jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: danbot indicators and references

APTTrail: danbot indicators and references

Ioc 1 min lectura danbot
Fecha
18 Jun 2026
Actor
danbot
Tipo
Ioc
Pais
Russia
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
danbotActor
RussiaPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a danbot. Aliases observados: danbot, hexane, lyceum. Conteo por tipo: domain: 45, ipv4: 7.

Key Points

  • https://medium.com/@Manu_De_Lucia/exploding-the-danbot-code-to-hunt-for-hexanes-cyber-weapon-3d466775f480
  • https://otx.alienvault.com/pulse/5d656065aaa9ac9b19ef75c2
  • https://otx.alienvault.com/pulse/611cebb137fe5c6475b044f5
  • https://otx.alienvault.com/pulse/624c29baad734a210134b02c
  • https://otx.alienvault.com/pulse/6298718ccb0c8c00f0485af3

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a danbot. Aliases observados: danbot, hexane, lyceum. Conteo por tipo: domain: 45, ipv4: 7.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainakastatus.comAPTTrail
Domainbsolutions-cloude.comAPTTrail
Domaincentosupdatecdn.comAPTTrail
Domaincloudmsn.netAPTTrail
Domaincyberclub.oneAPTTrail
Domaincybersecnet.co.zaAPTTrail
Domaincybersecnet.orgAPTTrail
Domaindefenderlive.comAPTTrail
Domaindefenderstatus.comAPTTrail
Domaindigitalmarketingnews.netAPTTrail
Domaindmgagency.netAPTTrail
Domaindnscachecloud.comAPTTrail
Domaindnscatalog.netAPTTrail
Domaindnscdn.orgAPTTrail
Domaindnscloudservice.comAPTTrail
Domaindnsstatus.orgAPTTrail
Domainexcsrvcdn.comAPTTrail
Domainhe-express-marketing.comAPTTrail
Domainhpesystem.comAPTTrail
Domainjobschippc.comAPTTrail
Domainlivecdn.comAPTTrail
Domainmain.downloadAPTTrail
Domainmastertape.orgAPTTrail
Domainmicrosftonline.netAPTTrail
Domainmsnnews.orgAPTTrail
Domainnews-reporter.xyzAPTTrail
Domainnews-spot.liveAPTTrail
Domainnews-spot.xyzAPTTrail
Domainonline-analytic.comAPTTrail
Domainonlineoutlook.netAPTTrail

Referencias

Diamond Model

Adversary
danbot
Ver perfil →
Victim
APTTrail: danbot indicators and references
Russia
Capability
Ioc
Infrastructure
akastatus.com
bsolutions-cloude.com
centosupdatecdn.com
cloudmsn.net

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain akastatus.com APTTrail VT OffSec SOCRadar
Domain bsolutions-cloude.com APTTrail VT OffSec SOCRadar
Domain centosupdatecdn.com APTTrail VT OffSec SOCRadar
Domain cloudmsn.net APTTrail VT OffSec SOCRadar
Domain cyberclub.one APTTrail VT OffSec SOCRadar
Domain cybersecnet.co.za APTTrail VT OffSec SOCRadar
Domain cybersecnet.org APTTrail VT OffSec SOCRadar
Domain defenderlive.com APTTrail VT OffSec SOCRadar
Domain defenderstatus.com APTTrail VT OffSec SOCRadar
Domain digitalmarketingnews.net APTTrail VT OffSec SOCRadar
Domain dmgagency.net APTTrail VT OffSec SOCRadar
Domain dnscachecloud.com APTTrail VT OffSec SOCRadar
Domain dnscatalog.net APTTrail VT OffSec SOCRadar
Domain dnscdn.org APTTrail VT OffSec SOCRadar
Domain dnscloudservice.com APTTrail VT OffSec SOCRadar
Domain dnsstatus.org APTTrail VT OffSec SOCRadar
Domain excsrvcdn.com APTTrail VT OffSec SOCRadar
Domain he-express-marketing.com APTTrail VT OffSec SOCRadar
Domain hpesystem.com APTTrail VT OffSec SOCRadar
Domain jobschippc.com APTTrail VT OffSec SOCRadar
Domain livecdn.com APTTrail VT OffSec SOCRadar
Domain main.download APTTrail VT OffSec SOCRadar
Domain mastertape.org APTTrail VT OffSec SOCRadar
Domain microsftonline.net APTTrail VT OffSec SOCRadar
Domain msnnews.org APTTrail VT OffSec SOCRadar
Domain news-reporter.xyz APTTrail VT OffSec SOCRadar
Domain news-spot.live APTTrail VT OffSec SOCRadar
Domain news-spot.xyz APTTrail VT OffSec SOCRadar
Domain online-analytic.com APTTrail VT OffSec SOCRadar
Domain onlineoutlook.net APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor danbot en el blog → Ver danbot en IntelTracker → URL IntelTracker: medium.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: otx.alienvault.com→ URL IntelTracker: otx.alienvault.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: medium.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: otx.alienvault.com→ Fuente OSINT: otx.alienvault.com → Buscar danbot en APTTrail → Repositorio APTTrail → Mas incidentes en Russia → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters