Resumen APTTrail
APTTrail mantiene indicadores publicos asociados a snappytcp. Aliases observados: snappytcp. Conteo por tipo: domain: 33, file_path: 1, ipv4: 1, url: 13.
Indicadores de Compromiso (IOCs)
| Tipo | Valor | Contexto |
|---|---|---|
| Domain | 23be.xtechsupport.org | APTTrail |
| Domain | ai-connector.goldchekin.com | APTTrail |
| Domain | ai-connector.splendor.org | APTTrail |
| Domain | ai-connector.splendos.org | APTTrail |
| Domain | al-marsad.co | APTTrail |
| Domain | alarabiyaa.online | APTTrail |
| Domain | alhurra.online | APTTrail |
| Domain | anfturkce.news | APTTrail |
| Domain | aws.systemctl.network | APTTrail |
| Domain | boord.info | APTTrail |
| Domain | caglayandergisi.net | APTTrail |
| Domain | cn.sslname.com | APTTrail |
| Domain | dhcp.systemctl.network | APTTrail |
| Domain | eth0.secrsys.net | APTTrail |
| Domain | exp-al-marsad.co | APTTrail |
| Domain | forward.boord.info | APTTrail |
| Domain | infohaber.net | APTTrail |
| Domain | lo0.systemctl.network | APTTrail |
| Domain | loading-website.net | APTTrail |
| Domain | netssh.net | APTTrail |
| Domain | nmcbcd.live | APTTrail |
| Domain | nuceciwan.news | APTTrail |
| Domain | querryfiles.com | APTTrail |
| Domain | secrsys.net | APTTrail |
| Domain | serverssl.net | APTTrail |
| Domain | solhaber.info | APTTrail |
| Domain | solhaber.news | APTTrail |
| Domain | systemctl.network | APTTrail |
| Domain | ud.ybcd.tech | APTTrail |
| Domain | update.qnetau.net | APTTrail |
Referencias
- https://blog.strikeready.com/blog/pivoting-through-a-sea-of-indicators-to-spot-turtles/
- https://blog.talosintelligence.com/seaturtle/
- https://otx.alienvault.com/pulse/65a0740fefe93d8593b812af
- https://www.huntandhackett.com/blog/turkish-espionage-campaigns
- https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/tortoise-and-malwahare.html
- https://www.virustotal.com/gui/file/d7164daf135404a0f0851ffe126a0a0afe17d7f1e68717617feb9cfc3deea89c/detection