jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: apt-31 indicators and references

APTTrail: apt-31 indicators and references

Ioc 1 min lectura apt-31
Fecha
18 Jun 2026
Actor
apt-31
Tipo
Ioc
Pais
Unknown
Sector
Government
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt-31Actor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a apt-31. Aliases observados: apt-31, bronze vinewood, zirconium. Conteo por tipo: domain: 24, ipv4: 1.

Key Points

  • https://otx.alienvault.com/pulse/610a40dee36aae4fcd35e9cf
  • https://twitter.com/h2jazi/status/1519769353297747970
  • https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-013.pdf
  • https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/apt31-cloud-attacks/
  • https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/apt31-new-attacks/

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a apt-31. Aliases observados: apt-31, bronze vinewood, zirconium. Conteo por tipo: domain: 24, ipv4: 1.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainapi.flushcdn.comAPTTrail
Domainapi.hostupoeui.comAPTTrail
Domainapi.last-key.comAPTTrail
Domainbe-government.comAPTTrail
Domaincdn.microsoft-official.comAPTTrail
Domainconst.be-government.comAPTTrail
Domaindrmtake.tkAPTTrail
Domainedgecloudc.comAPTTrail
Domainflushcdn.comAPTTrail
Domaingitcloudcache.comAPTTrail
Domainhostupoeui.comAPTTrail
Domaininst.rsnet-devel.comAPTTrail
Domainintranet-rsnet.comAPTTrail
Domainlast-key.comAPTTrail
Domainmicrosoft-products.comAPTTrail
Domainoffice.microsoft-products.comAPTTrail
Domainoffline-microsoft.comAPTTrail
Domainp1.offline-microsoft.comAPTTrail
Domainportal.intranet-rsnet.comAPTTrail
Domainportal.super-encrypt.comAPTTrail
Domainrsnet-devel.comAPTTrail
Domainsuper-encrypt.comAPTTrail
Domainwshnews.comAPTTrail
Domainyandexpro.netAPTTrail
IP20.11.11.67:443APTTrail

Referencias

Diamond Model

Adversary
apt-31
Ver perfil →
Victim
APTTrail: apt-31 indicators and references
Capability
Ioc
Infrastructure
api.flushcdn.com
api.hostupoeui.com
api.last-key.com
be-government.com

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

16 enlaces
Domain
otx.alienvault.com
IOC compartido
Domain
twitter.com
IOC compartido
Domain
www.ptsecurity.com
IOC compartido
IntelTracker / OSINT link
otx.alienvault.com
apt-31
enlace asociado al actor
IntelTracker / OSINT link
twitter.com
apt-31
enlace asociado al actor
IntelTracker / OSINT link
www.cert.ssi.gouv.fr
apt-31
enlace asociado al actor
IntelTracker / OSINT link
www.ptsecurity.com
apt-31
enlace asociado al actor
IntelTracker / OSINT link
www.ptsecurity.com
apt-31
enlace asociado al actor
IntelTracker / OSINT link
www.secureworks.com
apt-31
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-31
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-31
enlace asociado al actor
Nodo actual
APTTrail: apt-31 indicators and references
apt-31
Victima
APTTrail: apt-c-12 indicators and references
otx.alienvault.com twitter.com
IOC compartido
Victima
APTTrail: APT 30 indicators and references
twitter.com www.ptsecurity.com
IOC compartido
Victima
APTTrail: APT 38 indicators and references
otx.alienvault.com twitter.com
IOC compartido
Victima
APTTrail: Bronze Highland indicators and references
otx.alienvault.com twitter.com
IOC compartido
Victima
APTTrail: APT FINFISHER indicators and references
otx.alienvault.com twitter.com
IOC compartido
Victima
APTTrail: backconfig indicators and references
otx.alienvault.com twitter.com
IOC compartido
Victima
APTTrail: Karakurt Lair indicators and references
otx.alienvault.com twitter.com
IOC compartido
Victima
APTTrail: APT LAZYSCRIPTER indicators and references
otx.alienvault.com twitter.com
IOC compartido

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain api.flushcdn.com APTTrail VT OffSec SOCRadar
Domain api.hostupoeui.com APTTrail VT OffSec SOCRadar
Domain api.last-key.com APTTrail VT OffSec SOCRadar
Domain be-government.com APTTrail VT OffSec SOCRadar
Domain cdn.microsoft-official.com APTTrail VT OffSec SOCRadar
Domain const.be-government.com APTTrail VT OffSec SOCRadar
Domain drmtake.tk APTTrail VT OffSec SOCRadar
Domain edgecloudc.com APTTrail VT OffSec SOCRadar
Domain flushcdn.com APTTrail VT OffSec SOCRadar
Domain gitcloudcache.com APTTrail VT OffSec SOCRadar
Domain hostupoeui.com APTTrail VT OffSec SOCRadar
Domain inst.rsnet-devel.com APTTrail VT OffSec SOCRadar
Domain intranet-rsnet.com APTTrail VT OffSec SOCRadar
Domain last-key.com APTTrail VT OffSec SOCRadar
Domain microsoft-products.com APTTrail VT OffSec SOCRadar
Domain office.microsoft-products.com APTTrail VT OffSec SOCRadar
Domain offline-microsoft.com APTTrail VT OffSec SOCRadar
Domain p1.offline-microsoft.com APTTrail VT OffSec SOCRadar
Domain portal.intranet-rsnet.com APTTrail VT OffSec SOCRadar
Domain portal.super-encrypt.com APTTrail VT OffSec SOCRadar
Domain rsnet-devel.com APTTrail VT OffSec SOCRadar
Domain super-encrypt.com APTTrail VT OffSec SOCRadar
Domain wshnews.com APTTrail VT OffSec SOCRadar
Domain yandexpro.net APTTrail VT OffSec SOCRadar
IP 20.11.11.67:443 APTTrail VT OffSec SOCRadar
IP 31.192.107.152 Extraido del contenido VT OffSec SOCRadar
Domain otx.alienvault.com Extraido del contenido VT OffSec SOCRadar
Domain twitter.com Extraido del contenido VT OffSec SOCRadar
Domain www.cert.ssi.gouv.fr Extraido del contenido VT OffSec SOCRadar
Domain www.ptsecurity.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-31 en el blog → Ver apt-31 en IntelTracker → URL IntelTracker: otx.alienvault.com→ URL IntelTracker: twitter.com→ URL IntelTracker: www.cert.ssi.gouv.fr→ URL IntelTracker: www.ptsecurity.com→ URL IntelTracker: www.ptsecurity.com→ URL IntelTracker: www.secureworks.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: twitter.com→ Fuente OSINT: www.cert.ssi.gouv.fr→ Fuente OSINT: www.ptsecurity.com → Buscar apt-31 en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters