jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: babyshark indicators and references

APTTrail: babyshark indicators and references

Ioc 1 min lectura babyshark
Fecha
18 Jun 2026
Actor
babyshark
Tipo
Ioc
Pais
United States
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

19IOCs
0TTPs
babysharkActor
United StatesPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a babyshark. Aliases observados: babyshark, kimjongrat. Conteo por tipo: domain: 15, file_path: 2.

Key Points

  • https://asert.arbornetworks.com/stolen-pencil-campaign-targets-academia/
  • https://unit42.paloaltonetworks.com/babyshark-malware-part-two-attacks-continue-using-kimjongrat-and-pcrat/)
  • https://unit42.paloaltonetworks.com/new-babyshark-malware-targets-u-s-national-security-think-tanks/

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a babyshark. Aliases observados: babyshark, kimjongrat. Conteo por tipo: domain: 15, file_path: 2.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainbizsonet.ayar.bizAPTTrail
Domainbizsonet.comAPTTrail
Domainclient-message.comAPTTrail
Domainclient-screenfonts.comAPTTrail
Domaindocsdriver.comAPTTrail
Domaingrsvps.comAPTTrail
Domainitservicedesk.orgAPTTrail
Domainpqexport.comAPTTrail
Domainscaurri.comAPTTrail
Domainsecozco.comAPTTrail
Domainsharedriver.pwAPTTrail
Domainsharedriver.usAPTTrail
Domaintempdomain8899.comAPTTrail
Domainworld-paper.netAPTTrail
Domainzwfaxi.comAPTTrail
FILE_PATH/expres.phpAPTTrail
FILE_PATHtdalpacafarm.com/files/kr/contents/upload.phpAPTTrail

Referencias

Diamond Model

Adversary
babyshark
Ver perfil →
Victim
APTTrail: babyshark indicators and references
United States
Capability
Ioc
Infrastructure
bizsonet.ayar.biz
bizsonet.com
client-message.com
client-screenfonts.com

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain bizsonet.ayar.biz APTTrail VT OffSec SOCRadar
Domain bizsonet.com APTTrail VT OffSec SOCRadar
Domain client-message.com APTTrail VT OffSec SOCRadar
Domain client-screenfonts.com APTTrail VT OffSec SOCRadar
Domain docsdriver.com APTTrail VT OffSec SOCRadar
Domain grsvps.com APTTrail VT OffSec SOCRadar
Domain itservicedesk.org APTTrail VT OffSec SOCRadar
Domain pqexport.com APTTrail VT OffSec SOCRadar
Domain scaurri.com APTTrail VT OffSec SOCRadar
Domain secozco.com APTTrail VT OffSec SOCRadar
Domain sharedriver.pw APTTrail VT OffSec SOCRadar
Domain sharedriver.us APTTrail VT OffSec SOCRadar
Domain tempdomain8899.com APTTrail VT OffSec SOCRadar
Domain world-paper.net APTTrail VT OffSec SOCRadar
Domain zwfaxi.com APTTrail VT OffSec SOCRadar
FILE_PATH /expres.php APTTrail VT OffSec SOCRadar
FILE_PATH tdalpacafarm.com/files/kr/contents/upload.php APTTrail VT OffSec SOCRadar
Domain asert.arbornetworks.com Extraido del contenido VT OffSec SOCRadar
Domain unit42.paloaltonetworks.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor babyshark en el blog → Ver babyshark en IntelTracker → URL IntelTracker: asert.arbornetworks.com→ URL IntelTracker: unit42.paloaltonetworks.com→ URL IntelTracker: unit42.paloaltonetworks.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: asert.arbornetworks.com→ Fuente OSINT: unit42.paloaltonetworks.com→ Fuente OSINT: unit42.paloaltonetworks.com → Buscar babyshark en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters