jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: BlueBravo indicators and references

APTTrail: BlueBravo indicators and references

Ioc 2 min lectura bluebravo
Fecha
18 Jun 2026
Actor
bluebravo
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
bluebravoActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a BlueBravo. Aliases observados: BlueBravo, NOBELIUM, SilverFish, dark halo, goldfinder, goldmax, raindrop, sibot, solorigate, stellarparticle, sunburst, sunshuttle. Conteo por tipo: domain: 192, file_path: 13, ipv4: 16, url: 4.

Key Points

  • https://blog.talosintelligence.com/2020/12/solarwinds-supplychain-coverage.html
  • https://community.riskiq.com/article/9a515637/description
  • https://github.com/blackorbird/APT_REPORT/blob/master/SunBurst/SilverFish_Solarwinds.pdf
  • https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf (# GraphicalNeutrino)
  • https://news.sophos.com/en-us/2021/02/03/mtr-casebook-uncovering-a-backdoor-implant-in-a-solarwinds-orion-server/

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a BlueBravo. Aliases observados: BlueBravo, NOBELIUM, SilverFish, dark halo, goldfinder, goldmax, raindrop, sibot, solorigate, stellarparticle, sunburst, sunshuttle. Conteo por tipo: domain: 192, file_path: 13, ipv4: 16, url: 4.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain1cloudserver.comAPTTrail
Domain40ort.750.creditAPTTrail
Domain6a57jk2ba1d9keg15cbg.appsync-api.eu-west-1.avsvmcloud.comAPTTrail
Domain74d6b7b2.app.giftbox4u.comAPTTrail
Domain7sbvaemscs0mc925tb99.appsync-api.us-west-2.avsvmcloud.comAPTTrail
Domainactualityworld.comAPTTrail
Domainadagio.betterworldshopping.comAPTTrail
Domainadmirer.onehourcfo.comAPTTrail
Domainadsprofitnetwork.comAPTTrail
Domainaimsecurity.netAPTTrail
Domainalertmeter.infoAPTTrail
Domainapexwebtech.comAPTTrail
Domainappsprovider.comAPTTrail
Domainappsync-api.eu-west-1.avsvmcloud.comAPTTrail
Domainappsync-api.us-east-1.avsvmcloud.comAPTTrail
Domainappsync-api.us-east-2.avsvmcloud.comAPTTrail
Domainappsync-api.us-west-2.avsvmcloud.comAPTTrail
Domainarmrvrholo.comAPTTrail
Domainassetdata.netAPTTrail
Domainautonetonline.comAPTTrail
Domainavsvmcloud.comAPTTrail
Domainbacionera.topAPTTrail
Domainbackup.awarfaregaming.comAPTTrail
Domainbfilmnews.comAPTTrail
Domainbigdataanalysts.comAPTTrail
Domainbigtopweb.comAPTTrail
Domainbmlor.750.creditAPTTrail
Domainbuilder.visionarybusiness.netAPTTrail
Domaincamogit.comAPTTrail
Domaincdnappservice.firebaseio.comAPTTrail

Referencias

Diamond Model

Adversary
bluebravo
Ver perfil →
Victim
APTTrail: BlueBravo indicators and references
Capability
Ioc
Filtracion: 925 TB
Infrastructure
1cloudserver.com
40ort.750.credit
6a57jk2ba1d9keg15cbg.appsync-api.eu-west-1.avsvmcloud.com
74d6b7b2.app.giftbox4u.com

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 1cloudserver.com APTTrail VT OffSec SOCRadar
Domain 40ort.750.credit APTTrail VT OffSec SOCRadar
Domain 6a57jk2ba1d9keg15cbg.appsync-api.eu-west-1.avsvmcloud.com APTTrail VT OffSec SOCRadar
Domain 74d6b7b2.app.giftbox4u.com APTTrail VT OffSec SOCRadar
Domain 7sbvaemscs0mc925tb99.appsync-api.us-west-2.avsvmcloud.com APTTrail VT OffSec SOCRadar
Domain actualityworld.com APTTrail VT OffSec SOCRadar
Domain adagio.betterworldshopping.com APTTrail VT OffSec SOCRadar
Domain admirer.onehourcfo.com APTTrail VT OffSec SOCRadar
Domain adsprofitnetwork.com APTTrail VT OffSec SOCRadar
Domain aimsecurity.net APTTrail VT OffSec SOCRadar
Domain alertmeter.info APTTrail VT OffSec SOCRadar
Domain apexwebtech.com APTTrail VT OffSec SOCRadar
Domain appsprovider.com APTTrail VT OffSec SOCRadar
Domain appsync-api.eu-west-1.avsvmcloud.com APTTrail VT OffSec SOCRadar
Domain appsync-api.us-east-1.avsvmcloud.com APTTrail VT OffSec SOCRadar
Domain appsync-api.us-east-2.avsvmcloud.com APTTrail VT OffSec SOCRadar
Domain appsync-api.us-west-2.avsvmcloud.com APTTrail VT OffSec SOCRadar
Domain armrvrholo.com APTTrail VT OffSec SOCRadar
Domain assetdata.net APTTrail VT OffSec SOCRadar
Domain autonetonline.com APTTrail VT OffSec SOCRadar
Domain avsvmcloud.com APTTrail VT OffSec SOCRadar
Domain bacionera.top APTTrail VT OffSec SOCRadar
Domain backup.awarfaregaming.com APTTrail VT OffSec SOCRadar
Domain bfilmnews.com APTTrail VT OffSec SOCRadar
Domain bigdataanalysts.com APTTrail VT OffSec SOCRadar
Domain bigtopweb.com APTTrail VT OffSec SOCRadar
Domain bmlor.750.credit APTTrail VT OffSec SOCRadar
Domain builder.visionarybusiness.net APTTrail VT OffSec SOCRadar
Domain camogit.com APTTrail VT OffSec SOCRadar
Domain cdnappservice.firebaseio.com APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor bluebravo en el blog → Ver bluebravo en IntelTracker → URL IntelTracker: blog.talosintelligence.com→ URL IntelTracker: community.riskiq.com→ URL IntelTracker: github.com→ URL IntelTracker: go.recordedfuture.com→ URL IntelTracker: news.sophos.com→ URL IntelTracker: otx.alienvault.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: blog.talosintelligence.com→ Fuente OSINT: community.riskiq.com→ Fuente OSINT: github.com→ Fuente OSINT: go.recordedfuture.com → Buscar bluebravo en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters