Pivoting through a Sea of indicators to spot Turtles [Thursday, January 11, 2024]

Sea Turtle is a threat group that tends to swim under the radar, but recently the Ministry of Justice in Greece, PWC, and others before them, publi...
Pivoting through a Sea of indicators to spot Turtles [Thursday, January 11, 2024]
Pivoting through a Sea of indicators to spot Turtles
Report

Pivoting through a Sea of indicators to spot Turtles

Description :
Sea Turtle is a threat group that tends to swim under the radar, but recently the Ministry of Justice in Greece, PWC, and others before them, published reports containing infrastructure currently in use. It was once believed that when an IP or domain was outed publicly, that an actor, especially a well-resourced one, would burn it down. In this blog we’ll pull on threads to show that isn’t always the case.

Published Created Modified
2024-01-11 23:04:47 2024-01-11 23:04:47 2024-01-11 23:24:13

Tags

Indicators

IPv4s :
  • 168.100.10.187
  • 161.35.32.185
  • 192.153.57.31
  • 168.100.9.203
  • 93.115.22.212
  • 213.252.247.10
  • 213.252.246.79
  • 87.120.254.120
  • 93.123.12.151
  • 206.166.251.163
  • 95.179.130.232
  • 206.71.149.112
  • 193.149.129.182
  • 139.162.137.240
URLs :
  • www.alarabiyaa.online
Domains :
  • cn.sslname.com
  • ai-connector.splendos.org
  • exp-al-marsad.co
  • nuceciwan.news
  • caglayandergisi.net
  • 23be.xtechsupport.org
  • ai-connector.goldchekin.com
  • update.qnetau.net
  • netssh.net
  • xtechsupport.org
  • serverssl.net
  • querryfiles.com
  • solhaber.news
  • net3.me
  • loading-website.net
  • ai-connector.splendor.org
  • solhaber.info
  • infohaber.net
Hashes :
  • 01d1b63eace6383428e42c48f3d1e13e643e8a8f70d4af5d4ee6f47a0522e300
  • b0307e523e5893f2a865b0abea91cb4fb2e9d86fc71e33adaf63c8878fac2748
  • 86b13a1058dd7f41742dfb192252ac9449724c5c0a675c031602bd9f36dd49b5
  • f5e0edca8a63eb45054039104f509ef0e66fc2e67637614a0f386803506cbac1
  • be4590c31e8385a67394f7d49147a0b97cff07da6ff771614d3d3ed9ad2cd49f
  • 85ee62d57a17221e52325020b4d6f587f68fb321723be7ed794503b40bd989f7
  • 71bbcd06a4a28f1f33a998928bfe6d78aa7a56fe068c61556f41e2586809a470
  • d7d699f04463e86abc85ec029953ea7d558fd385a5e73ce0cc0d9cd0dbebd41e
  • d7f53836227dde351def7c1a5e9dd03c3a49bdc4eec6342136795038aa6d415d
  • aebc8acd17e247c8892e6a8226be4dbf2af3848bdcc1cc1536d1f8487bed55a4
  • 702108f50f953aff3c2b345c2604e9fa614cb86d8299c209065b41878fd4f66b
  • 0dda7e987104867695be561a8008d3282252e05c611c247eae62c7b798be0e24
  • 13171d3b1acf5ffbae47777cae03d5d6cb96d2d9b76fe4491bf547b2e309fb52
  • 1de46a62f53dbf3b4668bfa7fe63c022c541d8651f776fa5fd8060f21036e63a
  • 01b8a91f3d4446f2bdd22c85b225dfd2f619951e8f33178c3185dbf7543845df
  • 528fd0b183dd1ca2d109af1714d1ee89d3244c37451203b7b14e951742e16741
  • 94e7fff8d4abccca0080004a497153ce04f74f7507b52ca092462e22d84f0f8a
  • f8cb77919f411db6eaeea8f0c8394239ad38222fe15abc024362771f611c360f
  • ef1af0acb25dc88b223c7b6a6be48d35a64665bb372cf8b7674cacd5818f7ff3
  • 487bb8f6c0b6691d3575eee3faa8bfc73ddebe0d1052c02b636cc0a394ed384d
Intrusion set :
  • Sea Turtle
Location :
  • Türkiye
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.