jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT GREF indicators and references

APTTrail: APT GREF indicators and references

Ioc 1 min lectura apt-gref
Fecha
18 Jun 2026
Actor
apt-gref
Tipo
Ioc
Pais
Unknown
Sector
Software
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt-grefActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT GREF. Aliases observados: APT GREF. Conteo por tipo: domain: 113, ipv4: 32.

Key Points

  • https://blog.lookout.com/multiyear-surveillance-campaigns-discovered-targeting-uyghurs
  • https://citizenlab.ca/2025/04/uyghur-language-software-hijacked-to-deliver-malware/
  • https://github.com/volexity/threat-intel/blob/main/2023/2023-09-22%20EvilBamboo/indicators/iocs.csv
  • https://otx.alienvault.com/pulse/5efca5ec3da9c1ceace695fc
  • https://threatfox.abuse.ch/browse/tag/BadBazaar/

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT GREF. Aliases observados: APT GREF. Conteo por tipo: domain: 113, ipv4: 32.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain6006.secpert.comAPTTrail
Domain6006.upupdate.cnAPTTrail
Domain789aa654.topAPTTrail
Domainadoptewer.comAPTTrail
Domainallshell.netAPTTrail
Domainallwhatsapp.netAPTTrail
Domainamote-366.vicp.ccAPTTrail
Domainanar.gleeze.comAPTTrail
Domainandroid.apps.us.toAPTTrail
Domainandroidapps.duia.inAPTTrail
Domainandroidapps.fvk.ccAPTTrail
Domainandroidapps.home.hn.orgAPTTrail
Domainandroidapps.jetos.comAPTTrail
Domainandroidapps.linkpc.netAPTTrail
Domainandroidapps.myfirewall.orgAPTTrail
Domainandroidapps.nerdpol.ovhAPTTrail
Domainandroidapps.npff.coAPTTrail
Domainandroidapps.nsupdate.infoAPTTrail
Domainandroidapps.spdns.euAPTTrail
Domainandroidapps.spdns.orgAPTTrail
Domainandroidapps.tempors.comAPTTrail
Domainandroidsapps.mlAPTTrail
Domainapi--telegram.ruAPTTrail
Domainapi.telegram5.orgAPTTrail
Domainapi.telegramrc.comAPTTrail
Domainapp.telegramrc.comAPTTrail
Domainattoo1s.comAPTTrail
Domainbabyedu-online.comAPTTrail
Domainbattle.com.twAPTTrail
Domainbhvghg.comAPTTrail

Referencias

Diamond Model

Adversary
apt-gref
Ver perfil →
Victim
APTTrail: APT GREF indicators and references
Capability
Ioc
Infrastructure
6006.secpert.com
6006.upupdate.cn
789aa654.top
adoptewer.com

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 6006.secpert.com APTTrail VT OffSec SOCRadar
Domain 6006.upupdate.cn APTTrail VT OffSec SOCRadar
Domain 789aa654.top APTTrail VT OffSec SOCRadar
Domain adoptewer.com APTTrail VT OffSec SOCRadar
Domain allshell.net APTTrail VT OffSec SOCRadar
Domain allwhatsapp.net APTTrail VT OffSec SOCRadar
Domain amote-366.vicp.cc APTTrail VT OffSec SOCRadar
Domain anar.gleeze.com APTTrail VT OffSec SOCRadar
Domain android.apps.us.to APTTrail VT OffSec SOCRadar
Domain androidapps.duia.in APTTrail VT OffSec SOCRadar
Domain androidapps.fvk.cc APTTrail VT OffSec SOCRadar
Domain androidapps.home.hn.org APTTrail VT OffSec SOCRadar
Domain androidapps.jetos.com APTTrail VT OffSec SOCRadar
Domain androidapps.linkpc.net APTTrail VT OffSec SOCRadar
Domain androidapps.myfirewall.org APTTrail VT OffSec SOCRadar
Domain androidapps.nerdpol.ovh APTTrail VT OffSec SOCRadar
Domain androidapps.npff.co APTTrail VT OffSec SOCRadar
Domain androidapps.nsupdate.info APTTrail VT OffSec SOCRadar
Domain androidapps.spdns.eu APTTrail VT OffSec SOCRadar
Domain androidapps.spdns.org APTTrail VT OffSec SOCRadar
Domain androidapps.tempors.com APTTrail VT OffSec SOCRadar
Domain androidsapps.ml APTTrail VT OffSec SOCRadar
Domain api--telegram.ru APTTrail VT OffSec SOCRadar
Domain api.telegram5.org APTTrail VT OffSec SOCRadar
Domain api.telegramrc.com APTTrail VT OffSec SOCRadar
Domain app.telegramrc.com APTTrail VT OffSec SOCRadar
Domain attoo1s.com APTTrail VT OffSec SOCRadar
Domain babyedu-online.com APTTrail VT OffSec SOCRadar
Domain battle.com.tw APTTrail VT OffSec SOCRadar
Domain bhvghg.com APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-gref en el blog → Ver apt-gref en IntelTracker → URL IntelTracker: blog.lookout.com→ URL IntelTracker: citizenlab.ca→ URL IntelTracker: github.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: threatfox.abuse.ch→ URL IntelTracker: threatfox.abuse.ch → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: blog.lookout.com→ Fuente OSINT: citizenlab.ca→ Fuente OSINT: github.com→ Fuente OSINT: otx.alienvault.com → Buscar apt-gref en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters