Resumen APTTrail
APTTrail mantiene indicadores publicos asociados a APT DNSPIONAGE. Aliases observados: APT DNSPIONAGE. Conteo por tipo: domain: 519.
Indicadores de Compromiso (IOCs)
| Tipo | Valor | Contexto |
|---|---|---|
| Domain | 0ffice36o.com | APTTrail |
| Domain | 18-79-t.net | APTTrail |
| Domain | 1qhd6v.xyz | APTTrail |
| Domain | 4f-okdsvv.com | APTTrail |
| Domain | 5-9idk-gug7-k7.com | APTTrail |
| Domain | 52-ck29jr.com | APTTrail |
| Domain | 5z-hyq-g.net | APTTrail |
| Domain | 78p3-zgs-g-mc-u.com | APTTrail |
| Domain | 8f-mxh6-hupgd-dy.com | APTTrail |
| Domain | 8faf-rngtax.com | APTTrail |
| Domain | a87-sun0r1w.com | APTTrail |
| Domain | ac5e1f-fd2ph.com | APTTrail |
| Domain | acyjob.tokyo | APTTrail |
| Domain | adchum.tokyo | APTTrail |
| Domain | adzwrq.tokyo | APTTrail |
| Domain | akgxtu.tokyo | APTTrail |
| Domain | aletko.tokyo | APTTrail |
| Domain | am41-pm24ea.com | APTTrail |
| Domain | amb29l1v3re.com | APTTrail |
| Domain | ami10t-e37n.com | APTTrail |
| Domain | an87-24pen1d.com | APTTrail |
| Domain | and58-65kio.com | APTTrail |
| Domain | apply33547.com | APTTrail |
| Domain | ar5-chj-n-22d.com | APTTrail |
| Domain | as93-attack1.com | APTTrail |
| Domain | aso5fr-gre4.com | APTTrail |
| Domain | au.imonju.net | APTTrail |
| Domain | b5mjjc8s.com | APTTrail |
| Domain | baebod.tokyo | APTTrail |
| Domain | ban09-4w1as.com | APTTrail |
Referencias
- https://blog.talosintelligence.com/2018/11/dnspionage-campaign-targets-middle-east.html
- https://github.com/ti-research-io/ti/blob/main/ioc_extender/ET_DNS_Query_for_DNSpionage.json
- https://www.virustotal.com/gui/ip-address/74.63.204.32/relations
- https://www.virustotal.com/gui/ip-address/74.63.204.99/relations