queryurl.com APTTrail VT OffSec SOCRadar
Domain md.sony36.com APTTrail VT OffSec SOCRadar
Domain md5c.net APTTrail VT OffSec SOCRadar
Domain microsoftdefence.com APTTrail VT OffSec SOCRadar
Domain microsoftserve.com APTTrail VT OffSec SOCRadar
Domain mxdnsv6.com APTTrail VT OffSec SOCRadar
Domain netvovo.windowsnetwork.org APTTrail VT OffSec SOCRadar
Domain newfacebk.com APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-pkplug en el blog → Ver apt-pkplug en IntelTracker → URL IntelTracker: community.emergingthreats.net→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: pan-unit42.github.io→ URL IntelTracker: unit42.paloaltonetworks.com→ URL IntelTracker: unit42.paloaltonetworks.com→ URL IntelTracker: unit42.paloaltonetworks.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: community.emergingthreats.net→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: pan-unit42.github.io→ Fuente OSINT: unit42.paloaltonetworks.com → Buscar apt-pkplug en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen