jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: AUDITUNNEL indicators and references

APTTrail: AUDITUNNEL indicators and references

Ioc 1 min lectura auditunnel
Fecha
18 Jun 2026
Actor
auditunnel
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

14IOCs
0TTPs
auditunnelActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a AUDITUNNEL. Aliases observados: AUDITUNNEL, IHS Back-Connect backdoor. Conteo por tipo: ipv4: 7, url: 5.

Key Points

  • https://otx.alienvault.com/pulse/6511e50028c3953453406132
  • https://www.secureworks.com/research/gold-melody-profile-of-an-initial-access-broker

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a AUDITUNNEL. Aliases observados: AUDITUNNEL, IHS Back-Connect backdoor. Conteo por tipo: ipv4: 7, url: 5.

Indicadores de Compromiso (IOCs)

TipoValorContexto
IP149.28.193.216:443APTTrail
IP149.28.200.140:443APTTrail
IP149.28.207.120:443APTTrail
IP195.123.240.183:443APTTrail
IP40.76.20.11:21APTTrail
IP64.190.113.185:443APTTrail
IP67.205.135.147:53APTTrail
URLhttp://149.28.193.216APTTrail
URLhttp://149.28.200.140APTTrail
URLhttp://149.28.207.120APTTrail
URLhttp://195.123.240.183APTTrail
URLhttp://64.190.113.185APTTrail

Referencias

Diamond Model

Adversary
auditunnel
Ver perfil →
Victim
APTTrail: AUDITUNNEL indicators and references
Capability
Ioc
Infrastructure
149.28.193.216:443
149.28.200.140:443
149.28.207.120:443
195.123.240.183:443

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
IP 149.28.193.216:443 APTTrail VT OffSec SOCRadar
IP 149.28.200.140:443 APTTrail VT OffSec SOCRadar
IP 149.28.207.120:443 APTTrail VT OffSec SOCRadar
IP 195.123.240.183:443 APTTrail VT OffSec SOCRadar
IP 40.76.20.11:21 APTTrail VT OffSec SOCRadar
IP 64.190.113.185:443 APTTrail VT OffSec SOCRadar
IP 67.205.135.147:53 APTTrail VT OffSec SOCRadar
URL http://149.28.193.216 APTTrail VT OffSec SOCRadar
URL http://149.28.200.140 APTTrail VT OffSec SOCRadar
URL http://149.28.207.120 APTTrail VT OffSec SOCRadar
URL http://195.123.240.183 APTTrail VT OffSec SOCRadar
URL http://64.190.113.185 APTTrail VT OffSec SOCRadar
Domain otx.alienvault.com Extraido del contenido VT OffSec SOCRadar
Domain www.secureworks.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor auditunnel en el blog → Ver auditunnel en IntelTracker → URL IntelTracker: otx.alienvault.com→ URL IntelTracker: www.secureworks.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: www.secureworks.com → Buscar auditunnel en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters