jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: clntend indicators and references

APTTrail: clntend indicators and references

Ioc 2 min lectura clntend
Fecha
18 Jun 2026
Actor
clntend
Tipo
Ioc
Pais
Taiwan
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

24IOCs
0TTPs
clntendActor
TaiwanPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a clntend. Aliases observados: clntend, cxclnt, tidrone. Conteo por tipo: domain: 21, ipv4: 1.

Key Points

  • https://www.trendmicro.com/en_us/research/24/i/tidrone-targets-military-and-satellite-industries-in-taiwan.html
  • https://www.virustotal.com/gui/file/062b4a8f62ddc0ec1413c53e2603ca35262c39d5197f6373f17f3e901d023804/detection
  • https://www.virustotal.com/gui/file/1f000332e413990043f2d0937b57b0599e0125ef367d9a5a557834e240493aa5/detection
  • https://www.virustotal.com/gui/file/33168e7a4f00990778a0187d656ee3d3579a22c1c1786d4fe7e66fa2e089bb9b/detection
  • https://www.virustotal.com/gui/file/35bd7839a815d65604f3ca85a3c473266c31779946728b9a14dc6020f0b707ac/detection

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a clntend. Aliases observados: clntend, cxclnt, tidrone. Conteo por tipo: domain: 21, ipv4: 1.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainauto-update.microsoftsvc.comAPTTrail
Domainbestadll.fghytr.comAPTTrail
Domainclient.wns.windowswns.comAPTTrail
Domaineupractic.s3.ap-east-1.amazonaws.comAPTTrail
Domainfghytr.comAPTTrail
Domainhp.kt168.orgAPTTrail
Domainmicrosoftsvc.comAPTTrail
Domainonmondayr.s3.ap-east-1.amazonaws.comAPTTrail
Domainserver.microsoftsvc.comAPTTrail
Domainservice.symantecsecuritycloud.comAPTTrail
Domainsymantecsecuritycloud.comAPTTrail
Domaintime.vmwaresync.comAPTTrail
Domaintotting.s3.ap-east-1.amazonaws.comAPTTrail
Domaintpckcapital.topAPTTrail
Domainupdate.microsoftsvc.comAPTTrail
Domainupgrade.microsoftsvc.comAPTTrail
Domainuppaycn.comAPTTrail
Domainvmwaresync.comAPTTrail
Domainwindowswns.comAPTTrail
Domainwns.windowswns.comAPTTrail
Domainwot.tpckcapital.topAPTTrail
IP154.23.184.30:5178APTTrail

Referencias

Diamond Model

Adversary
clntend
Ver perfil →
Victim
APTTrail: clntend indicators and references
Taiwan
Capability
Ioc
Infrastructure
auto-update.microsoftsvc.com
bestadll.fghytr.com
client.wns.windowswns.com
eupractic.s3.ap-east-1.amazonaws.com

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

16 enlaces
Domain
www.virustotal.com
IOC compartido
Domain
www.trendmicro.com
IOC compartido
IntelTracker / OSINT link
www.trendmicro.com
clntend
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
clntend
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
clntend
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
clntend
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
clntend
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
clntend
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
clntend
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
clntend
enlace asociado al actor
Nodo actual
APTTrail: clntend indicators and references
clntend · Taiwan
Victima
APTTrail: dinodas indicators and references
www.trendmicro.com www.virustotal.com
IOC compartido
Victima
APTTrail: apt-c-12 indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: APT 18 indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: APT 30 indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: APT 45 indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: apt-c-60 indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: eraleig ransomware indicators and references
www.virustotal.com
IOC compartido
Victima
APTTrail: APT ATLASCROSS indicators and references
www.virustotal.com
IOC compartido

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain auto-update.microsoftsvc.com APTTrail VT OffSec SOCRadar
Domain bestadll.fghytr.com APTTrail VT OffSec SOCRadar
Domain client.wns.windowswns.com APTTrail VT OffSec SOCRadar
Domain eupractic.s3.ap-east-1.amazonaws.com APTTrail VT OffSec SOCRadar
Domain fghytr.com APTTrail VT OffSec SOCRadar
Domain hp.kt168.org APTTrail VT OffSec SOCRadar
Domain microsoftsvc.com APTTrail VT OffSec SOCRadar
Domain onmondayr.s3.ap-east-1.amazonaws.com APTTrail VT OffSec SOCRadar
Domain server.microsoftsvc.com APTTrail VT OffSec SOCRadar
Domain service.symantecsecuritycloud.com APTTrail VT OffSec SOCRadar
Domain symantecsecuritycloud.com APTTrail VT OffSec SOCRadar
Domain time.vmwaresync.com APTTrail VT OffSec SOCRadar
Domain totting.s3.ap-east-1.amazonaws.com APTTrail VT OffSec SOCRadar
Domain tpckcapital.top APTTrail VT OffSec SOCRadar
Domain update.microsoftsvc.com APTTrail VT OffSec SOCRadar
Domain upgrade.microsoftsvc.com APTTrail VT OffSec SOCRadar
Domain uppaycn.com APTTrail VT OffSec SOCRadar
Domain vmwaresync.com APTTrail VT OffSec SOCRadar
Domain windowswns.com APTTrail VT OffSec SOCRadar
Domain wns.windowswns.com APTTrail VT OffSec SOCRadar
Domain wot.tpckcapital.top APTTrail VT OffSec SOCRadar
IP 154.23.184.30:5178 APTTrail VT OffSec SOCRadar
Domain www.trendmicro.com Extraido del contenido VT OffSec SOCRadar
Domain www.virustotal.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor clntend en el blog → Ver clntend en IntelTracker → URL IntelTracker: www.trendmicro.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: www.trendmicro.com→ Fuente OSINT: www.virustotal.com→ Fuente OSINT: www.virustotal.com→ Fuente OSINT: www.virustotal.com → Buscar clntend en APTTrail → Repositorio APTTrail → Mas incidentes en Taiwan → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters