jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT DARKHYDRUS indicators and references

APTTrail: APT DARKHYDRUS indicators and references

Ioc 1 min lectura apt-darkhydrus
Fecha
18 Jun 2026
Actor
apt-darkhydrus
Tipo
Ioc
Pais
United States
Sector
Government
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt-darkhydrusActor
United StatesPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT DARKHYDRUS. Aliases observados: APT DARKHYDRUS. Conteo por tipo: domain: 68.

Key Points

  • https://docs.google.com/document/d/1oYX3uN6KxIX_StzTH0s0yFNNoHDnV8VgmVqU5WoeErc (DarkHydrus 2017 activity)
  • https://docs.google.com/document/d/1oYX3uN6KxIX_StzTH0s0yFNNoHDnV8VgmVqU5WoeErc (DarkHydrus 2017 activity)
  • https://researchcenter.paloaltonetworks.com/2018/07/unit42-new-threat-actor-group-darkhydrus-targets-middle-east-government/
  • https://unit42.paloaltonetworks.com/darkhydrus-delivers-new-trojan-that-can-use-google-drive-for-c2-communications/
  • https://www.virustotal.com/gui/file/270ec2945fb976823e46d6fbb346fac46f585145ff05538846ab6cefc17064c8/detection

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT DARKHYDRUS. Aliases observados: APT DARKHYDRUS. Conteo por tipo: domain: 68.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain0ffice.comAPTTrail
Domain0ffice365.agencyAPTTrail
Domain0ffice365.lifeAPTTrail
Domain0ffice365.servicesAPTTrail
Domain0ffiice.comAPTTrail
Domain0nedrive.agencyAPTTrail
Domain0utl00k.netAPTTrail
Domain0utlook.accountantAPTTrail
Domain0utlook.bidAPTTrail
Domainakadns.servicesAPTTrail
Domainakamai.agencyAPTTrail
Domainakamaiedge.liveAPTTrail
Domainakamaiedge.servicesAPTTrail
Domainakamaized.liveAPTTrail
Domainakdns.liveAPTTrail
Domainallexa.netAPTTrail
Domainanyconnect.streamAPTTrail
Domainasimov-win-microsoft.servicesAPTTrail
Domainasisdns.spaceAPTTrail
Domainasismdnu.asisdns.spaceAPTTrail
Domainazureedge.todayAPTTrail
Domainbigip.streamAPTTrail
Domainbrit.ns.cloudfronts.servicesAPTTrail
Domainbritns.akadns.liveAPTTrail
Domainbritns.akadns.servicesAPTTrail
Domaincisc0.netAPTTrail
Domaincitriix.netAPTTrail
Domaincloudfronts.servicesAPTTrail
Domaincorewindows.agencyAPTTrail
Domaindata-microsoft.servicesAPTTrail

Referencias

Diamond Model

Adversary
apt-darkhydrus
Ver perfil →
Victim
APTTrail: APT DARKHYDRUS indicators and references
United States
Capability
Ioc
Infrastructure
0ffice.com
0ffice365.agency
0ffice365.life
0ffice365.services

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 0ffice.com APTTrail VT OffSec SOCRadar
Domain 0ffice365.agency APTTrail VT OffSec SOCRadar
Domain 0ffice365.life APTTrail VT OffSec SOCRadar
Domain 0ffice365.services APTTrail VT OffSec SOCRadar
Domain 0ffiice.com APTTrail VT OffSec SOCRadar
Domain 0nedrive.agency APTTrail VT OffSec SOCRadar
Domain 0utl00k.net APTTrail VT OffSec SOCRadar
Domain 0utlook.accountant APTTrail VT OffSec SOCRadar
Domain 0utlook.bid APTTrail VT OffSec SOCRadar
Domain akadns.services APTTrail VT OffSec SOCRadar
Domain akamai.agency APTTrail VT OffSec SOCRadar
Domain akamaiedge.live APTTrail VT OffSec SOCRadar
Domain akamaiedge.services APTTrail VT OffSec SOCRadar
Domain akamaized.live APTTrail VT OffSec SOCRadar
Domain akdns.live APTTrail VT OffSec SOCRadar
Domain allexa.net APTTrail VT OffSec SOCRadar
Domain anyconnect.stream APTTrail VT OffSec SOCRadar
Domain asimov-win-microsoft.services APTTrail VT OffSec SOCRadar
Domain asisdns.space APTTrail VT OffSec SOCRadar
Domain asismdnu.asisdns.space APTTrail VT OffSec SOCRadar
Domain azureedge.today APTTrail VT OffSec SOCRadar
Domain bigip.stream APTTrail VT OffSec SOCRadar
Domain brit.ns.cloudfronts.services APTTrail VT OffSec SOCRadar
Domain britns.akadns.live APTTrail VT OffSec SOCRadar
Domain britns.akadns.services APTTrail VT OffSec SOCRadar
Domain cisc0.net APTTrail VT OffSec SOCRadar
Domain citriix.net APTTrail VT OffSec SOCRadar
Domain cloudfronts.services APTTrail VT OffSec SOCRadar
Domain corewindows.agency APTTrail VT OffSec SOCRadar
Domain data-microsoft.services APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-darkhydrus en el blog → Ver apt-darkhydrus en IntelTracker → URL IntelTracker: docs.google.com→ URL IntelTracker: docs.google.com→ URL IntelTracker: researchcenter.paloaltonetworks.com→ URL IntelTracker: unit42.paloaltonetworks.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: docs.google.com→ Fuente OSINT: researchcenter.paloaltonetworks.com→ Fuente OSINT: unit42.paloaltonetworks.com→ Fuente OSINT: www.virustotal.com → Buscar apt-darkhydrus en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters