jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: dmloader indicators and references

APTTrail: dmloader indicators and references

Ioc 1 min lectura dmloader
Fecha
18 Jun 2026
Actor
dmloader
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

20IOCs
0TTPs
dmloaderActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a dmloader. Aliases observados: dmloader, dunloader, frpc, icmpinger, kmlog, krnrat, ladon, moriya, nbtscan, odriz, simpoboxspy, tesdat. Conteo por tipo: domain: 4, ipv4: 7, url: 7.

Key Points

  • https://documents.trendmicro.com/assets/txt/EarthKurma-IOCssVJ3RcK.txt
  • https://www.trendmicro.com/en_us/research/25/d/earth-kurma-apt-campaign.html

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a dmloader. Aliases observados: dmloader, dunloader, frpc, icmpinger, kmlog, krnrat, ladon, moriya, nbtscan, odriz, simpoboxspy, tesdat. Conteo por tipo: domain: 4, ipv4: 7, url: 7.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domaindfsg3gfsga.spaceAPTTrail
Domainigtsadlb2ra.pwAPTTrail
Domainihyvcs5t.pwAPTTrail
Domainvidsec.ccAPTTrail
IP103.238.214.88:443APTTrail
IP149.28.147.63:443APTTrail
IP166.88.194.53:443APTTrail
IP185.239.225.106:443APTTrail
IP38.147.191.103:443APTTrail
IP38.60.199.225:443APTTrail
IP45.77.250.21:443APTTrail
URLhttp://103.238.214.88APTTrail
URLhttp://149.28.147.63APTTrail
URLhttp://166.88.194.53APTTrail
URLhttp://185.239.225.106APTTrail
URLhttp://38.147.191.103APTTrail
URLhttp://38.60.199.225APTTrail
URLhttp://45.77.250.21APTTrail

Referencias

Diamond Model

Adversary
dmloader
Ver perfil →
Victim
APTTrail: dmloader indicators and references
Capability
Ioc
Infrastructure
dfsg3gfsga.space
igtsadlb2ra.pw
ihyvcs5t.pw
vidsec.cc

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain dfsg3gfsga.space APTTrail VT OffSec SOCRadar
Domain igtsadlb2ra.pw APTTrail VT OffSec SOCRadar
Domain ihyvcs5t.pw APTTrail VT OffSec SOCRadar
Domain vidsec.cc APTTrail VT OffSec SOCRadar
IP 103.238.214.88:443 APTTrail VT OffSec SOCRadar
IP 149.28.147.63:443 APTTrail VT OffSec SOCRadar
IP 166.88.194.53:443 APTTrail VT OffSec SOCRadar
IP 185.239.225.106:443 APTTrail VT OffSec SOCRadar
IP 38.147.191.103:443 APTTrail VT OffSec SOCRadar
IP 38.60.199.225:443 APTTrail VT OffSec SOCRadar
IP 45.77.250.21:443 APTTrail VT OffSec SOCRadar
URL http://103.238.214.88 APTTrail VT OffSec SOCRadar
URL http://149.28.147.63 APTTrail VT OffSec SOCRadar
URL http://166.88.194.53 APTTrail VT OffSec SOCRadar
URL http://185.239.225.106 APTTrail VT OffSec SOCRadar
URL http://38.147.191.103 APTTrail VT OffSec SOCRadar
URL http://38.60.199.225 APTTrail VT OffSec SOCRadar
URL http://45.77.250.21 APTTrail VT OffSec SOCRadar
Domain documents.trendmicro.com Extraido del contenido VT OffSec SOCRadar
Domain www.trendmicro.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor dmloader en el blog → Ver dmloader en IntelTracker → URL IntelTracker: documents.trendmicro.com→ URL IntelTracker: www.trendmicro.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: documents.trendmicro.com→ Fuente OSINT: www.trendmicro.com → Buscar dmloader en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen