jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: fakem indicators and references

APTTrail: fakem indicators and references

Ioc 1 min lectura fakem
Fecha
18 Jun 2026
Actor
fakem
Tipo
Ioc
Pais
United States
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

30IOCs
0TTPs
fakemActor
United StatesPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a fakem. Aliases observados: fakem, fakemrat. Conteo por tipo: domain: 79, ipv4: 2.

Key Points

  • http://researchcenter.paloaltonetworks.com/2016/01/scarlet-mimic-years-long-espionage-targets-minority-activists/
  • https://github.com/kbandla/APTnotes/blob/master/2013/wp-fakem-rat.pdf
  • https://www.virustotal.com/gui/file/81f6b4d95e52ffe48aa39eb5b619893017db1b4600482574b082563bd9544934/detection

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a fakem. Aliases observados: fakem, fakemrat. Conteo por tipo: domain: 79, ipv4: 2.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainaaa123.spdns.deAPTTrail
Domainaccount.websurprisemail.comAPTTrail
Domainaccounts.yourturbe.orgAPTTrail
Domainaddi.apple.cloudns.orgAPTTrail
Domainaddnow.zapto.orgAPTTrail
Domainadmin.spdns.orgAPTTrail
Domainalma.apple.cloudns.orgAPTTrail
Domainangleegg.ddns.usAPTTrail
Domainangleegg.xxxy.infoAPTTrail
Domainapple.lenovositegroup.comAPTTrail
Domainapple12.co.ccAPTTrail
Domainapple12.crabdance.comAPTTrail
Domainavira.suroot.comAPTTrail
Domainbailee.alanna.cloudns.bizAPTTrail
Domainbee.aoto.cloudns.orgAPTTrail
Domainbits.githubs.netAPTTrail
Domainbook.websurprisemail.comAPTTrail
Domainclean.popqueen.cloudns.orgAPTTrail
Domaindesk.websurprisemail.comAPTTrail
Domaindetail43.myfirewall.orgAPTTrail
Domaindolat.diyarpakzimin.comAPTTrail
Domaindolat.websurprisemail.comAPTTrail
Domaindolet.websurprisemail.comAPTTrail
Domaineconomy.spdns.deAPTTrail
Domaineconomy.spdns.euAPTTrail
Domaineemete.freetcp.comAPTTrail
Domainemail.googmail.orgAPTTrail
Domainendless.zapto.orgAPTTrail
Domainfirefox.spdns.deAPTTrail
Domainfirewallupdate.firewall-gateway.netAPTTrail

Referencias

Diamond Model

Adversary
fakem
Ver perfil →
Victim
APTTrail: fakem indicators and references
United States
Capability
Ioc
Infrastructure
aaa123.spdns.de
account.websurprisemail.com
accounts.yourturbe.org
addi.apple.cloudns.org

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain aaa123.spdns.de APTTrail VT OffSec SOCRadar
Domain account.websurprisemail.com APTTrail VT OffSec SOCRadar
Domain accounts.yourturbe.org APTTrail VT OffSec SOCRadar
Domain addi.apple.cloudns.org APTTrail VT OffSec SOCRadar
Domain addnow.zapto.org APTTrail VT OffSec SOCRadar
Domain admin.spdns.org APTTrail VT OffSec SOCRadar
Domain alma.apple.cloudns.org APTTrail VT OffSec SOCRadar
Domain angleegg.ddns.us APTTrail VT OffSec SOCRadar
Domain angleegg.xxxy.info APTTrail VT OffSec SOCRadar
Domain apple.lenovositegroup.com APTTrail VT OffSec SOCRadar
Domain apple12.co.cc APTTrail VT OffSec SOCRadar
Domain apple12.crabdance.com APTTrail VT OffSec SOCRadar
Domain avira.suroot.com APTTrail VT OffSec SOCRadar
Domain bailee.alanna.cloudns.biz APTTrail VT OffSec SOCRadar
Domain bee.aoto.cloudns.org APTTrail VT OffSec SOCRadar
Domain bits.githubs.net APTTrail VT OffSec SOCRadar
Domain book.websurprisemail.com APTTrail VT OffSec SOCRadar
Domain clean.popqueen.cloudns.org APTTrail VT OffSec SOCRadar
Domain desk.websurprisemail.com APTTrail VT OffSec SOCRadar
Domain detail43.myfirewall.org APTTrail VT OffSec SOCRadar
Domain dolat.diyarpakzimin.com APTTrail VT OffSec SOCRadar
Domain dolat.websurprisemail.com APTTrail VT OffSec SOCRadar
Domain dolet.websurprisemail.com APTTrail VT OffSec SOCRadar
Domain economy.spdns.de APTTrail VT OffSec SOCRadar
Domain economy.spdns.eu APTTrail VT OffSec SOCRadar
Domain eemete.freetcp.com APTTrail VT OffSec SOCRadar
Domain email.googmail.org APTTrail VT OffSec SOCRadar
Domain endless.zapto.org APTTrail VT OffSec SOCRadar
Domain firefox.spdns.de APTTrail VT OffSec SOCRadar
Domain firewallupdate.firewall-gateway.net APTTrail VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor fakem en el blog → Ver fakem en IntelTracker → URL IntelTracker: researchcenter.paloaltonetworks.com→ URL IntelTracker: github.com→ URL IntelTracker: www.virustotal.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: researchcenter.paloaltonetworks.com→ Fuente OSINT: github.com→ Fuente OSINT: www.virustotal.com → Buscar fakem en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters