jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT29 indicators and references

APTTrail: APT29 indicators and references

Ioc 2 min lectura apt29
Fecha
18 Jun 2026
Actor
apt29
Tipo
Ioc
Pais
United States
Sector
Tech
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
apt29Actor
United StatesPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT29. Aliases observados: APT29, CloudDuke, CosmicDuke, Cozy Bear, CozyDuke, GeminiDuke, HammerDuke, Midnight Blizzard, MiniDuke, OnionDuke, PinchDuke, SeaDuke. Conteo por tipo: domain: 741, file_path: 23, ipv4: 9, url: 71.

Key Points

  • https://app.validin.com/detail?find=151.236.16.138&type=ip4&ref_id=7e3792beeb8#tab=resolutions
  • https://app.validin.com/detail?find=151.236.16.149&type=ip4&ref_id=d53e5a59923#tab=resolutions
  • https://app.validin.com/detail?find=151.236.16.193&type=ip4&ref_id=d53e5a59923#tab=resolutions
  • https://app.validin.com/detail?find=151.236.16.22&type=ip4&ref_id=9a0b40a1dad#tab=resolutions
  • https://app.validin.com/detail?find=151.236.16.220&type=ip4&ref_id=d53e5a59923#tab=resolutions

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT29. Aliases observados: APT29, CloudDuke, CosmicDuke, Cozy Bear, CozyDuke, GeminiDuke, HammerDuke, Midnight Blizzard, MiniDuke, OnionDuke, PinchDuke, SeaDuke. Conteo por tipo: domain: 741, file_path: 23, ipv4: 9, url: 71.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain1597ebba.info.gtjas.siteAPTTrail
Domain3bcc1bba.info.gtjas.siteAPTTrail
Domain4freerussia.cloudAPTTrail
Domain74d6b7b2.app.giftbox4u.comAPTTrail
Domain7c291bbe.info.gtjas.siteAPTTrail
Domainacciaio.com.brAPTTrail
Domainaccounts-google.onlineAPTTrail
Domainactualcombine.comAPTTrail
Domainadm.govua.cloudAPTTrail
Domainadmin-ch.cloudAPTTrail
Domainaeinc.solutionsAPTTrail
Domainahmed-ms.onlineAPTTrail
Domainairtravelabroad.comAPTTrail
Domainaka-ms.cloudAPTTrail
Domainalbrightstonebridge.cloudAPTTrail
Domainamazonmeeting.cloudAPTTrail
Domainamazonsolutions.cloudAPTTrail
Domainamericanprogress.cloudAPTTrail
Domainap-northeast-1-aws.s3-ua.cloudAPTTrail
Domainap-northeast-1-aws.ukrainesec.cloudAPTTrail
Domainaspeninstitute.cloudAPTTrail
Domainasucloud.usAPTTrail
Domainavis-google.onlineAPTTrail
Domainaws-app.onlineAPTTrail
Domainaws-atshop.onlineAPTTrail
Domainaws-cert.onlineAPTTrail
Domainaws-cloud.onlineAPTTrail
Domainaws-cloud.techAPTTrail
Domainaws-data.cloudAPTTrail
Domainaws-devops.siteAPTTrail

Referencias

Diamond Model

Adversary
apt29
Ver perfil →
Victim
APTTrail: APT29 indicators and references
United States
Capability
Ioc
Infrastructure
1597ebba.info.gtjas.site
3bcc1bba.info.gtjas.site
4freerussia.cloud
74d6b7b2.app.giftbox4u.com

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 1597ebba.info.gtjas.site APTTrail VT OffSec SOCRadar
Domain 3bcc1bba.info.gtjas.site APTTrail VT OffSec SOCRadar
Domain 4freerussia.cloud APTTrail VT OffSec SOCRadar
Domain 74d6b7b2.app.giftbox4u.com APTTrail VT OffSec SOCRadar
Domain 7c291bbe.info.gtjas.site APTTrail VT OffSec SOCRadar
Domain acciaio.com.br APTTrail VT OffSec SOCRadar
Domain accounts-google.online APTTrail VT OffSec SOCRadar
Domain actualcombine.com APTTrail VT OffSec SOCRadar
Domain adm.govua.cloud APTTrail VT OffSec SOCRadar
Domain admin-ch.cloud APTTrail VT OffSec SOCRadar
Domain aeinc.solutions APTTrail VT OffSec SOCRadar
Domain ahmed-ms.online APTTrail VT OffSec SOCRadar
Domain airtravelabroad.com APTTrail VT OffSec SOCRadar
Domain aka-ms.cloud APTTrail VT OffSec SOCRadar
Domain albrightstonebridge.cloud APTTrail VT OffSec SOCRadar
Domain amazonmeeting.cloud APTTrail VT OffSec SOCRadar
Domain amazonsolutions.cloud APTTrail VT OffSec SOCRadar
Domain americanprogress.cloud APTTrail VT OffSec SOCRadar
Domain ap-northeast-1-aws.s3-ua.cloud APTTrail VT OffSec SOCRadar
Domain ap-northeast-1-aws.ukrainesec.cloud APTTrail VT OffSec SOCRadar
Domain aspeninstitute.cloud APTTrail VT OffSec SOCRadar
Domain asucloud.us APTTrail VT OffSec SOCRadar
Domain avis-google.online APTTrail VT OffSec SOCRadar
Domain aws-app.online APTTrail VT OffSec SOCRadar
Domain aws-atshop.online APTTrail VT OffSec SOCRadar
Domain aws-cert.online APTTrail VT OffSec SOCRadar
Domain aws-cloud.online APTTrail VT OffSec SOCRadar
Domain aws-cloud.tech APTTrail VT OffSec SOCRadar
Domain aws-data.cloud APTTrail VT OffSec SOCRadar
Domain aws-devops.site APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt29 en el blog → Ver apt29 en IntelTracker → URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com→ URL IntelTracker: app.validin.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: app.validin.com→ Fuente OSINT: app.validin.com→ Fuente OSINT: app.validin.com→ Fuente OSINT: app.validin.com → Buscar apt29 en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters