jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT HIGAISA indicators and references

APTTrail: APT HIGAISA indicators and references

Ioc 2 min lectura apt-higaisa
Fecha
18 Jun 2026
Actor
apt-higaisa
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

20IOCs
0TTPs
apt-higaisaActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT HIGAISA. Aliases observados: APT HIGAISA. Conteo por tipo: domain: 13, ipv4: 1, url: 1.

Key Points

  • https://blog.malwarebytes.com/threat-analysis/2020/06/higaisa/
  • https://github.com/StrikeReady-Inc/samples/blob/main/2024-08-20%20VN%20Oil%26Gas%20MSC/urls.txt
  • https://otx.alienvault.com/pulse/5eda8caf8ef3aa0d8d0b8030
  • https://www.tgsoft.it/news/news_archivio.asp?id=1568&lang=eng
  • https://www.virustotal.com/gui/file/1e6c661d6981c0fa56c011c29536e57d21545fd11205eddf9218269ddf53d448/detection

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT HIGAISA. Aliases observados: APT HIGAISA. Conteo por tipo: domain: 13, ipv4: 1, url: 1.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainapi.s2cloud-amazon.comAPTTrail
Domainapp-dimensiona.s3.sa-east-1.amazonaws.comAPTTrail
Domainbjj-files-production.s3.sa-east-1.amazonaws.comAPTTrail
Domaincomcleanner.infoAPTTrail
Domainfootracker-statics.s3.sa-east-1.amazonaws.comAPTTrail
Domaingoodhk.azurewebsites.netAPTTrail
Domainp-game.s3.sa-east-1.amazonaws.comAPTTrail
Domains2cloud-amazon.comAPTTrail
Domainsixindent.epizy.comAPTTrail
Domainspeedshare.oss-cn-hongkong.aliyuncs.comAPTTrail
Domainxianggang000.oss-cn-hongkong.aliyuncs.comAPTTrail
Domainyitoo.oss-cn-hongkong.aliyuncs.comAPTTrail
Domainzeplin.atwebpages.comAPTTrail
IP45.76.6.149:443APTTrail
URLhttp://152.42.226.161APTTrail

Referencias

Diamond Model

Adversary
apt-higaisa
Ver perfil →
Victim
APTTrail: APT HIGAISA indicators and references
Capability
Ioc
Infrastructure
api.s2cloud-amazon.com
app-dimensiona.s3.sa-east-1.amazonaws.com
bjj-files-production.s3.sa-east-1.amazonaws.com
comcleanner.info

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

16 enlaces
Domain
github.com
IOC compartido
Domain
otx.alienvault.com
IOC compartido
Domain
www.virustotal.com
IOC compartido
Domain
blog.malwarebytes.com
IOC compartido
IntelTracker / OSINT link
blog.malwarebytes.com
apt-higaisa
enlace asociado al actor
IntelTracker / OSINT link
github.com
apt-higaisa
enlace asociado al actor
IntelTracker / OSINT link
otx.alienvault.com
apt-higaisa
enlace asociado al actor
IntelTracker / OSINT link
www.tgsoft.it
apt-higaisa
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-higaisa
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-higaisa
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-higaisa
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-higaisa
enlace asociado al actor
Nodo actual
APTTrail: APT HIGAISA indicators and references
apt-higaisa
Victima
APTTrail: apt-c-12 indicators and references
github.com otx.alienvault.com
IOC compartido
Victima
APTTrail: Bronze Highland indicators and references
blog.malwarebytes.com otx.alienvault.com
IOC compartido
Victima
APTTrail: FlowCloud indicators and references
github.com otx.alienvault.com
IOC compartido
Victima
APTTrail: APT 18 indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: eraleig ransomware indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT ATLASCROSS indicators and references
otx.alienvault.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT BABYSHARK indicators and references
github.com otx.alienvault.com
IOC compartido
Victima
APTTrail: vampirebot indicators and references
github.com www.virustotal.com
IOC compartido

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain api.s2cloud-amazon.com APTTrail VT OffSec SOCRadar
Domain app-dimensiona.s3.sa-east-1.amazonaws.com APTTrail VT OffSec SOCRadar
Domain bjj-files-production.s3.sa-east-1.amazonaws.com APTTrail VT OffSec SOCRadar
Domain comcleanner.info APTTrail VT OffSec SOCRadar
Domain footracker-statics.s3.sa-east-1.amazonaws.com APTTrail VT OffSec SOCRadar
Domain goodhk.azurewebsites.net APTTrail VT OffSec SOCRadar
Domain p-game.s3.sa-east-1.amazonaws.com APTTrail VT OffSec SOCRadar
Domain s2cloud-amazon.com APTTrail VT OffSec SOCRadar
Domain sixindent.epizy.com APTTrail VT OffSec SOCRadar
Domain speedshare.oss-cn-hongkong.aliyuncs.com APTTrail VT OffSec SOCRadar
Domain xianggang000.oss-cn-hongkong.aliyuncs.com APTTrail VT OffSec SOCRadar
Domain yitoo.oss-cn-hongkong.aliyuncs.com APTTrail VT OffSec SOCRadar
Domain zeplin.atwebpages.com APTTrail VT OffSec SOCRadar
IP 45.76.6.149:443 APTTrail VT OffSec SOCRadar
URL http://152.42.226.161 APTTrail VT OffSec SOCRadar
Domain blog.malwarebytes.com Extraido del contenido VT OffSec SOCRadar
Domain github.com Extraido del contenido VT OffSec SOCRadar
Domain otx.alienvault.com Extraido del contenido VT OffSec SOCRadar
Domain www.tgsoft.it Extraido del contenido VT OffSec SOCRadar
Domain www.virustotal.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-higaisa en el blog → Ver apt-higaisa en IntelTracker → URL IntelTracker: blog.malwarebytes.com→ URL IntelTracker: github.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: www.tgsoft.it→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: blog.malwarebytes.com→ Fuente OSINT: github.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: www.tgsoft.it → Buscar apt-higaisa en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen