← Back to Pulse Feed
PULSE DETAIL
# Mirage - Threat Actor Profile
**Report Date**: 2025-05-08
**Actor Type**: unknown
## Description
Mirage is a sophisticated cyber espionage group believed to be linked to Chinas Peoples Liberation Army PLA. The groups primary focus is on intelligence gathering, targeting sectors like aerospace and defense. They employ a variety of tactics and tools, including custom malware.
## Targeted Sectors
* Administración pública
* Transporte aéreo
* Manufactura
* Investigación y tecnología espacial
* Servicios públicos
* ... y 10 más
## Targeted Countries
* República Dominicana
* India 2
* Ghana
* Siria
* Venezuela
* ... y 61 más
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| CVE | CVE-2012-0158 | IOC associated with Mirage | 2025-05-08 | |
| CVE | CVE-2015-2546 | IOC associated with Mirage | 2025-05-08 | |
| CVE | CVE-2017-11882 | IOC associated with Mirage | 2025-05-08 | |
| CVE | CVE-2021-31207 | IOC associated with Mirage | 2025-05-08 | |
| CVE | CVE-2021-34473 | IOC associated with Mirage | 2025-05-08 | |
| CVE | CVE-2021-34523 | IOC associated with Mirage | 2025-05-08 | |
| hostname | 6b4s.popmonster.ru | IOC associated with Mirage | 2025-05-08 | |
| hostname | 9356.popmonster.ru | IOC associated with Mirage | 2025-05-08 | |
| domain | actuallys.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | afg.collinformations.com | IOC associated with Mirage | 2025-05-08 | |
| domain | andspurs.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | apps.androidupdated.net | IOC associated with Mirage | 2025-05-08 | |
| domain | asistechs.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | b.popmonster.ru | IOC associated with Mirage | 2025-05-08 | |
| domain | baddadsclub.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | bat.androidupdated.net | IOC associated with Mirage | 2025-05-08 | |
| domain | beltsymd.org | IOC associated with Mirage | 2025-05-08 | |
| domain | cancelle.net | IOC associated with Mirage | 2025-05-08 | |
| domain | cavanic9.net | IOC associated with Mirage | 2025-05-08 | |
| domain | cognacbrown.co.uk | IOC associated with Mirage | 2025-05-08 | |
| domain | cyclophilit.com | IOC associated with Mirage | 2025-05-08 | |
| domain | cyprus-villas.org | IOC associated with Mirage | 2025-05-08 | |
| domain | delldrivers.in | IOC associated with Mirage | 2025-05-08 | |
| domain | dmsz.org | IOC associated with Mirage | 2025-05-08 | |
| domain | dnsapp.info | IOC associated with Mirage | 2025-05-08 | |
| domain | flygram.org | IOC associated with Mirage | 2025-05-08 | |
| domain | gandeste.net | IOC associated with Mirage | 2025-05-08 | |
| domain | geordie.land | IOC associated with Mirage | 2025-05-08 | |
| domain | goodtobeloved.com | IOC associated with Mirage | 2025-05-08 | |
| domain | gsenergyspeedtest.com | IOC associated with Mirage | 2025-05-08 | |
| domain | gupdate.us | IOC associated with Mirage | 2025-05-08 | |
| domain | hpupdate.net | IOC associated with Mirage | 2025-05-08 | |
| domain | installcb.online | IOC associated with Mirage | 2025-05-08 | |
| domain | kamikirim.my.id | IOC associated with Mirage | 2025-05-08 | |
| hostname | kdr.zarkada.ru | IOC associated with Mirage | 2025-05-08 | |
| hostname | ksbyz.jelikob.ru | IOC associated with Mirage | 2025-05-08 | |
| hostname | log.autocount.org | IOC associated with Mirage | 2025-05-08 | |
| hostname | mail.indiarailways.net | IOC associated with Mirage | 2025-05-08 | |
| hostname | mail.pmumail.com | IOC associated with Mirage | 2025-05-08 | |
| domain | mfaantivirus.xyz | IOC associated with Mirage | 2025-05-08 | |
| hostname | micakiz.wikaba.org | IOC associated with Mirage | 2025-05-08 | |
| domain | moneybac.ru | IOC associated with Mirage | 2025-05-08 | |
| domain | mssync.one | IOC associated with Mirage | 2025-05-08 | |
| domain | msupdate.top | IOC associated with Mirage | 2025-05-08 | |
| hostname | news.memozilla.org | IOC associated with Mirage | 2025-05-08 | |
| domain | newsinlevel.cc | IOC associated with Mirage | 2025-05-08 | |
| domain | perusmartcity.com | IOC associated with Mirage | 2025-05-08 | |
| domain | pfs1010.com | IOC associated with Mirage | 2025-05-08 | |
| domain | pfs1010.xyz | IOC associated with Mirage | 2025-05-08 | |
| hostname | proxy.oracleapps.org | IOC associated with Mirage | 2025-05-08 | |
| hostname | proxy1.signalplus.org | IOC associated with Mirage | 2025-05-08 | |
| hostname | proxy2.signalplus.org | IOC associated with Mirage | 2025-05-08 | |
| hostname | proxy3.signalplus.org | IOC associated with Mirage | 2025-05-08 | |
| hostname | proxy4.signalplus.org | IOC associated with Mirage | 2025-05-08 | |
| hostname | proxy5.signalplus.org | IOC associated with Mirage | 2025-05-08 | |
| hostname | proxy6.signalplus.org | IOC associated with Mirage | 2025-05-08 | |
| domain | ridingduck.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | rmxlqabmvfnw4wp4.onion.gq | IOC associated with Mirage | 2025-05-08 | |
| hostname | run.linodepower.com | IOC associated with Mirage | 2025-05-08 | |
| domain | sanchaar.net | IOC associated with Mirage | 2025-05-08 | |
| hostname | scm.oracleapps.org | IOC associated with Mirage | 2025-05-08 | |
| domain | sherence.ru | IOC associated with Mirage | 2025-05-08 | |
| domain | signalplus.org | IOC associated with Mirage | 2025-05-08 | |
| hostname | singa.linodepower.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | test1.zhangliyong.cn | IOC associated with Mirage | 2025-05-08 | |
| domain | thehollow.co | IOC associated with Mirage | 2025-05-08 | |
| domain | thelastxmas.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | update.adboeonline.net | IOC associated with Mirage | 2025-05-08 | |
| hostname | update.delldrivers.in | IOC associated with Mirage | 2025-05-08 | |
| domain | upmirror.top | IOC associated with Mirage | 2025-05-08 | |
| hostname | ve0.popmonster.ru | IOC associated with Mirage | 2025-05-08 | |
| domain | verisims.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | video.memozilla.org | IOC associated with Mirage | 2025-05-08 | |
| domain | wwindows.data | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.atomicmatryoshka.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.baddadsclub.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.birdsvpn.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.brunomassage.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.ciphertechsolutions.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.delhiopera.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.delldrivers.in | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.flygram.org | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.geordie.land | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.goodtobeloved.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.hpupdate.net | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.latavernaalmonte.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.numupdate.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.pmshyptest.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.pubsectors.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.signalplus.org | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.thelastxmas.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | www.zitoart.com | IOC associated with Mirage | 2025-05-08 | |
| hostname | xre.popmonster.ru | IOC associated with Mirage | 2025-05-08 | |
| domain | yusufwelding.com | IOC associated with Mirage | 2025-05-08 | |
| domain | zipcodeterm.com | IOC associated with Mirage | 2025-05-08 |