jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: cobalt dickens indicators and references

APTTrail: cobalt dickens indicators and references

Ioc 1 min lectura cobalt-dickens
Fecha
18 Jun 2026
Actor
cobalt-dickens
Tipo
Ioc
Pais
United Kingdom
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
1TTPs
cobalt-dickensActor
United KingdomPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a cobalt dickens. Aliases observados: cobalt dickens, mabna institute, silent librarian, ta407. Conteo por tipo: domain: 836.

Key Points

  • https://blog.malwarebytes.com/malwarebytes-news/2020/10/silent-librarian-apt-phishing-attack/
  • https://otx.alienvault.com/pulse/5d78eaf37b37c503fb07d45a
  • https://otx.alienvault.com/pulse/5da4a7ab756627fcce84efcc
  • https://twitter.com/ShadowChasing1/status/1315855394506330113
  • https://twitter.com/TeamDreier/status/1318072706068320256

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a cobalt dickens. Aliases observados: cobalt dickens, mabna institute, silent librarian, ta407. Conteo por tipo: domain: 836.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain12st.meAPTTrail
Domain12xb.meAPTTrail
Domain1edu.inAPTTrail
Domain1ezpro.xyzAPTTrail
Domain1r3o.meAPTTrail
Domain28ag.meAPTTrail
Domain32ex.meAPTTrail
Domain33qa.meAPTTrail
Domain67vr.meAPTTrail
Domain67yt.meAPTTrail
Domainac.uk.libte.meAPTTrail
Domainaclib.meAPTTrail
Domainacuk.meAPTTrail
Domainadfs.goucher.adui.meAPTTrail
Domainadfs.goucher.elru.meAPTTrail
Domainadfs.goucher.pdlu.meAPTTrail
Domainadfs.goucher.unde.meAPTTrail
Domainadfs.lincoln.ac.uk.itlib.meAPTTrail
Domainadui.meAPTTrail
Domainaill.cfAPTTrail
Domainaill.nlAPTTrail
Domainallib.meAPTTrail
Domainanvc.meAPTTrail
Domainaroe.meAPTTrail
Domainasoec.meAPTTrail
Domainatll.tkAPTTrail
Domainatna.cfAPTTrail
Domainatti.cfAPTTrail
Domainauth.bath.ac.uk.ctit.cfAPTTrail
Domainauth.bath.ac.uk.ctit.tkAPTTrail

Referencias

Diamond Model

Adversary
cobalt-dickens
Ver perfil →
Victim
APTTrail: cobalt dickens indicators and references
United Kingdom
Capability
Ioc
1 TTPs MITRE
Infrastructure
12st.me
12xb.me
1edu.in
1ezpro.xyz

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 12st.me APTTrail VT OffSec SOCRadar
Domain 12xb.me APTTrail VT OffSec SOCRadar
Domain 1edu.in APTTrail VT OffSec SOCRadar
Domain 1ezpro.xyz APTTrail VT OffSec SOCRadar
Domain 1r3o.me APTTrail VT OffSec SOCRadar
Domain 28ag.me APTTrail VT OffSec SOCRadar
Domain 32ex.me APTTrail VT OffSec SOCRadar
Domain 33qa.me APTTrail VT OffSec SOCRadar
Domain 67vr.me APTTrail VT OffSec SOCRadar
Domain 67yt.me APTTrail VT OffSec SOCRadar
Domain ac.uk.libte.me APTTrail VT OffSec SOCRadar
Domain aclib.me APTTrail VT OffSec SOCRadar
Domain acuk.me APTTrail VT OffSec SOCRadar
Domain adfs.goucher.adui.me APTTrail VT OffSec SOCRadar
Domain adfs.goucher.elru.me APTTrail VT OffSec SOCRadar
Domain adfs.goucher.pdlu.me APTTrail VT OffSec SOCRadar
Domain adfs.goucher.unde.me APTTrail VT OffSec SOCRadar
Domain adfs.lincoln.ac.uk.itlib.me APTTrail VT OffSec SOCRadar
Domain adui.me APTTrail VT OffSec SOCRadar
Domain aill.cf APTTrail VT OffSec SOCRadar
Domain aill.nl APTTrail VT OffSec SOCRadar
Domain allib.me APTTrail VT OffSec SOCRadar
Domain anvc.me APTTrail VT OffSec SOCRadar
Domain aroe.me APTTrail VT OffSec SOCRadar
Domain asoec.me APTTrail VT OffSec SOCRadar
Domain atll.tk APTTrail VT OffSec SOCRadar
Domain atna.cf APTTrail VT OffSec SOCRadar
Domain atti.cf APTTrail VT OffSec SOCRadar
Domain auth.bath.ac.uk.ctit.cf APTTrail VT OffSec SOCRadar
Domain auth.bath.ac.uk.ctit.tk APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor cobalt-dickens en el blog → Ver cobalt-dickens en IntelTracker → URL IntelTracker: blog.malwarebytes.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: twitter.com→ URL IntelTracker: twitter.com→ URL IntelTracker: twitter.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: blog.malwarebytes.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: twitter.com → Buscar cobalt-dickens en APTTrail → Repositorio APTTrail → Mas incidentes en United Kingdom → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen