jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: Bronze Highland indicators and references

APTTrail: Bronze Highland indicators and references

Ioc 1 min lectura bronze-highland
Fecha
18 Jun 2026
Actor
bronze-highland
Tipo
Ioc
Pais
India
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

21IOCs
0TTPs
bronze-highlandActor
IndiaPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a Bronze Highland. Aliases observados: Bronze Highland, Daggerfly. Conteo por tipo: domain: 3, ipv4: 11.

Key Points

  • https://app.any.run/tasks/e5ad4dd0-32f7-45a6-8012-44711ed04f0e/
  • https://blog.malwarebytes.com/threat-analysis/2020/07/chinese-apt-group-targets-india-and-hong-kong-using-new-variant-of-mgbot-malware/
  • https://otx.alienvault.com/pulse/5f170c74a81587f5b2b6be5f
  • https://symantec-enterprise-blogs.security.com/threat-intelligence/daggerfly-espionage-updated-toolset
  • https://twitter.com/h2jazi/status/1296919948598673409

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a Bronze Highland. Aliases observados: Bronze Highland, Daggerfly. Conteo por tipo: domain: 3, ipv4: 11.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainflash.governmentmm.comAPTTrail
Domaingovernmentmm.comAPTTrail
Domainupdate.devicebug.comAPTTrail
IP103.96.128.44:10001APTTrail
IP103.96.128.44:16564APTTrail
IP103.96.131.150:19876APTTrail
IP103.96.131.150:40020APTTrail
IP122.10.89.170:9552APTTrail
IP122.10.89.172:10560APTTrail
IP223.165.4.175:81APTTrail
IP45.125.64.200:33200APTTrail
IP45.125.64.200:33220APTTrail
IP45.125.64.200:33223APTTrail
IP45.77.140.81:81APTTrail

Referencias

Diamond Model

Adversary
bronze-highland
Ver perfil →
Victim
APTTrail: Bronze Highland indicators and references
India
Capability
Ioc
Infrastructure
flash.governmentmm.com
governmentmm.com
update.devicebug.com
103.96.128.44:10001

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

16 enlaces
Domain
otx.alienvault.com
IOC compartido
Domain
twitter.com
IOC compartido
Domain
www.virustotal.com
IOC compartido
Domain
symantec-enterprise-blogs.security.com
IOC compartido
Domain
app.any.run
IOC compartido
Domain
blog.malwarebytes.com
IOC compartido
Domain
www.bleepingcomputer.com
IOC compartido
IntelTracker / OSINT link
app.any.run
bronze-highland
enlace asociado al actor
IntelTracker / OSINT link
blog.malwarebytes.com
bronze-highland
enlace asociado al actor
IntelTracker / OSINT link
otx.alienvault.com
bronze-highland
enlace asociado al actor
IntelTracker / OSINT link
symantec-enterprise-blogs.security.com
bronze-highland
enlace asociado al actor
IntelTracker / OSINT link
twitter.com
bronze-highland
enlace asociado al actor
IntelTracker / OSINT link
www.bleepingcomputer.com
bronze-highland
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
bronze-highland
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
bronze-highland
enlace asociado al actor
Nodo actual
APTTrail: Bronze Highland indicators and references
bronze-highland · India
Victima
APTTrail: FlowCloud indicators and references
otx.alienvault.com symantec-enterprise-blogs.security.com
IOC compartido
Victima
APTTrail: apt-c-12 indicators and references
otx.alienvault.com twitter.com
IOC compartido
Victima
APTTrail: APT DOCLESS indicators and references
app.any.run twitter.com
IOC compartido
Victima
APTTrail: APT FINFISHER indicators and references
app.any.run otx.alienvault.com
IOC compartido
Victima
APTTrail: backconfig indicators and references
otx.alienvault.com twitter.com
IOC compartido
Victima
APTTrail: APT HIGAISA indicators and references
blog.malwarebytes.com otx.alienvault.com
IOC compartido
Victima
APTTrail: Karakurt Lair indicators and references
otx.alienvault.com twitter.com
IOC compartido
Victima
APTTrail: APT LAZYSCRIPTER indicators and references
otx.alienvault.com twitter.com
IOC compartido

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain flash.governmentmm.com APTTrail VT OffSec SOCRadar
Domain governmentmm.com APTTrail VT OffSec SOCRadar
Domain update.devicebug.com APTTrail VT OffSec SOCRadar
IP 103.96.128.44:10001 APTTrail VT OffSec SOCRadar
IP 103.96.128.44:16564 APTTrail VT OffSec SOCRadar
IP 103.96.131.150:19876 APTTrail VT OffSec SOCRadar
IP 103.96.131.150:40020 APTTrail VT OffSec SOCRadar
IP 122.10.89.170:9552 APTTrail VT OffSec SOCRadar
IP 122.10.89.172:10560 APTTrail VT OffSec SOCRadar
IP 223.165.4.175:81 APTTrail VT OffSec SOCRadar
IP 45.125.64.200:33200 APTTrail VT OffSec SOCRadar
IP 45.125.64.200:33220 APTTrail VT OffSec SOCRadar
IP 45.125.64.200:33223 APTTrail VT OffSec SOCRadar
IP 45.77.140.81:81 APTTrail VT OffSec SOCRadar
Domain app.any.run Extraido del contenido VT OffSec SOCRadar
Domain blog.malwarebytes.com Extraido del contenido VT OffSec SOCRadar
Domain otx.alienvault.com Extraido del contenido VT OffSec SOCRadar
Domain symantec-enterprise-blogs.security.com Extraido del contenido VT OffSec SOCRadar
Domain twitter.com Extraido del contenido VT OffSec SOCRadar
Domain www.bleepingcomputer.com Extraido del contenido VT OffSec SOCRadar
Domain www.virustotal.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor bronze-highland en el blog → Ver bronze-highland en IntelTracker → URL IntelTracker: app.any.run→ URL IntelTracker: blog.malwarebytes.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: symantec-enterprise-blogs.security.com→ URL IntelTracker: twitter.com→ URL IntelTracker: www.bleepingcomputer.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: app.any.run→ Fuente OSINT: blog.malwarebytes.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: symantec-enterprise-blogs.security.com → Buscar bronze-highland en APTTrail → Repositorio APTTrail → Mas incidentes en India → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen