BlindEagle
BlindEagle APT-C-36 South America APT. DuckDNS dynamic DNS C2. SpanishGUI. WinRAR SFX delivery. Targets Colombia, Ecuador, Chile.
Threat Profile
Type
RAT
Programming LanguageDelphi/AutoIt
C2 ProtocolHTTP
First Seen2018
Targets
Latin Amerika
Purpose / Capabilities
- Remote Access
C2 Servers 2
| Address | Port | Protocol | Status | Action |
|---|---|---|---|---|
kbum1963.duckdns.org
|
443 | HTTPS | INACTIVE | |
remnew.duckdns.org
|
443 | HTTPS | INACTIVE |
⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.
Research Reports (1)
BlindEagle -- kbum1963.duckdns.org + remnew.duckdns.org DuckDNS Dinamik C2, Pulse el Boton İspanyolca GUI, WinRAR SFX Teslimat | Kritik
BlindEagle 1.88MB. kbum1963.duckdns.org remnew.duckdns.org DuckDNS dinamik DNS C2. IDS_TITLE1 Pulse el boton Ispanyolca UI. $GETPASSWORD1 WinRAR SFX teslimat.
Read Report →