jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: camofei indicators and references

APTTrail: camofei indicators and references

Ioc 1 min lectura camofei
Fecha
18 Jun 2026
Actor
camofei
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
camofeiActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a camofei. Aliases observados: camofei. Conteo por tipo: domain: 59, ipv4: 2, url: 2.

Key Points

  • https://otx.alienvault.com/pulse/64907e470e46bba8d3b68d52
  • https://stairwell.com/news/chamelgang-and-chameldoh-a-dns-over-https-implant/
  • https://stillu.cc/assets/slides/2023-08-Unmasking%20CamoFei.pdf
  • https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/new-apt-group-chamelgang/

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a camofei. Aliases observados: camofei. Conteo por tipo: domain: 59, ipv4: 2, url: 2.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainapi.microsofed.comAPTTrail
Domainapp.centralgoogle.comAPTTrail
Domainapp.tstartel.orgAPTTrail
Domainappupdate.ibmlotus.netAPTTrail
Domainauth.newtrendmicro.comAPTTrail
Domaincdn-chrome.comAPTTrail
Domaincentralgoogle.comAPTTrail
Domaincn.mcafee-service.us.comAPTTrail
Domaincollector.centralgoogle.comAPTTrail
Domaincontent.centralgoogle.comAPTTrail
Domaincontent.newtrendmicro.comAPTTrail
Domaincontents.newtrendmicro.comAPTTrail
Domainderbox.centralgoogle.comAPTTrail
Domaindocs.microsoft-support.netAPTTrail
Domaindownload.softupdate-online.topAPTTrail
Domaindownloads.softupdate-online.topAPTTrail
Domainen.mcafee-service.us.comAPTTrail
Domainfunding-exchange.orgAPTTrail
Domainhelpdisk.ibmlotus.netAPTTrail
Domainibmlotus.netAPTTrail
Domaininternet.softupdate-online.topAPTTrail
Domainjumper.funding-exchange.orgAPTTrail
Domainkaspernsky.comAPTTrail
Domainlogin.cdn-chrome.comAPTTrail
Domainmail.ibmlotus.netAPTTrail
Domainmail.tstartel.orgAPTTrail
Domainmarket.newtrendmicro.comAPTTrail
Domainmcafee-service.us.comAPTTrail
Domainmcafee-upgrade.comAPTTrail
Domainmicrosofed.comAPTTrail

Referencias

Diamond Model

Adversary
camofei
Ver perfil →
Victim
APTTrail: camofei indicators and references
Capability
Ioc
Infrastructure
api.microsofed.com
app.centralgoogle.com
app.tstartel.org
appupdate.ibmlotus.net

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain api.microsofed.com APTTrail VT OffSec SOCRadar
Domain app.centralgoogle.com APTTrail VT OffSec SOCRadar
Domain app.tstartel.org APTTrail VT OffSec SOCRadar
Domain appupdate.ibmlotus.net APTTrail VT OffSec SOCRadar
Domain auth.newtrendmicro.com APTTrail VT OffSec SOCRadar
Domain cdn-chrome.com APTTrail VT OffSec SOCRadar
Domain centralgoogle.com APTTrail VT OffSec SOCRadar
Domain cn.mcafee-service.us.com APTTrail VT OffSec SOCRadar
Domain collector.centralgoogle.com APTTrail VT OffSec SOCRadar
Domain content.centralgoogle.com APTTrail VT OffSec SOCRadar
Domain content.newtrendmicro.com APTTrail VT OffSec SOCRadar
Domain contents.newtrendmicro.com APTTrail VT OffSec SOCRadar
Domain derbox.centralgoogle.com APTTrail VT OffSec SOCRadar
Domain docs.microsoft-support.net APTTrail VT OffSec SOCRadar
Domain download.softupdate-online.top APTTrail VT OffSec SOCRadar
Domain downloads.softupdate-online.top APTTrail VT OffSec SOCRadar
Domain en.mcafee-service.us.com APTTrail VT OffSec SOCRadar
Domain funding-exchange.org APTTrail VT OffSec SOCRadar
Domain helpdisk.ibmlotus.net APTTrail VT OffSec SOCRadar
Domain ibmlotus.net APTTrail VT OffSec SOCRadar
Domain internet.softupdate-online.top APTTrail VT OffSec SOCRadar
Domain jumper.funding-exchange.org APTTrail VT OffSec SOCRadar
Domain kaspernsky.com APTTrail VT OffSec SOCRadar
Domain login.cdn-chrome.com APTTrail VT OffSec SOCRadar
Domain mail.ibmlotus.net APTTrail VT OffSec SOCRadar
Domain mail.tstartel.org APTTrail VT OffSec SOCRadar
Domain market.newtrendmicro.com APTTrail VT OffSec SOCRadar
Domain mcafee-service.us.com APTTrail VT OffSec SOCRadar
Domain mcafee-upgrade.com APTTrail VT OffSec SOCRadar
Domain microsofed.com APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor camofei en el blog → Ver camofei en IntelTracker → URL IntelTracker: otx.alienvault.com→ URL IntelTracker: stairwell.com→ URL IntelTracker: stillu.cc→ URL IntelTracker: www.ptsecurity.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: stairwell.com→ Fuente OSINT: stillu.cc→ Fuente OSINT: www.ptsecurity.com → Buscar camofei en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen