Resumen APTTrail
APTTrail mantiene indicadores publicos asociados a KnuckleTouch. Aliases observados: KnuckleTouch, WrongSens. Conteo por tipo: ipv4: 5, url: 2.
Indicadores de Compromiso (IOCs)
| Tipo | Valor | Contexto |
|---|---|---|
| IP | 185.38.150.8:443 | APTTrail |
| IP | 185.38.150.8:49736 | APTTrail |
| IP | 88.80.148.65:443 | APTTrail |
| IP | 88.80.148.65:49713 | APTTrail |
| IP | 88.80.148.65:49714 | APTTrail |
| URL | http://185.38.150.8 | APTTrail |
| URL | http://88.80.148.65 | APTTrail |
Referencias
- https://labs.withsecure.com/publications/kapeka
- https://twitter.com/WithSecure/status/1780510629394080165
- https://twitter.com/smica83/status/1780518564341977501
- https://www.joesandbox.com/analysis/1427251#iocs
- https://www.joesandbox.com/analysis/1427252#iocs
- https://www.virustotal.com/gui/file/272cfaebf22e0f6a34c0a93b7c9c5b67c725947ba0f17e60ed67dbf6e1602043/detection
- https://www.virustotal.com/gui/file/bd07fb1e9b4768e7202de6cc454c78c6891270af02085c51fce5539db1386c3f/detection
- https://www.virustotal.com/gui/file/f30b9f6e913798ca52154c88725ee262a7bf92fe7caac1ae2e5147e457b9b08a/detection