Resumen APTTrail
APTTrail mantiene indicadores publicos asociados a apt-45. Aliases observados: apt-45, apt45, onyx sleet, silent chollima. Conteo por tipo: domain: 6, ipv4: 2.
Indicadores de Compromiso (IOCs)
| Tipo | Valor | Contexto |
|---|---|---|
| Domain | bluedragon.com | APTTrail |
| Domain | cyancow.com | APTTrail |
| Domain | phpick.com | APTTrail |
| Domain | semiconductboard.com | APTTrail |
| Domain | tecnojournals.com | APTTrail |
| Domain | trollbydefault.com | APTTrail |
| IP | 216.120.201.112:443 | APTTrail |
| IP | 51.81.168.157:443 | APTTrail |
Referencias
- https://otx.alienvault.com/pulse/626bba5ec3f783b80d69a882
- https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/stonefly-north-korea-espionage
- https://symantec-enterprise-blogs.security.com/threat-intelligence/stonefly-north-korea-extortion
- https://www.virustotal.com/gui/ip-address/216.120.201.112/relations
- https://x.com/threatintel/status/1841507279150940288