jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: apt19 indicators and references

APTTrail: apt19 indicators and references

Ioc 1 min lectura apt19
Fecha
18 Jun 2026
Actor
apt19
Tipo
Ioc
Pais
United States
Sector
Tech
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt19Actor
United StatesPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a apt19. Aliases observados: apt19, c0d0so0, codoso, codoso team, deep panda, sunshop group. Conteo por tipo: domain: 57, file_path: 1, ipv4: 2, url: 8.

Key Points

  • https://attack.mitre.org/wiki/Group/G0009
  • https://cybergeeks.tech/analyzing-apt19-malware-using-a-step-by-step-method/
  • https://krebsonsecurity.com/wp-content/uploads/2015/02/FBI-Flash-Warning-Deep-Panda.pdf
  • https://otx.alienvault.com/pulse/6245655996f5a1a01e2b5d94
  • https://otx.alienvault.com/pulse/62b5767285717d7d3a45b2b8

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a apt19. Aliases observados: apt19, c0d0so0, codoso, codoso team, deep panda, sunshop group. Conteo por tipo: domain: 57, file_path: 1, ipv4: 2, url: 8.

Indicadores de Compromiso (IOCs)

TipoValorContexto
DomainEmpireB1ue.comAPTTrail
Domainameteksen.comAPTTrail
Domainasconline.we11point.comAPTTrail
Domainassso.netAPTTrail
Domainautodiscover.2bunny.comAPTTrail
Domainb.gnisoft.comAPTTrail
Domaincapstoneturbine.cechire.comAPTTrail
Domaincaref1rst.comAPTTrail
Domaincareflrst.comAPTTrail
Domainclient.gnisoft.comAPTTrail
Domainextcitrix.we11point.comAPTTrail
Domainfacefuture.usAPTTrail
Domaingifas.blogsite.orgAPTTrail
Domaingifas.cechire.comAPTTrail
Domaingiga.gnisoft.comAPTTrail
Domaingnisoft.comAPTTrail
Domaingoogle-dash.comAPTTrail
Domaingooglewebcache.comAPTTrail
Domainhealthslie.comAPTTrail
Domainhrsolutions.we11point.comAPTTrail
Domainicbcqsz.comAPTTrail
Domainimages.googlewebcache.comAPTTrail
Domainjbossas.orgAPTTrail
Domainkaspersyk.comAPTTrail
Domainlyncdiscover.2bunny.comAPTTrail
Domainme.we11point.comAPTTrail
Domainmicrosoft-cache.comAPTTrail
Domainmycitrix.we11point.comAPTTrail
Domainmyhr.we11point.comAPTTrail
Domainoa.ameteksen.comAPTTrail

Referencias

Diamond Model

Adversary
apt19
Ver perfil →
Victim
APTTrail: apt19 indicators and references
United States
Capability
Ioc
Infrastructure
EmpireB1ue.com
ameteksen.com
asconline.we11point.com
assso.net

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain EmpireB1ue.com APTTrail VT OffSec SOCRadar
Domain ameteksen.com APTTrail VT OffSec SOCRadar
Domain asconline.we11point.com APTTrail VT OffSec SOCRadar
Domain assso.net APTTrail VT OffSec SOCRadar
Domain autodiscover.2bunny.com APTTrail VT OffSec SOCRadar
Domain b.gnisoft.com APTTrail VT OffSec SOCRadar
Domain capstoneturbine.cechire.com APTTrail VT OffSec SOCRadar
Domain caref1rst.com APTTrail VT OffSec SOCRadar
Domain careflrst.com APTTrail VT OffSec SOCRadar
Domain client.gnisoft.com APTTrail VT OffSec SOCRadar
Domain extcitrix.we11point.com APTTrail VT OffSec SOCRadar
Domain facefuture.us APTTrail VT OffSec SOCRadar
Domain gifas.blogsite.org APTTrail VT OffSec SOCRadar
Domain gifas.cechire.com APTTrail VT OffSec SOCRadar
Domain giga.gnisoft.com APTTrail VT OffSec SOCRadar
Domain gnisoft.com APTTrail VT OffSec SOCRadar
Domain google-dash.com APTTrail VT OffSec SOCRadar
Domain googlewebcache.com APTTrail VT OffSec SOCRadar
Domain healthslie.com APTTrail VT OffSec SOCRadar
Domain hrsolutions.we11point.com APTTrail VT OffSec SOCRadar
Domain icbcqsz.com APTTrail VT OffSec SOCRadar
Domain images.googlewebcache.com APTTrail VT OffSec SOCRadar
Domain jbossas.org APTTrail VT OffSec SOCRadar
Domain kaspersyk.com APTTrail VT OffSec SOCRadar
Domain lyncdiscover.2bunny.com APTTrail VT OffSec SOCRadar
Domain me.we11point.com APTTrail VT OffSec SOCRadar
Domain microsoft-cache.com APTTrail VT OffSec SOCRadar
Domain mycitrix.we11point.com APTTrail VT OffSec SOCRadar
Domain myhr.we11point.com APTTrail VT OffSec SOCRadar
Domain oa.ameteksen.com APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt19 en el blog → Ver apt19 en IntelTracker → URL IntelTracker: attack.mitre.org→ URL IntelTracker: cybergeeks.tech→ URL IntelTracker: krebsonsecurity.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: twitter.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: attack.mitre.org→ Fuente OSINT: cybergeeks.tech→ Fuente OSINT: krebsonsecurity.com→ Fuente OSINT: otx.alienvault.com → Buscar apt19 en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen