jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT-Q-95 indicators and references

APTTrail: APT-Q-95 indicators and references

Ioc 1 min lectura apt-q-95
Fecha
18 Jun 2026
Actor
apt-q-95
Tipo
Ioc
Pais
United States
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt-q-95Actor
United StatesPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT-Q-95. Aliases observados: APT-Q-95. Conteo por tipo: domain: 31.

Key Points

  • https://github.com/RedDrip7/Report/blob/master/APT/Exclusive%20disclosure%20of%20the%20attack%20activities%20of%20the%20USA%20APT%20group%20NightEagle.pdf
  • https://mp.weixin.qq.com/s/I907WsSIPfkTG8kYloj29w
  • https://x.com/RedDrip7/status/1940637150158139764
  • https://x.com/RedDrip7/status/1940780494662390135

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT-Q-95. Aliases observados: APT-Q-95. Conteo por tipo: domain: 31.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainapp.flowgw.comAPTTrail
Domainccproxy.orgAPTTrail
Domaincloud.synologyupdates.comAPTTrail
Domaincomfyupdate.orgAPTTrail
Domaincoremailtech.comAPTTrail
Domaindaihou360.comAPTTrail
Domaindashboard.daihou360.comAPTTrail
Domaindoubleclicked.comAPTTrail
Domaine-mailrelay.comAPTTrail
Domainfastapi-cdn.comAPTTrail
Domainflowgw.comAPTTrail
Domainfortisys.netAPTTrail
Domainhaprxy.orgAPTTrail
Domainliveupdate.wsupdatecloud.netAPTTrail
Domainlvusdupdates.orgAPTTrail
Domainmirror1.mirrors-openjdk.orgAPTTrail
Domainmirrors-openjdk.orgAPTTrail
Domainms-nipre.comAPTTrail
Domainms.wsupdatecloud.netAPTTrail
Domainrhel.lvusdupdates.orgAPTTrail
Domainsangsoft.netAPTTrail
Domainsaperpcloud.comAPTTrail
Domainshangjuyike.comAPTTrail
Domainsynologyupdates.comAPTTrail
Domainthreatbookav.comAPTTrail
Domaintracking.doubleclicked.comAPTTrail
Domainupdate.haprxy.orgAPTTrail
Domainupdate.saperpcloud.comAPTTrail
Domainupdates.ccproxy.orgAPTTrail
Domainwechatutilities.comAPTTrail

Referencias

Diamond Model

Adversary
apt-q-95
Ver perfil →
Victim
APTTrail: APT-Q-95 indicators and references
United States
Capability
Ioc
Infrastructure
app.flowgw.com
ccproxy.org
cloud.synologyupdates.com
comfyupdate.org

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain app.flowgw.com APTTrail VT OffSec SOCRadar
Domain ccproxy.org APTTrail VT OffSec SOCRadar
Domain cloud.synologyupdates.com APTTrail VT OffSec SOCRadar
Domain comfyupdate.org APTTrail VT OffSec SOCRadar
Domain coremailtech.com APTTrail VT OffSec SOCRadar
Domain daihou360.com APTTrail VT OffSec SOCRadar
Domain dashboard.daihou360.com APTTrail VT OffSec SOCRadar
Domain doubleclicked.com APTTrail VT OffSec SOCRadar
Domain e-mailrelay.com APTTrail VT OffSec SOCRadar
Domain fastapi-cdn.com APTTrail VT OffSec SOCRadar
Domain flowgw.com APTTrail VT OffSec SOCRadar
Domain fortisys.net APTTrail VT OffSec SOCRadar
Domain haprxy.org APTTrail VT OffSec SOCRadar
Domain liveupdate.wsupdatecloud.net APTTrail VT OffSec SOCRadar
Domain lvusdupdates.org APTTrail VT OffSec SOCRadar
Domain mirror1.mirrors-openjdk.org APTTrail VT OffSec SOCRadar
Domain mirrors-openjdk.org APTTrail VT OffSec SOCRadar
Domain ms-nipre.com APTTrail VT OffSec SOCRadar
Domain ms.wsupdatecloud.net APTTrail VT OffSec SOCRadar
Domain rhel.lvusdupdates.org APTTrail VT OffSec SOCRadar
Domain sangsoft.net APTTrail VT OffSec SOCRadar
Domain saperpcloud.com APTTrail VT OffSec SOCRadar
Domain shangjuyike.com APTTrail VT OffSec SOCRadar
Domain synologyupdates.com APTTrail VT OffSec SOCRadar
Domain threatbookav.com APTTrail VT OffSec SOCRadar
Domain tracking.doubleclicked.com APTTrail VT OffSec SOCRadar
Domain update.haprxy.org APTTrail VT OffSec SOCRadar
Domain update.saperpcloud.com APTTrail VT OffSec SOCRadar
Domain updates.ccproxy.org APTTrail VT OffSec SOCRadar
Domain wechatutilities.com APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-q-95 en el blog → Ver apt-q-95 en IntelTracker → URL IntelTracker: github.com→ URL IntelTracker: mp.weixin.qq.com→ URL IntelTracker: x.com→ URL IntelTracker: x.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: github.com→ Fuente OSINT: mp.weixin.qq.com→ Fuente OSINT: x.com→ Fuente OSINT: x.com → Buscar apt-q-95 en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters