jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: dinodas indicators and references

APTTrail: dinodas indicators and references

Ioc 2 min lectura dinodas
Fecha
18 Jun 2026
Actor
dinodas
Tipo
Ioc
Pais
Unknown
Sector
Government
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

28IOCs
0TTPs
dinodasActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a dinodas. Aliases observados: dinodas, dinodasrat, linodas, linodasrat. Conteo por tipo: domain: 12, ipv4: 7, url: 5.

Key Points

  • https://github.com/eset/malware-ioc/tree/master/operation_jacana
  • https://securelist.com/dinodasrat-linux-implant/112284/
  • https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/earth-krahang-exploits-intergovernmental-trust-to-launch-cross-government-attacks/earth_krahang_iocs.txt
  • https://www.trendmicro.com/en_us/research/24/c/earth-krahang.html
  • https://www.virustotal.com/gui/file/15412d1a6b7f79fad45bcd32cf82f9d651d9ccca082f98a0cca3ad5335284e45/detection

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a dinodas. Aliases observados: dinodas, dinodasrat, linodas, linodasrat. Conteo por tipo: domain: 12, ipv4: 7, url: 5.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domain115-126-98-204.hkt.ccAPTTrail
Domain118-99-6-202.hkt.ccAPTTrail
Domaincentos-yum.comAPTTrail
Domainmicrosoft-setting.comAPTTrail
Domainmicrosoft-settings.comAPTTrail
Domainsecurity-microsoft.netAPTTrail
Domainserver-microsoft.comAPTTrail
Domainupdate.centos-yum.comAPTTrail
Domainupdate.microsoft-setting.comAPTTrail
Domainupdate.microsoft-settings.comAPTTrail
Domainupdate.windows.server-microsoft.comAPTTrail
Domainwindows.server-microsoft.comAPTTrail
IP115.126.98.204:443APTTrail
IP118.107.221.43:443APTTrail
IP118.107.221.43:5000APTTrail
IP118.107.221.43:8080APTTrail
IP118.99.6.202:443APTTrail
IP199.231.211.19:30612APTTrail
IP199.231.211.19:8080APTTrail
URLhttp://115.126.98.204APTTrail
URLhttp://118.99.6.202APTTrail
URLhttp://23.106.122.46APTTrail
URLhttp://23.106.122.5APTTrail
URLhttp://23.106.123.166APTTrail

Referencias

Diamond Model

Adversary
dinodas
Ver perfil →
Victim
APTTrail: dinodas indicators and references
Capability
Ioc
Infrastructure
115-126-98-204.hkt.cc
118-99-6-202.hkt.cc
centos-yum.com
microsoft-setting.com

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

16 enlaces
Domain
github.com
IOC compartido
Domain
www.virustotal.com
IOC compartido
Domain
securelist.com
IOC compartido
Domain
www.trendmicro.com
IOC compartido
IntelTracker / OSINT link
github.com
dinodas
enlace asociado al actor
IntelTracker / OSINT link
securelist.com
dinodas
enlace asociado al actor
IntelTracker / OSINT link
www.trendmicro.com
dinodas
enlace asociado al actor
IntelTracker / OSINT link
www.trendmicro.com
dinodas
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
dinodas
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
dinodas
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
dinodas
enlace asociado al actor
IntelTracker / OSINT link
www.virustotal.com
dinodas
enlace asociado al actor
Nodo actual
APTTrail: dinodas indicators and references
dinodas
Victima
APTTrail: apt-c-12 indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT 18 indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: eraleig ransomware indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: vampirebot indicators and references
github.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT CLOUDWIZARD indicators and references
securelist.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT DESERTFALCON indicators and references
www.trendmicro.com securelist.com
IOC compartido
Victima
APTTrail: crouching yeti indicators and references
securelist.com www.virustotal.com
IOC compartido
Victima
APTTrail: APT GROUNDBAIT indicators and references
github.com www.virustotal.com
IOC compartido

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain 115-126-98-204.hkt.cc APTTrail VT OffSec SOCRadar
Domain 118-99-6-202.hkt.cc APTTrail VT OffSec SOCRadar
Domain centos-yum.com APTTrail VT OffSec SOCRadar
Domain microsoft-setting.com APTTrail VT OffSec SOCRadar
Domain microsoft-settings.com APTTrail VT OffSec SOCRadar
Domain security-microsoft.net APTTrail VT OffSec SOCRadar
Domain server-microsoft.com APTTrail VT OffSec SOCRadar
Domain update.centos-yum.com APTTrail VT OffSec SOCRadar
Domain update.microsoft-setting.com APTTrail VT OffSec SOCRadar
Domain update.microsoft-settings.com APTTrail VT OffSec SOCRadar
Domain update.windows.server-microsoft.com APTTrail VT OffSec SOCRadar
Domain windows.server-microsoft.com APTTrail VT OffSec SOCRadar
IP 115.126.98.204:443 APTTrail VT OffSec SOCRadar
IP 118.107.221.43:443 APTTrail VT OffSec SOCRadar
IP 118.107.221.43:5000 APTTrail VT OffSec SOCRadar
IP 118.107.221.43:8080 APTTrail VT OffSec SOCRadar
IP 118.99.6.202:443 APTTrail VT OffSec SOCRadar
IP 199.231.211.19:30612 APTTrail VT OffSec SOCRadar
IP 199.231.211.19:8080 APTTrail VT OffSec SOCRadar
URL http://115.126.98.204 APTTrail VT OffSec SOCRadar
URL http://118.99.6.202 APTTrail VT OffSec SOCRadar
URL http://23.106.122.46 APTTrail VT OffSec SOCRadar
URL http://23.106.122.5 APTTrail VT OffSec SOCRadar
URL http://23.106.123.166 APTTrail VT OffSec SOCRadar
Domain github.com Extraido del contenido VT OffSec SOCRadar
Domain securelist.com Extraido del contenido VT OffSec SOCRadar
Domain www.trendmicro.com Extraido del contenido VT OffSec SOCRadar
Domain www.virustotal.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor dinodas en el blog → Ver dinodas en IntelTracker → URL IntelTracker: github.com→ URL IntelTracker: securelist.com→ URL IntelTracker: www.trendmicro.com→ URL IntelTracker: www.trendmicro.com→ URL IntelTracker: www.virustotal.com→ URL IntelTracker: www.virustotal.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: github.com→ Fuente OSINT: securelist.com→ Fuente OSINT: www.trendmicro.com→ Fuente OSINT: www.trendmicro.com → Buscar dinodas en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters