jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: BackdoorDiplomacy indicators and references

APTTrail: BackdoorDiplomacy indicators and references

Ioc 1 min lectura backdoordiplomacy
Fecha
18 Jun 2026
Actor
backdoordiplomacy
Tipo
Ioc
Pais
United States
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
1TTPs
backdoordiplomacyActor
United StatesPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a BackdoorDiplomacy. Aliases observados: BackdoorDiplomacy, Quarian, Turian. Conteo por tipo: domain: 67.

Key Points

  • https://github.com/advanced-threat-research/IOCs/blob/master/2013/2013-10-07-quarian-group-targets-victims-with-spearphishing-attacks/quarian-group-targets-victims-with-spearphishing-attacks.csv
  • https://otx.alienvault.com/pulse/60c341dc8964edd2e2fcb651
  • https://otx.alienvault.com/pulse/6390cbe098c9fb94d48e7a1c
  • https://otx.alienvault.com/pulse/63c82cfb80f9e85b9b69c3cc
  • https://unit42.paloaltonetworks.com/playful-taurus/

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a BackdoorDiplomacy. Aliases observados: BackdoorDiplomacy, Quarian, Turian. Conteo por tipo: domain: 67.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain250f7cloud.crmdev.orgAPTTrail
Domain29c04uc.ejalase.orgAPTTrail
Domain62ffauc.ejalase.orgAPTTrail
Domain7f4d9fcanet.microsoftshop.orgAPTTrail
Domainadboeonline.netAPTTrail
Domainalberto2011.comAPTTrail
Domainandyothers.acmetoy.comAPTTrail
Domainbill.microsoftbuys.comAPTTrail
Domainbuffetfactory.oicp.ioAPTTrail
Domaincloud.fastpaymentser-vice.comAPTTrail
Domaincloud.microsoftshop.orgAPTTrail
Domaincloud.skypecloud.netAPTTrail
Domaincrmdev.orgAPTTrail
Domaindelldrivers.inAPTTrail
Domaindnsupdate.dns1.usAPTTrail
Domaindnsupdate.dns2.usAPTTrail
Domaindynsystem.imbbs.inAPTTrail
Domainefanshion.comAPTTrail
Domainejalase.orgAPTTrail
Domainfastpaymentser-vice.comAPTTrail
Domainfazlol-lah.netAPTTrail
Domainfazlollah.netAPTTrail
Domainfreedns02.dns2.usAPTTrail
Domainicta.worldmessg.comAPTTrail
Domaininfo.fazlol-lah.netAPTTrail
Domaininfo.fazlollah.netAPTTrail
Domaininfo.payamra-dio.comAPTTrail
Domaininfo.payamradio.comAPTTrail
Domainintelupdate.dns1.usAPTTrail
Domainirir.orgAPTTrail

Referencias

Diamond Model

Adversary
backdoordiplomacy
Ver perfil →
Victim
APTTrail: BackdoorDiplomacy indicators and references
United States
Capability
Ioc
1 TTPs MITRE
Infrastructure
250f7cloud.crmdev.org
29c04uc.ejalase.org
62ffauc.ejalase.org
7f4d9fcanet.microsoftshop.org

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 250f7cloud.crmdev.org APTTrail VT OffSec SOCRadar
Domain 29c04uc.ejalase.org APTTrail VT OffSec SOCRadar
Domain 62ffauc.ejalase.org APTTrail VT OffSec SOCRadar
Domain 7f4d9fcanet.microsoftshop.org APTTrail VT OffSec SOCRadar
Domain adboeonline.net APTTrail VT OffSec SOCRadar
Domain alberto2011.com APTTrail VT OffSec SOCRadar
Domain andyothers.acmetoy.com APTTrail VT OffSec SOCRadar
Domain bill.microsoftbuys.com APTTrail VT OffSec SOCRadar
Domain buffetfactory.oicp.io APTTrail VT OffSec SOCRadar
Domain cloud.fastpaymentser-vice.com APTTrail VT OffSec SOCRadar
Domain cloud.microsoftshop.org APTTrail VT OffSec SOCRadar
Domain cloud.skypecloud.net APTTrail VT OffSec SOCRadar
Domain crmdev.org APTTrail VT OffSec SOCRadar
Domain delldrivers.in APTTrail VT OffSec SOCRadar
Domain dnsupdate.dns1.us APTTrail VT OffSec SOCRadar
Domain dnsupdate.dns2.us APTTrail VT OffSec SOCRadar
Domain dynsystem.imbbs.in APTTrail VT OffSec SOCRadar
Domain efanshion.com APTTrail VT OffSec SOCRadar
Domain ejalase.org APTTrail VT OffSec SOCRadar
Domain fastpaymentser-vice.com APTTrail VT OffSec SOCRadar
Domain fazlol-lah.net APTTrail VT OffSec SOCRadar
Domain fazlollah.net APTTrail VT OffSec SOCRadar
Domain freedns02.dns2.us APTTrail VT OffSec SOCRadar
Domain icta.worldmessg.com APTTrail VT OffSec SOCRadar
Domain info.fazlol-lah.net APTTrail VT OffSec SOCRadar
Domain info.fazlollah.net APTTrail VT OffSec SOCRadar
Domain info.payamra-dio.com APTTrail VT OffSec SOCRadar
Domain info.payamradio.com APTTrail VT OffSec SOCRadar
Domain intelupdate.dns1.us APTTrail VT OffSec SOCRadar
Domain irir.org APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor backdoordiplomacy en el blog → Ver backdoordiplomacy en IntelTracker → URL IntelTracker: github.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: unit42.paloaltonetworks.com→ URL IntelTracker: www.bitdefender.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: github.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: otx.alienvault.com → Buscar backdoordiplomacy en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters