ioc[.]one - OSINT Cyber Threat Intelligence Database

Vidar Malware Pushed Through Sites Impersonating AnyDesk

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	d6222eea-7919-4134-a9aa-3dd70f7ce8d5
Fingerprint	c2a43d51b39b0768
Analysis status	DONE
Considered CTI value	0
Text language
Published	Jan. 11, 2023, 12:29 p.m.
Added to db	Jan. 11, 2023, 1:43 p.m.
Last updated	Sept. 2, 2024, 2:39 a.m.
Headline	Vidar Malware Pushed Through Sites Impersonating AnyDesk
Title	Vidar Malware Pushed Through Sites Impersonating AnyDesk
Detected Hints/Tags/Attributes	31/2/3

Source URLs

	Redirection	Url
Details	Source	https://heimdalsecurity.com/blog/vidar-malware-impersonating-anydesk/

URL Provider

Details	Provider	Source level domain
Details	heimdalsecurity.com	heimdalsecurity.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	163	✔	—	https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		anydeskdownload.zip
Details	File	1		anydeskdownload.zip
Details	IPv4	2		185.149.120.9