jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT POLONIUM indicators and references

APTTrail: APT POLONIUM indicators and references

Ioc 1 min lectura apt-polonium
Fecha
18 Jun 2026
Actor
apt-polonium
Tipo
Ioc
Pais
Israel
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

25IOCs
0TTPs
apt-poloniumActor
IsraelPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT POLONIUM. Aliases observados: APT POLONIUM. Conteo por tipo: ipv4: 16, url: 5.

Key Points

  • https://github.com/eset/malware-ioc/tree/master/polonium
  • https://twitter.com/k3yp0d/status/1658089065885884420
  • https://www.virustotal.com/gui/file/70e4b5d32abfa9134122ae36ba64d060bc6c1d33fbabcf7869d3df5e337698a4/detection
  • https://www.virustotal.com/gui/file/a81247a8a16bc1c0077346dacfa005d49f26386381819f3ed8e047b4382668fe/detection
  • https://www.welivesecurity.com/2022/10/11/polonium-targets-israel-creepy-malware/

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT POLONIUM. Aliases observados: APT POLONIUM. Conteo por tipo: ipv4: 16, url: 5.

Indicadores de Compromiso (IOCs)

TipoValorContexto
IP146.70.86.6:1433APTTrail
IP185.203.119.99:8080APTTrail
IP185.244.129.216:5055APTTrail
IP185.244.129.216:8080APTTrail
IP185.244.129.79:63047APTTrail
IP195.166.100.23:5055APTTrail
IP45.137.148.7:2121APTTrail
IP45.80.148.119:8080APTTrail
IP45.80.148.167:21APTTrail
IP45.80.148.167:5055APTTrail
IP45.80.148.186:8080APTTrail
IP45.80.149.108:8080APTTrail
IP45.80.149.154:1302APTTrail
IP45.80.149.154:21APTTrail
IP45.80.149.22:8080APTTrail
IP45.80.149.68:63047APTTrail
URLhttp://212.73.150.174APTTrail
URLhttp://37.120.233.89APTTrail
URLhttp://45.80.149.71APTTrail
URLhttp://51.83.246.73APTTrail
URLhttp://94.156.189.103APTTrail

Referencias

Diamond Model

Adversary
apt-polonium
Ver perfil →
Victim
APTTrail: APT POLONIUM indicators and references
Israel
Capability
Ioc
Infrastructure
146.70.86.6:1433
185.203.119.99:8080
185.244.129.216:5055
185.244.129.216:8080

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

15 enlaces
Domain
github.com
IOC compartido
Domain
twitter.com
IOC compartido
Domain
www.virustotal.com
IOC compartido
Domain
www.welivesecurity.com
IOC compartido
IntelTracker / OSINT link
github.com
apt-polonium
enlace asociado al actor
IntelTracker / OSINT link
twitter.com
apt-polonium
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-polonium
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-polonium
enlace asociado al actor
IntelTracker / OSINT link
www.welivesecurity.com
apt-polonium
enlace asociado al actor
IntelTracker / OSINT link
github.com
apt-polonium
enlace asociado al actor
IntelTracker / OSINT link
raw.githubusercontent.com
apt-polonium
enlace asociado al actor
Nodo actual
APTTrail: APT POLONIUM indicators and references
apt-polonium · Israel
Victima
APTTrail: apt-c-12 indicators and references
github.com twitter.com
IOC compartido
Victima
APTTrail: eraleig ransomware indicators and references
github.com twitter.com
IOC compartido
Victima
APTTrail: APT REAPER indicators and references
github.com twitter.com
IOC compartido
Victima
APTTrail: FlowCloud indicators and references
github.com twitter.com
IOC compartido
Victima
APTTrail: APT 18 indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT 30 indicators and references
twitter.com www.virustotal.com
IOC compartido
Victima
APTTrail: apt-c-60 indicators and references
www.virustotal.com www.welivesecurity.com
IOC compartido
Victima
APTTrail: vampirebot indicators and references
github.com www.virustotal.com
IOC compartido

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
IP 146.70.86.6:1433 APTTrail VT OffSec SOCRadar
IP 185.203.119.99:8080 APTTrail VT OffSec SOCRadar
IP 185.244.129.216:5055 APTTrail VT OffSec SOCRadar
IP 185.244.129.216:8080 APTTrail VT OffSec SOCRadar
IP 185.244.129.79:63047 APTTrail VT OffSec SOCRadar
IP 195.166.100.23:5055 APTTrail VT OffSec SOCRadar
IP 45.137.148.7:2121 APTTrail VT OffSec SOCRadar
IP 45.80.148.119:8080 APTTrail VT OffSec SOCRadar
IP 45.80.148.167:21 APTTrail VT OffSec SOCRadar
IP 45.80.148.167:5055 APTTrail VT OffSec SOCRadar
IP 45.80.148.186:8080 APTTrail VT OffSec SOCRadar
IP 45.80.149.108:8080 APTTrail VT OffSec SOCRadar
IP 45.80.149.154:1302 APTTrail VT OffSec SOCRadar
IP 45.80.149.154:21 APTTrail VT OffSec SOCRadar
IP 45.80.149.22:8080 APTTrail VT OffSec SOCRadar
IP 45.80.149.68:63047 APTTrail VT OffSec SOCRadar
URL http://212.73.150.174 APTTrail VT OffSec SOCRadar
URL http://37.120.233.89 APTTrail VT OffSec SOCRadar
URL http://45.80.149.71 APTTrail VT OffSec SOCRadar
URL http://51.83.246.73 APTTrail VT OffSec SOCRadar
URL http://94.156.189.103 APTTrail VT OffSec SOCRadar
Domain github.com Extraido del contenido VT OffSec SOCRadar
Domain twitter.com Extraido del contenido VT OffSec SOCRadar
Domain www.virustotal.com Extraido del contenido VT OffSec SOCRadar
Domain www.welivesecurity.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-polonium en el blog → Ver apt-polonium en IntelTracker → URL IntelTracker: github.com→ URL IntelTracker: twitter.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.welivesecurity.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: github.com→ Fuente OSINT: twitter.com→ Fuente OSINT: www.virustotal.com→ Fuente OSINT: www.virustotal.com → Buscar apt-polonium en APTTrail → Repositorio APTTrail → Mas incidentes en Israel → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen