jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT ICEFOG indicators and references

APTTrail: APT ICEFOG indicators and references

Ioc 1 min lectura apt-icefog
Fecha
18 Jun 2026
Actor
apt-icefog
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt-icefogActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT ICEFOG. Aliases observados: APT ICEFOG. Conteo por tipo: domain: 49, ipv4: 1.

Key Points

  • https://app.any.run/tasks/3a08945b-62c3-4a0e-893b-bcdbdc920650/
  • https://otx.alienvault.com/pulse/5cf67ff667d9acf61c422cd2
  • https://speakerdeck.com/ashley920/into-the-fog-the-return-of-icefog-apt?slide=21
  • https://speakerdeck.com/ashley920/into-the-fog-the-return-of-icefog-apt?slide=35
  • https://speakerdeck.com/ashley920/into-the-fog-the-return-of-icefog-apt?slide=38

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT ICEFOG. Aliases observados: APT ICEFOG. Conteo por tipo: domain: 49, ipv4: 1.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain01transport.comAPTTrail
Domainapplelenovo.comAPTTrail
Domainappst0re.netAPTTrail
Domainaries.epac.toAPTTrail
Domainbaagii.sportsnewsa.netAPTTrail
Domainbasaa.sportsnewsa.netAPTTrail
Domainbenzerold.comAPTTrail
Domainblue-vpn.netAPTTrail
Domainbluesky.zyns.comAPTTrail
Domainbulgaa.sportsnewsa.netAPTTrail
Domaincomesafe.comAPTTrail
Domaincospation.netAPTTrail
Domaindate.dellnewsup.netAPTTrail
Domaindwm.dnsedc.comAPTTrail
Domaineagleoftajik.dynamic-dns.netAPTTrail
Domaineyellowarm.comAPTTrail
Domaingame.sexidude.comAPTTrail
Domainhonoroftajik.dynamic-dns.netAPTTrail
Domainhttps.ikwb.comAPTTrail
Domainkaboolyn.comAPTTrail
Domainkastygost.compress.toAPTTrail
Domainknightpal.comAPTTrail
Domainkyssrcd.pwAPTTrail
Domainlaugh.toh.infoAPTTrail
Domainmitian123.comAPTTrail
Domainmn.dellnewsup.netAPTTrail
Domainmocus.cospation.netAPTTrail
Domainmoonlight.compress.toAPTTrail
Domainnews.dellnewsup.netAPTTrail
Domainnicodonald.accesscam.orgAPTTrail

Referencias

Diamond Model

Adversary
apt-icefog
Ver perfil →
Victim
APTTrail: APT ICEFOG indicators and references
Capability
Ioc
Infrastructure
01transport.com
applelenovo.com
appst0re.net
aries.epac.to

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 01transport.com APTTrail VT OffSec SOCRadar
Domain applelenovo.com APTTrail VT OffSec SOCRadar
Domain appst0re.net APTTrail VT OffSec SOCRadar
Domain aries.epac.to APTTrail VT OffSec SOCRadar
Domain baagii.sportsnewsa.net APTTrail VT OffSec SOCRadar
Domain basaa.sportsnewsa.net APTTrail VT OffSec SOCRadar
Domain benzerold.com APTTrail VT OffSec SOCRadar
Domain blue-vpn.net APTTrail VT OffSec SOCRadar
Domain bluesky.zyns.com APTTrail VT OffSec SOCRadar
Domain bulgaa.sportsnewsa.net APTTrail VT OffSec SOCRadar
Domain comesafe.com APTTrail VT OffSec SOCRadar
Domain cospation.net APTTrail VT OffSec SOCRadar
Domain date.dellnewsup.net APTTrail VT OffSec SOCRadar
Domain dwm.dnsedc.com APTTrail VT OffSec SOCRadar
Domain eagleoftajik.dynamic-dns.net APTTrail VT OffSec SOCRadar
Domain eyellowarm.com APTTrail VT OffSec SOCRadar
Domain game.sexidude.com APTTrail VT OffSec SOCRadar
Domain honoroftajik.dynamic-dns.net APTTrail VT OffSec SOCRadar
Domain https.ikwb.com APTTrail VT OffSec SOCRadar
Domain kaboolyn.com APTTrail VT OffSec SOCRadar
Domain kastygost.compress.to APTTrail VT OffSec SOCRadar
Domain knightpal.com APTTrail VT OffSec SOCRadar
Domain kyssrcd.pw APTTrail VT OffSec SOCRadar
Domain laugh.toh.info APTTrail VT OffSec SOCRadar
Domain mitian123.com APTTrail VT OffSec SOCRadar
Domain mn.dellnewsup.net APTTrail VT OffSec SOCRadar
Domain mocus.cospation.net APTTrail VT OffSec SOCRadar
Domain moonlight.compress.to APTTrail VT OffSec SOCRadar
Domain news.dellnewsup.net APTTrail VT OffSec SOCRadar
Domain nicodonald.accesscam.org APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-icefog en el blog → Ver apt-icefog en IntelTracker → URL IntelTracker: app.any.run→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: speakerdeck.com→ URL IntelTracker: speakerdeck.com→ URL IntelTracker: speakerdeck.com→ URL IntelTracker: speakerdeck.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: app.any.run→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: speakerdeck.com→ Fuente OSINT: speakerdeck.com → Buscar apt-icefog en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters