jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: apt-c-50 indicators and references

APTTrail: apt-c-50 indicators and references

Ioc 2 min lectura apt-c-50
Fecha
18 Jun 2026
Actor
apt-c-50
Tipo
Ioc
Pais
United States
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt-c-50Actor
United StatesPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a apt-c-50. Aliases observados: apt-c-50. Conteo por tipo: domain: 23, file_path: 13, ipv4: 1, url: 5.

Key Points

  • https://github.com/ti-research-io/ti/blob/main/ioc_extender/ET_Lazarus.json
  • https://mp.weixin.qq.com/s/yaLC8gs-U92X6WnYzuuQ7w
  • https://otx.alienvault.com/pulse/5d9db01cc5328d4649e0594c
  • https://research.checkpoint.com/domestic-kitten-an-iranian-surveillance-operation/
  • https://twitter.com/blackorbird/status/1181868468620017665 (# Cyrus Attack)

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a apt-c-50. Aliases observados: apt-c-50. Conteo por tipo: domain: 23, file_path: 13, ipv4: 1, url: 5.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainandroidsecurityupdate.comAPTTrail
Domainandroidsystemsupdate.comAPTTrail
Domainandroidsystemswebview.comAPTTrail
Domainappsoftupdate.comAPTTrail
Domainarzdigitals.comAPTTrail
Domainfirmwaresystemupdate.comAPTTrail
Domaingeorgethompson.spaceAPTTrail
Domaingoogleassisstants.comAPTTrail
Domaingoogleservicesforar.comAPTTrail
Domaingoogleupdateservicese.comAPTTrail
Domaingooglextabv.comAPTTrail
Domainlohefeshordeh.netAPTTrail
Domainnewportschoolupdateserver.comAPTTrail
Domainns1.googleassisstants.comAPTTrail
Domainns2.googleassisstants.comAPTTrail
Domainpadre914.comAPTTrail
Domainronaldlubbers.siteAPTTrail
Domainsarayemaghale.hami24.netAPTTrail
Domainstevenwentz.comAPTTrail
Domainsystemdriverupdate.comAPTTrail
Domainychatonline.netAPTTrail
Domainydownyload.netAPTTrail
Domainynewnow.netAPTTrail
FILE_PATH/farahv2.apkAPTTrail
FILE_PATH/hass/answer.phpAPTTrail
FILE_PATH/hass/get-function.phpAPTTrail
FILE_PATH/hass/upload-log.phpAPTTrail
FILE_PATH/mmh/gt-func.phpAPTTrail
FILE_PATH/mmh/lg-upld.phpAPTTrail
FILE_PATH/mmh/on-answ.phpAPTTrail

Referencias

Diamond Model

Adversary
apt-c-50
Ver perfil →
Victim
APTTrail: apt-c-50 indicators and references
United States
Capability
Ioc
Infrastructure
androidsecurityupdate.com
androidsystemsupdate.com
androidsystemswebview.com
appsoftupdate.com

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain androidsecurityupdate.com APTTrail VT OffSec SOCRadar
Domain androidsystemsupdate.com APTTrail VT OffSec SOCRadar
Domain androidsystemswebview.com APTTrail VT OffSec SOCRadar
Domain appsoftupdate.com APTTrail VT OffSec SOCRadar
Domain arzdigitals.com APTTrail VT OffSec SOCRadar
Domain firmwaresystemupdate.com APTTrail VT OffSec SOCRadar
Domain georgethompson.space APTTrail VT OffSec SOCRadar
Domain googleassisstants.com APTTrail VT OffSec SOCRadar
Domain googleservicesforar.com APTTrail VT OffSec SOCRadar
Domain googleupdateservicese.com APTTrail VT OffSec SOCRadar
Domain googlextabv.com APTTrail VT OffSec SOCRadar
Domain lohefeshordeh.net APTTrail VT OffSec SOCRadar
Domain newportschoolupdateserver.com APTTrail VT OffSec SOCRadar
Domain ns1.googleassisstants.com APTTrail VT OffSec SOCRadar
Domain ns2.googleassisstants.com APTTrail VT OffSec SOCRadar
Domain padre914.com APTTrail VT OffSec SOCRadar
Domain ronaldlubbers.site APTTrail VT OffSec SOCRadar
Domain sarayemaghale.hami24.net APTTrail VT OffSec SOCRadar
Domain stevenwentz.com APTTrail VT OffSec SOCRadar
Domain systemdriverupdate.com APTTrail VT OffSec SOCRadar
Domain ychatonline.net APTTrail VT OffSec SOCRadar
Domain ydownyload.net APTTrail VT OffSec SOCRadar
Domain ynewnow.net APTTrail VT OffSec SOCRadar
FILE_PATH /farahv2.apk APTTrail VT OffSec SOCRadar
FILE_PATH /hass/answer.php APTTrail VT OffSec SOCRadar
FILE_PATH /hass/get-function.php APTTrail VT OffSec SOCRadar
FILE_PATH /hass/upload-log.php APTTrail VT OffSec SOCRadar
FILE_PATH /mmh/gt-func.php APTTrail VT OffSec SOCRadar
FILE_PATH /mmh/lg-upld.php APTTrail VT OffSec SOCRadar
FILE_PATH /mmh/on-answ.php APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-c-50 en el blog → Ver apt-c-50 en IntelTracker → URL IntelTracker: github.com→ URL IntelTracker: mp.weixin.qq.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: research.checkpoint.com→ URL IntelTracker: twitter.com→ URL IntelTracker: twitter.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: github.com→ Fuente OSINT: mp.weixin.qq.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: research.checkpoint.com → Buscar apt-c-50 en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters