Resumen APTTrail
APTTrail mantiene indicadores publicos asociados a bigpretzel. Aliases observados: bigpretzel, graphite spyware. Conteo por tipo: domain: 18, ipv4: 17.
Indicadores de Compromiso (IOCs)
| Tipo | Valor | Contexto |
|---|---|---|
| Domain | ancient-thing.it | APTTrail |
| Domain | external-astra.com | APTTrail |
| Domain | external-cag.com | APTTrail |
| Domain | external-cap.com | APTTrail |
| Domain | external-drt.com | APTTrail |
| Domain | external-muki.com | APTTrail |
| Domain | external-shotgun3.com | APTTrail |
| Domain | external-sht-prd-4.com | APTTrail |
| Domain | external-sht.com | APTTrail |
| Domain | forti.external-muki.com | APTTrail |
| Domain | forti.external-shotgun3.com | APTTrail |
| Domain | forti.external-sht-prd-4.com | APTTrail |
| Domain | forti.external-sht.com | APTTrail |
| Domain | forti.internal-stg.com | APTTrail |
| Domain | forti.paraccess.com | APTTrail |
| Domain | internal-abba.com | APTTrail |
| Domain | internal-stg.com | APTTrail |
| Domain | modern-money.org | APTTrail |
| IP | 178.237.39.204:443 | APTTrail |
| IP | 178.237.39.204:50801 | APTTrail |
| IP | 178.237.39.204:53392 | APTTrail |
| IP | 178.237.39.204:64823 | APTTrail |
| IP | 194.71.130.218:443 | APTTrail |
| IP | 46.183.184.91:443 | APTTrail |
| IP | 84.110.122.27:443 | APTTrail |
| IP | 84.110.47.82:4443 | APTTrail |
| IP | 84.110.47.83:443 | APTTrail |
| IP | 84.110.47.84:1443 | APTTrail |
| IP | 84.110.47.84:443 | APTTrail |
| IP | 84.110.47.84:4443 | APTTrail |
Referencias
- https://app.validin.com/detail?find=%2FO%3Dnetwork39managment%2FCN%3Dgreenad&type=raw&ref_id=92a69af4516#tab=host_pairs (# 2025-06-13)
- https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/
- https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/ (# bigpretzel)
- https://search.censys.io/hosts/178.237.39.204
- https://x.com/blackorbird/status/1933368441433698638