jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT-C-55 indicators and references

APTTrail: APT-C-55 indicators and references

Ioc 2 min lectura apt-c-55
Fecha
18 Jun 2026
Actor
apt-c-55
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt-c-55Actor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT-C-55. Aliases observados: APT-C-55, Black Banshee, HancomAgent, HttpTroy, Larva-25004, RftRAT, UAT-5394, Velvet Chollima, archipelago, blindingcan, comebacker, emerald sleet. Conteo por tipo: domain: 23699, file_path: 295, ipv4: 87, url: 71.

Key Points

  • https://app.any.run/tasks/166bb71d-0998-46cf-844b-3cd263bef4bd
  • https://app.any.run/tasks/74d55d02-7bbd-444c-a01b-30ac52a7e576/
  • https://app.any.run/tasks/f4172853-90e6-49ad-be7b-bf6efa771448/
  • https://app.validin.com/axon?find=141.164.50.204&type=ip
  • https://app.validin.com/axon?find=141.164.52.102&type=ip

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT-C-55. Aliases observados: APT-C-55, Black Banshee, HancomAgent, HttpTroy, Larva-25004, RftRAT, UAT-5394, Velvet Chollima, archipelago, blindingcan, comebacker, emerald sleet. Conteo por tipo: domain: 23699, file_path: 295, ipv4: 87, url: 71.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain00701111.000webhostapp.comAPTTrail
Domain00a7c185.duckdns.orgAPTTrail
Domain00pr43.picid1fdl6.dynv6.netAPTTrail
Domain01nservercc.cfdAPTTrail
Domain01onlinen.cfdAPTTrail
Domain022hucku25u.dns.navyAPTTrail
Domain02nservercc.cfdAPTTrail
Domain02onlinen.cfdAPTTrail
Domain03nservercc.cfdAPTTrail
Domain03onlinen.cfdAPTTrail
Domain04nservercc.cfdAPTTrail
Domain04onlinen.cfdAPTTrail
Domain059879e5-b2e8-4f58-aa46-95f69d92aa34.random.onlinenhiscomservice.storeAPTTrail
Domain059879e5-b2e8-4f58-aa46-95f69d92aa34.random.voranstaks.shopAPTTrail
Domain05c0.nkfumxgqxd.v6.rocksAPTTrail
Domain05nservercc.cfdAPTTrail
Domain05onlinen.cfdAPTTrail
Domain06nservercc.cfdAPTTrail
Domain06onlinen.cfdAPTTrail
Domain0751u9n4lg.v6.rocksAPTTrail
Domain07nservercc.cfdAPTTrail
Domain07onlinen.cfdAPTTrail
Domain086k3a.93vf4b71cv.dynv6.netAPTTrail
Domain08nservercc.cfdAPTTrail
Domain08onlinen.cfdAPTTrail
Domain090.apollo-page.kro.krAPTTrail
Domain090.gov5nikisa.kro.krAPTTrail
Domain09nservercc.cfdAPTTrail
Domain09onlinen.cfdAPTTrail
Domain0a1fi7nsne.dynv6.netAPTTrail

Referencias

Diamond Model

Adversary
apt-c-55
Ver perfil →
Victim
APTTrail: APT-C-55 indicators and references
Capability
Ioc
Infrastructure
00701111.000webhostapp.com
00a7c185.duckdns.org
00pr43.picid1fdl6.dynv6.net
01nservercc.cfd

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 00701111.000webhostapp.com APTTrail VT OffSec SOCRadar
Domain 00a7c185.duckdns.org APTTrail VT OffSec SOCRadar
Domain 00pr43.picid1fdl6.dynv6.net APTTrail VT OffSec SOCRadar
Domain 01nservercc.cfd APTTrail VT OffSec SOCRadar
Domain 01onlinen.cfd APTTrail VT OffSec SOCRadar
Domain 022hucku25u.dns.navy APTTrail VT OffSec SOCRadar
Domain 02nservercc.cfd APTTrail VT OffSec SOCRadar
Domain 02onlinen.cfd APTTrail VT OffSec SOCRadar
Domain 03nservercc.cfd APTTrail VT OffSec SOCRadar
Domain 03onlinen.cfd APTTrail VT OffSec SOCRadar
Domain 04nservercc.cfd APTTrail VT OffSec SOCRadar
Domain 04onlinen.cfd APTTrail VT OffSec SOCRadar
Domain 059879e5-b2e8-4f58-aa46-95f69d92aa34.random.onlinenhiscomservice.store APTTrail VT OffSec SOCRadar
Domain 059879e5-b2e8-4f58-aa46-95f69d92aa34.random.voranstaks.shop APTTrail VT OffSec SOCRadar
Domain 05c0.nkfumxgqxd.v6.rocks APTTrail VT OffSec SOCRadar
Domain 05nservercc.cfd APTTrail VT OffSec SOCRadar
Domain 05onlinen.cfd APTTrail VT OffSec SOCRadar
Domain 06nservercc.cfd APTTrail VT OffSec SOCRadar
Domain 06onlinen.cfd APTTrail VT OffSec SOCRadar
Domain 0751u9n4lg.v6.rocks APTTrail VT OffSec SOCRadar
Domain 07nservercc.cfd APTTrail VT OffSec SOCRadar
Domain 07onlinen.cfd APTTrail VT OffSec SOCRadar
Domain 086k3a.93vf4b71cv.dynv6.net APTTrail VT OffSec SOCRadar
Domain 08nservercc.cfd APTTrail VT OffSec SOCRadar
Domain 08onlinen.cfd APTTrail VT OffSec SOCRadar
Domain 090.apollo-page.kro.kr APTTrail VT OffSec SOCRadar
Domain 090.gov5nikisa.kro.kr APTTrail VT OffSec SOCRadar
Domain 09nservercc.cfd APTTrail VT OffSec SOCRadar
Domain 09onlinen.cfd APTTrail VT OffSec SOCRadar
Domain 0a1fi7nsne.dynv6.net APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-c-55 en el blog → Ver apt-c-55 en IntelTracker → URL IntelTracker: app.any.run→ URL IntelTracker: app.any.run→ URL IntelTracker: app.any.run→ URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: app.any.run→ Fuente OSINT: app.any.run→ Fuente OSINT: app.any.run→ Fuente OSINT: app.validin.com → Buscar apt-c-55 en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters