jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: Hade ransomware indicators and references

APTTrail: Hade ransomware indicators and references

Ioc 1 min lectura hade-ransomware
Fecha
18 Jun 2026
Actor
hade-ransomware
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

21IOCs
0TTPs
hade-ransomwareActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a Hade ransomware. Aliases observados: Hade ransomware, TimosaraHackerTerm. Conteo por tipo: domain: 16, ipv4: 1.

Key Points

  • https://twitter.com/BushidoToken/status/1369273531867992064
  • https://twitter.com/Max_Mal_/status/1480284003617882121
  • https://twitter.com/resecurity_com/status/1377137102094098439
  • https://www.infosecurity-magazine.com/news/hades-ransomware-linked-hafnium/
  • https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a Hade ransomware. Aliases observados: Hade ransomware, TimosaraHackerTerm. Conteo por tipo: domain: 16, ipv4: 1.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainback.estonine.comAPTTrail
Domainbingoshow.xyzAPTTrail
Domainbk.estonine.comAPTTrail
Domaindoes-no-exist33.estonine.comAPTTrail
Domaine.estonine.comAPTTrail
Domainindicate.estonine.comAPTTrail
Domaininducate.estonine.comAPTTrail
Domainload.estonine.comAPTTrail
Domainlog.estonine.comAPTTrail
Domainmoon.estonine.comAPTTrail
Domainp.estonine.comAPTTrail
Domainpslog.estonine.comAPTTrail
Domainshelltools-1254394685.cos.ap-shanghai.myqcloud.comAPTTrail
Domainsk.estonine.comAPTTrail
Domainsploit.estonine.comAPTTrail
Domaintask.estonine.comAPTTrail
IP101.37.76.66:5000APTTrail

Referencias

Diamond Model

Adversary
hade-ransomware
Ver perfil →
Victim
APTTrail: Hade ransomware indicators and references
Capability
Ioc
Infrastructure
back.estonine.com
bingoshow.xyz
bk.estonine.com
does-no-exist33.estonine.com

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

16 enlaces
Domain
twitter.com
IOC compartido
Domain
www.virustotal.com
IOC compartido
Domain
www.microsoft.com
IOC compartido
IntelTracker / OSINT link
twitter.com
hade-ransomware
enlace asociado al actor
IntelTracker / OSINT link
twitter.com
hade-ransomware
enlace asociado al actor
IntelTracker / OSINT link
twitter.com
hade-ransomware
enlace asociado al actor
IntelTracker / OSINT link
www.infosecurity-magazine.com
hade-ransomware
enlace asociado al actor
IntelTracker / OSINT link
www.microsoft.com
hade-ransomware
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
hade-ransomware
enlace asociado al actor
IntelTracker / OSINT link
github.com
hade-ransomware
enlace asociado al actor
IntelTracker / OSINT link
raw.githubusercontent.com
hade-ransomware
enlace asociado al actor
Nodo actual
APTTrail: Hade ransomware indicators and references
hade-ransomware
Victima
APTTrail: apt-c-12 indicators and references
twitter.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT 30 indicators and references
twitter.com www.virustotal.com
IOC compartido
Victima
APTTrail: eraleig ransomware indicators and references
twitter.com www.virustotal.com
IOC compartido
Victima
APTTrail: apt-q-58 indicators and references
twitter.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT DOCLESS indicators and references
twitter.com www.virustotal.com
IOC compartido
Victima
APTTrail: Bronze Highland indicators and references
twitter.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT FAMILIARFEELING indicators and references
twitter.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT FLAXTYPHOON indicators and references
www.microsoft.com www.virustotal.com
IOC compartido

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain back.estonine.com APTTrail VT OffSec SOCRadar
Domain bingoshow.xyz APTTrail VT OffSec SOCRadar
Domain bk.estonine.com APTTrail VT OffSec SOCRadar
Domain does-no-exist33.estonine.com APTTrail VT OffSec SOCRadar
Domain e.estonine.com APTTrail VT OffSec SOCRadar
Domain indicate.estonine.com APTTrail VT OffSec SOCRadar
Domain inducate.estonine.com APTTrail VT OffSec SOCRadar
Domain load.estonine.com APTTrail VT OffSec SOCRadar
Domain log.estonine.com APTTrail VT OffSec SOCRadar
Domain moon.estonine.com APTTrail VT OffSec SOCRadar
Domain p.estonine.com APTTrail VT OffSec SOCRadar
Domain pslog.estonine.com APTTrail VT OffSec SOCRadar
Domain shelltools-1254394685.cos.ap-shanghai.myqcloud.com APTTrail VT OffSec SOCRadar
Domain sk.estonine.com APTTrail VT OffSec SOCRadar
Domain sploit.estonine.com APTTrail VT OffSec SOCRadar
Domain task.estonine.com APTTrail VT OffSec SOCRadar
IP 101.37.76.66:5000 APTTrail VT OffSec SOCRadar
Domain twitter.com Extraido del contenido VT OffSec SOCRadar
Domain www.infosecurity-magazine.com Extraido del contenido VT OffSec SOCRadar
Domain www.microsoft.com Extraido del contenido VT OffSec SOCRadar
Domain www.virustotal.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor hade-ransomware en el blog → Ver hade-ransomware en IntelTracker → URL IntelTracker: twitter.com→ URL IntelTracker: twitter.com→ URL IntelTracker: twitter.com→ URL IntelTracker: www.infosecurity-magazine.com→ URL IntelTracker: www.microsoft.com→ URL IntelTracker: www.virustotal.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: twitter.com→ Fuente OSINT: twitter.com→ Fuente OSINT: twitter.com→ Fuente OSINT: www.infosecurity-magazine.com → Buscar hade-ransomware en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen