jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT REAPER indicators and references

APTTrail: APT REAPER indicators and references

Ioc 1 min lectura apt-reaper
Fecha
18 Jun 2026
Actor
apt-reaper
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

27IOCs
0TTPs
apt-reaperActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT REAPER. Aliases observados: APT REAPER. Conteo por tipo: domain: 19, file_path: 1.

Key Points

  • https://blog.talosintelligence.com/2018/04/fake-av-investigation-unearths-kevdroid.html
  • https://github.com/Cisco-Talos/IOCs/blob/main/2023/11/new-sugargh0st-rat.txt
  • https://github.com/Cisco-Talos/IOCs/blob/main/2024/06/sneakychef-sugargh0st-rat.txt
  • https://researchcenter.paloaltonetworks.com/2018/04/unit42-reaper-groups-updated-mobile-arsenal/
  • https://twitter.com/QW5kcmV3/status/1033495729258606597

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT REAPER. Aliases observados: APT REAPER. Conteo por tipo: domain: 19, file_path: 1.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainaccount.drive-google-com.tkAPTTrail
Domainaccount.gommask.onlineAPTTrail
Domainaccounts-youtube.drive-google-com.tkAPTTrail
Domainanyportals.comAPTTrail
Domaincgalim.comAPTTrail
Domaindns-update.clubAPTTrail
Domaindrive-google-com.tkAPTTrail
Domaingmail.drive-google-com.tkAPTTrail
Domaingommask.onlineAPTTrail
Domainhakproperty.comAPTTrail
Domainhpserver.onlineAPTTrail
Domainiblcor.cafe24.comAPTTrail
Domainimagedownloadsupport.comAPTTrail
Domainlogin.drive-google-com.tkAPTTrail
Domainmailattachmentimageurlxyz.siteAPTTrail
Domainmumbai-m.siteAPTTrail
Domainpmoae.comAPTTrail
Domainproxycheker.proAPTTrail
Domainssl-gstatic.drive-google-com.tkAPTTrail
FILE_PATH/bbs/pu.php?do=uploadAPTTrail

Referencias

Diamond Model

Adversary
apt-reaper
Ver perfil →
Victim
APTTrail: APT REAPER indicators and references
Capability
Ioc
Infrastructure
account.drive-google-com.tk
account.gommask.online
accounts-youtube.drive-google-com.tk
anyportals.com

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

16 enlaces
Domain
github.com
IOC compartido
Domain
twitter.com
IOC compartido
Domain
www.fireeye.com
IOC compartido
Domain
www.virustotal.com
IOC compartido
Domain
researchcenter.paloaltonetworks.com
IOC compartido
Domain
anyportals.com
IOC compartido
Domain
blog.talosintelligence.com
IOC compartido
IntelTracker / OSINT link
blog.talosintelligence.com
apt-reaper
enlace asociado al actor
IntelTracker / OSINT link
github.com
apt-reaper
enlace asociado al actor
IntelTracker / OSINT link
github.com
apt-reaper
enlace asociado al actor
IntelTracker / OSINT link
researchcenter.paloaltonetworks.com
apt-reaper
enlace asociado al actor
IntelTracker / OSINT link
twitter.com
apt-reaper
enlace asociado al actor
IntelTracker / OSINT link
twitter.com
apt-reaper
enlace asociado al actor
IntelTracker / OSINT link
www.fireeye.com
apt-reaper
enlace asociado al actor
IntelTracker / OSINT link
www.genians.co.kr
apt-reaper
enlace asociado al actor
Nodo actual
APTTrail: APT REAPER indicators and references
apt-reaper
Victima
APTTrail: apt-c-12 indicators and references
github.com twitter.com
IOC compartido
Victima
APTTrail: APT 18 indicators and references
github.com www.fireeye.com
IOC compartido
Victima
APTTrail: eraleig ransomware indicators and references
github.com twitter.com
IOC compartido
Victima
APTTrail: APT POLONIUM indicators and references
github.com twitter.com
IOC compartido
Victima
APTTrail: FlowCloud indicators and references
github.com twitter.com
IOC compartido
Victima
APTTrail: darknights indicators and references
blog.talosintelligence.com github.com
IOC compartido
Victima
APTTrail: APT 30 indicators and references
twitter.com www.virustotal.com
IOC compartido
Victima
APTTrail: vampirebot indicators and references
github.com www.virustotal.com
IOC compartido

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain account.drive-google-com.tk APTTrail VT OffSec SOCRadar
Domain account.gommask.online APTTrail VT OffSec SOCRadar
Domain accounts-youtube.drive-google-com.tk APTTrail VT OffSec SOCRadar
Domain anyportals.com APTTrail VT OffSec SOCRadar
Domain cgalim.com APTTrail VT OffSec SOCRadar
Domain dns-update.club APTTrail VT OffSec SOCRadar
Domain drive-google-com.tk APTTrail VT OffSec SOCRadar
Domain gmail.drive-google-com.tk APTTrail VT OffSec SOCRadar
Domain gommask.online APTTrail VT OffSec SOCRadar
Domain hakproperty.com APTTrail VT OffSec SOCRadar
Domain hpserver.online APTTrail VT OffSec SOCRadar
Domain iblcor.cafe24.com APTTrail VT OffSec SOCRadar
Domain imagedownloadsupport.com APTTrail VT OffSec SOCRadar
Domain login.drive-google-com.tk APTTrail VT OffSec SOCRadar
Domain mailattachmentimageurlxyz.site APTTrail VT OffSec SOCRadar
Domain mumbai-m.site APTTrail VT OffSec SOCRadar
Domain pmoae.com APTTrail VT OffSec SOCRadar
Domain proxycheker.pro APTTrail VT OffSec SOCRadar
Domain ssl-gstatic.drive-google-com.tk APTTrail VT OffSec SOCRadar
FILE_PATH /bbs/pu.php?do=upload APTTrail VT OffSec SOCRadar
Domain blog.talosintelligence.com Extraido del contenido VT OffSec SOCRadar
Domain github.com Extraido del contenido VT OffSec SOCRadar
Domain researchcenter.paloaltonetworks.com Extraido del contenido VT OffSec SOCRadar
Domain twitter.com Extraido del contenido VT OffSec SOCRadar
Domain www.fireeye.com Extraido del contenido VT OffSec SOCRadar
Domain www.genians.co.kr Extraido del contenido VT OffSec SOCRadar
Domain www.virustotal.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-reaper en el blog → Ver apt-reaper en IntelTracker → URL IntelTracker: blog.talosintelligence.com→ URL IntelTracker: github.com→ URL IntelTracker: github.com→ URL IntelTracker: researchcenter.paloaltonetworks.com→ URL IntelTracker: twitter.com→ URL IntelTracker: twitter.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: blog.talosintelligence.com→ Fuente OSINT: github.com→ Fuente OSINT: github.com→ Fuente OSINT: researchcenter.paloaltonetworks.com → Buscar apt-reaper en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen