BlindEagle

BlindEagle APT-C-36 South America APT. DuckDNS dynamic DNS C2. SpanishGUI. WinRAR SFX delivery. Targets Colombia, Ecuador, Chile.

Threat Profile
Type RAT
Programming LanguageDelphi/AutoIt
C2 ProtocolHTTP
First Seen2018
Targets Latin Amerika
Purpose / Capabilities
  • Remote Access

C2 Servers 2

Address Port Protocol Status Action
kbum1963.duckdns.org
443 HTTPS INACTIVE
remnew.duckdns.org
443 HTTPS INACTIVE

⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.

Research Reports (1)

Critical

BlindEagle -- kbum1963.duckdns.org + remnew.duckdns.org DuckDNS Dinamik C2, Pulse el Boton İspanyolca GUI, WinRAR SFX Teslimat | Kritik

BlindEagle 1.88MB. kbum1963.duckdns.org remnew.duckdns.org DuckDNS dinamik DNS C2. IDS_TITLE1 Pulse el boton Ispanyolca UI. $GETPASSWORD1 WinRAR SFX teslimat.

Read Report →