jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT29 indicators and references

APTTrail: APT29 indicators and references

Ioc 2 min lectura apt29
Fecha
18 Jun 2026
Actor
apt29
Tipo
Ioc
Pais
United States
Sector
Tech
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt29Actor
United StatesPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT29. Aliases observados: APT29, CloudDuke, CosmicDuke, Cozy Bear, CozyDuke, GeminiDuke, HammerDuke, Midnight Blizzard, MiniDuke, OnionDuke, PinchDuke, SeaDuke. Conteo por tipo: domain: 741, file_path: 23, ipv4: 9, url: 71.

Key Points

  • https://app.validin.com/detail?find=151.236.16.138&type=ip4&ref_id=7e3792beeb8#tab=resolutions
  • https://app.validin.com/detail?find=151.236.16.149&type=ip4&ref_id=d53e5a59923#tab=resolutions
  • https://app.validin.com/detail?find=151.236.16.193&type=ip4&ref_id=d53e5a59923#tab=resolutions
  • https://app.validin.com/detail?find=151.236.16.22&type=ip4&ref_id=9a0b40a1dad#tab=resolutions
  • https://app.validin.com/detail?find=151.236.16.220&type=ip4&ref_id=d53e5a59923#tab=resolutions

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT29. Aliases observados: APT29, CloudDuke, CosmicDuke, Cozy Bear, CozyDuke, GeminiDuke, HammerDuke, Midnight Blizzard, MiniDuke, OnionDuke, PinchDuke, SeaDuke. Conteo por tipo: domain: 741, file_path: 23, ipv4: 9, url: 71.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain1597ebba.info.gtjas.siteAPTTrail
Domain3bcc1bba.info.gtjas.siteAPTTrail
Domain4freerussia.cloudAPTTrail
Domain74d6b7b2.app.giftbox4u.comAPTTrail
Domain7c291bbe.info.gtjas.siteAPTTrail
Domainacciaio.com.brAPTTrail
Domainaccounts-google.onlineAPTTrail
Domainactualcombine.comAPTTrail
Domainadm.govua.cloudAPTTrail
Domainadmin-ch.cloudAPTTrail
Domainaeinc.solutionsAPTTrail
Domainahmed-ms.onlineAPTTrail
Domainairtravelabroad.comAPTTrail
Domainaka-ms.cloudAPTTrail
Domainalbrightstonebridge.cloudAPTTrail
Domainamazonmeeting.cloudAPTTrail
Domainamazonsolutions.cloudAPTTrail
Domainamericanprogress.cloudAPTTrail
Domainap-northeast-1-aws.s3-ua.cloudAPTTrail
Domainap-northeast-1-aws.ukrainesec.cloudAPTTrail
Domainaspeninstitute.cloudAPTTrail
Domainasucloud.usAPTTrail
Domainavis-google.onlineAPTTrail
Domainaws-app.onlineAPTTrail
Domainaws-atshop.onlineAPTTrail
Domainaws-cert.onlineAPTTrail
Domainaws-cloud.onlineAPTTrail
Domainaws-cloud.techAPTTrail
Domainaws-data.cloudAPTTrail
Domainaws-devops.siteAPTTrail

Referencias

Diamond Model

Adversary
apt29
Ver perfil →
Victim
APTTrail: APT29 indicators and references
United States
Capability
Ioc
Infrastructure
1597ebba.info.gtjas.site
3bcc1bba.info.gtjas.site
4freerussia.cloud
74d6b7b2.app.giftbox4u.com

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 1597ebba.info.gtjas.site APTTrail VT OffSec SOCRadar
Domain 3bcc1bba.info.gtjas.site APTTrail VT OffSec SOCRadar
Domain 4freerussia.cloud APTTrail VT OffSec SOCRadar
Domain 74d6b7b2.app.giftbox4u.com APTTrail VT OffSec SOCRadar
Domain 7c291bbe.info.gtjas.site APTTrail VT OffSec SOCRadar
Domain acciaio.com.br APTTrail VT OffSec SOCRadar
Domain accounts-google.online APTTrail VT OffSec SOCRadar
Domain actualcombine.com APTTrail VT OffSec SOCRadar
Domain adm.govua.cloud APTTrail VT OffSec SOCRadar
Domain admin-ch.cloud APTTrail VT OffSec SOCRadar
Domain aeinc.solutions APTTrail VT OffSec SOCRadar
Domain ahmed-ms.online APTTrail VT OffSec SOCRadar
Domain airtravelabroad.com APTTrail VT OffSec SOCRadar
Domain aka-ms.cloud APTTrail VT OffSec SOCRadar
Domain albrightstonebridge.cloud APTTrail VT OffSec SOCRadar
Domain amazonmeeting.cloud APTTrail VT OffSec SOCRadar
Domain amazonsolutions.cloud APTTrail VT OffSec SOCRadar
Domain americanprogress.cloud APTTrail VT OffSec SOCRadar
Domain ap-northeast-1-aws.s3-ua.cloud APTTrail VT OffSec SOCRadar
Domain ap-northeast-1-aws.ukrainesec.cloud APTTrail VT OffSec SOCRadar
Domain aspeninstitute.cloud APTTrail VT OffSec SOCRadar
Domain asucloud.us APTTrail VT OffSec SOCRadar
Domain avis-google.online APTTrail VT OffSec SOCRadar
Domain aws-app.online APTTrail VT OffSec SOCRadar
Domain aws-atshop.online APTTrail VT OffSec SOCRadar
Domain aws-cert.online APTTrail VT OffSec SOCRadar
Domain aws-cloud.online APTTrail VT OffSec SOCRadar
Domain aws-cloud.tech APTTrail VT OffSec SOCRadar
Domain aws-data.cloud APTTrail VT OffSec SOCRadar
Domain aws-devops.site APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt29 en el blog → Ver apt29 en IntelTracker → URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: app.validin.com→ Fuente OSINT: app.validin.com→ Fuente OSINT: app.validin.com→ Fuente OSINT: app.validin.com → Buscar apt29 en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen