jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: vampirebot indicators and references

APTTrail: vampirebot indicators and references

Ioc 1 min lectura vampirebot
Fecha
18 Jun 2026
Actor
vampirebot
Tipo
Ioc
Pais
Vietnam
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

26IOCs
0TTPs
vampirebotActor
VietnamPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a vampirebot. Aliases observados: vampirebot. Conteo por tipo: domain: 21, ipv4: 1.

Key Points

  • https://github.com/blackorbird/APT_REPORT/blob/master/cybercrime/BatShadow/batshadow-vietnamese-threat-group-vampire-bot-report.pdf
  • https://www.virustotal.com/gui/file/14aa9c1113184d439d6f65c6c55c1bfa3654c113f7ed164d92f0b439e2134342/detection
  • https://www.virustotal.com/gui/file/afed785aef35e7997e2208e45b2f91a5110d246bc282e0d9a3f6b0698cb871d6/detection
  • https://www.virustotal.com/gui/ip-address/103.124.95.115/relations
  • https://www.virustotal.com/gui/ip-address/103.124.95.161/relations

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a vampirebot. Aliases observados: vampirebot. Conteo por tipo: domain: 21, ipv4: 1.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainapi.samsungcareers.workAPTTrail
Domainapi3.samsungcareers.workAPTTrail
Domaindjactuallsbuilds.comAPTTrail
Domainftp.spaceq.ovhAPTTrail
Domainget-reponse-subt1.duckdns.orgAPTTrail
Domainget-reponse-subt2.duckdns.orgAPTTrail
Domainget-reponse-subt3.duckdns.orgAPTTrail
Domainget-reponse-subt4.duckdns.orgAPTTrail
Domainimg.samsungcareers.workAPTTrail
Domainjobs-infomarriott.comAPTTrail
Domainjobs-marriott.comAPTTrail
Domainjobswork.vnAPTTrail
Domainmail.jobs-infomarriott.comAPTTrail
Domainmail.jobs-marriott.comAPTTrail
Domainmail.jobswork.vnAPTTrail
Domainmysupportnetflix.comAPTTrail
Domainpanel2.samsungcareers.workAPTTrail
Domainsamsung-work.comAPTTrail
Domainsamsungcareers.workAPTTrail
Domainspaceq.ovhAPTTrail
Domainworkjobs.netAPTTrail
IP5.252.235.172:4449APTTrail

Referencias

Diamond Model

Adversary
vampirebot
Ver perfil →
Victim
APTTrail: vampirebot indicators and references
Vietnam
Capability
Ioc
Infrastructure
api.samsungcareers.work
api3.samsungcareers.work
djactuallsbuilds.com
ftp.spaceq.ovh

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

16 enlaces
Domain
github.com
IOC compartido
Domain
www.virustotal.com
IOC compartido
IntelTracker / OSINT link
github.com
vampirebot
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
vampirebot
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
vampirebot
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
vampirebot
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
vampirebot
enlace asociado al actor
IntelTracker / OSINT link
x.com
vampirebot
enlace asociado al actor
IntelTracker / OSINT link
x.com
vampirebot
enlace asociado al actor
IntelTracker / OSINT link
x.com
vampirebot
enlace asociado al actor
Nodo actual
APTTrail: vampirebot indicators and references
vampirebot · Vietnam
Victima
APTTrail: apt-c-12 indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT 18 indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: eraleig ransomware indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: dinodas indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT GROUNDBAIT indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT HIGAISA indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: apt-5 indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT POLONIUM indicators and references
github.com www.virustotal.com
IOC compartido

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain api.samsungcareers.work APTTrail VT OffSec SOCRadar
Domain api3.samsungcareers.work APTTrail VT OffSec SOCRadar
Domain djactuallsbuilds.com APTTrail VT OffSec SOCRadar
Domain ftp.spaceq.ovh APTTrail VT OffSec SOCRadar
Domain get-reponse-subt1.duckdns.org APTTrail VT OffSec SOCRadar
Domain get-reponse-subt2.duckdns.org APTTrail VT OffSec SOCRadar
Domain get-reponse-subt3.duckdns.org APTTrail VT OffSec SOCRadar
Domain get-reponse-subt4.duckdns.org APTTrail VT OffSec SOCRadar
Domain img.samsungcareers.work APTTrail VT OffSec SOCRadar
Domain jobs-infomarriott.com APTTrail VT OffSec SOCRadar
Domain jobs-marriott.com APTTrail VT OffSec SOCRadar
Domain jobswork.vn APTTrail VT OffSec SOCRadar
Domain mail.jobs-infomarriott.com APTTrail VT OffSec SOCRadar
Domain mail.jobs-marriott.com APTTrail VT OffSec SOCRadar
Domain mail.jobswork.vn APTTrail VT OffSec SOCRadar
Domain mysupportnetflix.com APTTrail VT OffSec SOCRadar
Domain panel2.samsungcareers.work APTTrail VT OffSec SOCRadar
Domain samsung-work.com APTTrail VT OffSec SOCRadar
Domain samsungcareers.work APTTrail VT OffSec SOCRadar
Domain spaceq.ovh APTTrail VT OffSec SOCRadar
Domain workjobs.net APTTrail VT OffSec SOCRadar
IP 5.252.235.172:4449 APTTrail VT OffSec SOCRadar
IP 103.124.95.115 Extraido del contenido VT OffSec SOCRadar
IP 103.124.95.161 Extraido del contenido VT OffSec SOCRadar
Domain github.com Extraido del contenido VT OffSec SOCRadar
Domain www.virustotal.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor vampirebot en el blog → Ver vampirebot en IntelTracker → URL IntelTracker: github.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: x.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: github.com→ Fuente OSINT: www.virustotal.com→ Fuente OSINT: www.virustotal.com→ Fuente OSINT: www.virustotal.com → Buscar vampirebot en APTTrail → Repositorio APTTrail → Mas incidentes en Vietnam → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen