jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT PUNISHINGOWL indicators and references

APTTrail: APT PUNISHINGOWL indicators and references

Ioc 1 min lectura apt-punishingowl
Fecha
18 Jun 2026
Actor
apt-punishingowl
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

13IOCs
0TTPs
apt-punishingowlActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT PUNISHINGOWL. Aliases observados: APT PUNISHINGOWL. Conteo por tipo: domain: 9, ipv4: 2.

Key Points

  • https://habr.com/ru/companies/pt/articles/990374/
  • https://www.virustotal.com/gui/file/09636fbca343f268ee7c0c033e37a9b007fe40ce914c4273ed961d84b52bed17/detection
  • https://www.virustotal.com/gui/file/6aa09062a755775e1b11dfd5fa80981fa50e1ecf4ba3f1ae41b2ed8b671e0f6a/detection
  • https://www.virustotal.com/gui/file/b1782f8f3440ce4b184f27c4047439aa998058ec17319a5b08031eda545d5a50/detection
  • https://www.virustotal.com/gui/file/dfd49ea1911fb7e800440c82b6518828ec7fa7c595d7ea6baabec29e5d9cecec/detection

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT PUNISHINGOWL. Aliases observados: APT PUNISHINGOWL. Conteo por tipo: domain: 9, ipv4: 2.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainacquerifec.comAPTTrail
Domainayobabelan.comAPTTrail
Domainb0aweb0.refec.siteAPTTrail
Domainbloggoversikten.comAPTTrail
Domainoutlook-d12.zyns.comAPTTrail
Domainrefec.siteAPTTrail
Domainrefreb0.comAPTTrail
Domainrefreb1.infoAPTTrail
Domainws.iferc.comAPTTrail
IP82.221.100.40:443APTTrail
IP95.174.65.218:443APTTrail

Referencias

Diamond Model

Adversary
apt-punishingowl
Ver perfil →
Victim
APTTrail: APT PUNISHINGOWL indicators and references
Capability
Ioc
Infrastructure
acquerifec.com
ayobabelan.com
b0aweb0.refec.site
bloggoversikten.com

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

16 enlaces
Domain
www.virustotal.com
IOC compartido
IntelTracker / OSINT link
habr.com
apt-punishingowl
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-punishingowl
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-punishingowl
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-punishingowl
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-punishingowl
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
apt-punishingowl
enlace asociado al actor
IntelTracker / OSINT link
github.com
apt-punishingowl
enlace asociado al actor
IntelTracker / OSINT link
raw.githubusercontent.com
apt-punishingowl
enlace asociado al actor
Nodo actual
APTTrail: APT PUNISHINGOWL indicators and references
apt-punishingowl
Victima
APTTrail: apt-c-12 indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: APT 18 indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: APT 30 indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: APT 45 indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: apt-c-60 indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: eraleig ransomware indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: APT ATLASCROSS indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: aa22-264a indicators and references
www.virustotal.com
IOC compartido

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain acquerifec.com APTTrail VT OffSec SOCRadar
Domain ayobabelan.com APTTrail VT OffSec SOCRadar
Domain b0aweb0.refec.site APTTrail VT OffSec SOCRadar
Domain bloggoversikten.com APTTrail VT OffSec SOCRadar
Domain outlook-d12.zyns.com APTTrail VT OffSec SOCRadar
Domain refec.site APTTrail VT OffSec SOCRadar
Domain refreb0.com APTTrail VT OffSec SOCRadar
Domain refreb1.info APTTrail VT OffSec SOCRadar
Domain ws.iferc.com APTTrail VT OffSec SOCRadar
IP 82.221.100.40:443 APTTrail VT OffSec SOCRadar
IP 95.174.65.218:443 APTTrail VT OffSec SOCRadar
Domain habr.com Extraido del contenido VT OffSec SOCRadar
Domain www.virustotal.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-punishingowl en el blog → Ver apt-punishingowl en IntelTracker → URL IntelTracker: habr.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: habr.com→ Fuente OSINT: www.virustotal.com→ Fuente OSINT: www.virustotal.com→ Fuente OSINT: www.virustotal.com → Buscar apt-punishingowl en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters