ioc[.]one - OSINT Cyber Threat Intelligence Database

Vidar stealer campaign targeting Baltic region and NATO entities

Tags

country:	Estonia Latvia Lithuania Poland
attack-pattern:	Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Social Media - T1593.001

Show in Graph

Common Information

Type	Value
UUID	c5cd0d1c-8892-4079-8b6a-74e276baab88
Fingerprint	9c34fc738b9ea38a
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 27, 2021, midnight
Added to db	Aug. 31, 2024, 1:37 a.m.
Last updated	Nov. 14, 2024, 5:03 p.m.
Headline	Social media
Title	Vidar stealer campaign targeting Baltic region and NATO entities
Detected Hints/Tags/Attributes	31/2/76

Source URLs

	Redirection	Url
Details	Source	https://cert.pl/en/posts/2021/10/vidar-campaign/

URL Provider

Details	Provider	Source level domain
Details	cert.pl	cert.pl

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	81	✔	CERT Polska	https://cert.pl/en/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1	ccdcoe.ee
Details	Domain	4	ccdcoe.org
Details	Domain	2	stratcomcoe.org
Details	Domain	1	enseccoe.org
Details	Domain	1	sab.gov.lv
Details	Domain	1	midd.gov.lv
Details	Domain	1	dp.gov.lv
Details	Domain	1	rs.gov.lv
Details	Domain	1	vp.gov.lv
Details	Domain	1	mod.gov.lv
Details	Domain	5	cert.lv
Details	Domain	1	mil.lv
Details	Domain	1	gov.lt
Details	Domain	1	mil.lt
Details	Domain	1	vsd.lt
Details	Domain	1	vrm.lt
Details	Domain	1	stt.lt
Details	Domain	1	kapo.ee
Details	Domain	1	politsei.ee
Details	Domain	1	aw.gov.pl
Details	Domain	2	abw.gov.pl
Details	Domain	1	strazgraniczna.pl
Details	Domain	1	bbn.gov.pl
Details	Domain	1	sww.gov.pl
Details	Domain	1	mon.gov.pl
Details	Domain	1	skw.gov.pl
Details	Domain	101	cert.pl
Details	Domain	97	abuse.ch
Details	Domain	22	mas.to
Details	File	40	gov.pl
Details	File	1	strazgraniczna.pl
Details	File	99	cert.pl
Details	sha256	1	b115531ef23c109fb58c392379b7f55eff11169e1317b263da60edd9ac98f6b1
Details	sha256	1	abed3750173760a9bcc5f6d78ccdd3557ce27135c8c5e6e593a9a7387e738c4e
Details	sha256	1	77737d30b68a8fa75847570bfaa2c718875c532de61d7a5643504a1ac892a330
Details	sha256	1	9405f9084c8ec3eff442b83c20928fceb3e6372d504381b0527a7512a9889231
Details	sha256	1	062c573497b73b4feaa77a78c2c76f6b095e51de635ac936e034f72afa081ecf
Details	sha256	1	c8aa42e07176d24c933d1e2bc4f0052b2973f98fc6e395d90f09e07dbf7c0585
Details	sha256	1	736b919068232acf7aae67e3ca5e915c89faade4110b31ff75c249ade1991ef6
Details	sha256	1	ebe82a7d2f2f9989a5e4ef6a4602a8224abdff7aef5baa6beacb5977c02ac3e0
Details	sha256	1	dbc78e2174ea6ef2807de19d0c1c60d0d027ce3d83a001d0d1bb603afad2f961
Details	sha256	1	106d93ced41d81795f66bb29ad5c847a25a1e2c094fe28a67dc576f1c33fcad4
Details	sha256	1	d7480662bc7ee6dc38227ea381978553b1774774e4a0a70ea3bf6aebbca48622
Details	sha256	1	4bc52cd8296fcffc22b5ca8ebf2b161260d71c8d34658f45c9c93cf6d65749e9
Details	sha256	1	4b3e6a191ab050a87aeeb8a650290c4e217e9508971beeb929417d13d89292e2
Details	sha256	1	c95d04ae659ff27da971c970ec072ffbec37551120fe8c395d5455fba4139d0d
Details	sha256	1	6aae67d87cd2ef23c4b9265c8e83db5142f00154e66e47b1e54219cea794682b
Details	sha256	1	aad6294207c2facfebf440fa5d52804422edbf9c9e9adb4a7aaff0310b1c5d11
Details	sha256	1	43b31ea75f3c0666523aefc13e216a651e8e93feaeff1165cb35ed374365cdd6
Details	sha256	1	d7b0380241e4d47fc00e72faa08831b51b0ae360d5ccc45717f39f3106c3020a
Details	sha256	1	995d009e2fa6b510a0251895e0e71d0709ebfdeac782eae91caa3b4ee30bd29b
Details	sha256	1	6c2ad98af84288aff6f49ae92f9f71befbfaa4ac35d1a05b1441f1ce15124ee0
Details	sha256	1	3276f5cb5545e19704b1ef2897c17d721d6e156323f48f19275997d3cc62d005
Details	sha256	1	ee6cb977e78651d7b9a3fd412a40f6e2cd1501f05b04c49e744db35c83181132
Details	sha256	1	22dbf29f7b7ee63da9418ab462b83e242823b83af7d697e7cf34796febc4d884
Details	sha256	1	149d9555994e5930d863674a2c55d295d5a19446bed86ef1079ccbbbdae9975f
Details	sha256	1	90618d3aa5146d27b46476a4c7bfcc2e5323b74dcbcf2c0af6b4f00c4c2d9297
Details	sha256	1	7a5444f5316764d3960132052abe097784a29b7390e0ece10c86b804c125100f
Details	sha256	1	98ee19dbbe959081f2d95b7f56af58fcb7ecdc5b85bb9ee13775376b9bad1ccf
Details	sha256	1	9fefd930a1cc7b257fe5a65bc3eda3167bc0f82895f288fc34eaca3411b2688b
Details	sha256	1	11a83b7f651c007cef7ca9490fc560dbfda8cd6b538199e277047c8087c7cee0
Details	sha256	1	611796a36903059a2d1725d7849a375b9aa2902254c0d5f5fa2122e83570ea3a
Details	sha256	1	7ec5f24e6f59719e6c071ec719dcfcbe8e48f5293f493b903f19446c1815048b
Details	sha256	1	518e682b4f0226db5e1abb7b62a32a2f46db719b6c407317273cbef56c811657
Details	sha256	1	bf4d1dcd4b9129f47ec4239fa5a33e00c981e5fac5b8be880b76d2a1f5753c34
Details	sha256	1	d9b6823ca8e13b78c269c5d21e948dbab625ea87d3370d163eeabeb3822aef56
Details	sha256	1	8a2abfa467352b278a1233aead9dffbb23a6d17bd50fe22e275ca92a1911c23c
Details	sha256	1	1fbbaa6cfa20d6e11a3e5e4ba0702f608d474cbf5a86eef891fb57a671c684be
Details	sha256	1	2692f4594cebfa3afca882274dc1432fea1ccbc7d3f37db3e15059722db1d97b
Details	sha256	1	9cffbade290f88c34b8a5e2e551fd9ae035eeda9d49d0eb0fecec8e40ecf2e84
Details	sha256	1	16c3f8999141beee55afdb49670b9e44b4916816faeb643639a7ace81c13806a
Details	sha256	1	1d4ecd52ab85b7f5229f00ee10d438286e361d4c304000abca8b3dcbe1d7c720
Details	sha256	1	446d53cdc62a86025835e93938afeb9c1b24f28f2bade4980c01ac517b76c760
Details	IPv4	1	167.86.127.231
Details	IPv4	1	65.108.80.190
Details	Url	2	https://mas.to