ioc[.]one - OSINT Cyber Threat Intelligence Database

AridViper Windows Malware Threat Intel Advisory | Threat Intelligence | CloudSEK

Tags

cmtmf-attack-pattern:	Data Encrypted Masquerade As Legitimate Application Native Code Suppress Application Icon
country:	Chad
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Access Call Log - T1433 Access Contact List - T1432 Access Notifications - T1517 Exfiltration Over Other Network Medium - T1438 Broadcast Receivers - T1402 Software Discovery - T1418 Application Layer Protocol - T1437 Archive Collected Data - T1532 Audio Capture - T1429 Broadcast Receivers - T1624.001 Capture Sms Messages - T1412 Credentials - T1589.001 Data From Local System - T1533 Deliver Malicious App Via Other Means - T1476 File And Directory Discovery - T1420 Ingress Tool Transfer - T1544 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Masquerade As Legitimate Application - T1444 System Information Discovery - T1426 Native Api - T1575 Phishing - T1660 Phishing - T1566 Python - T1059.006 Screen Capture - T1513 Suppress Application Icon - T1628.001 Suppress Application Icon - T1508 Video Capture - T1512 Standard Application Layer Protocol - T1071 Data Encrypted - T1022 Data From Local System - T1005 File And Directory Discovery - T1083 Remote File Copy - T1105 Screen Capture - T1113 System Information Discovery - T1082 Remote File Copy Screen Capture Standard Application Layer Protocol Wipe Device Data - Mob-T1050

Show in Graph

Common Information

Type	Value
UUID	ebb50162-14a9-4efd-b001-21d8f0964cd0
Fingerprint	852d0d43c7bbad83
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 24, 2020, midnight
Added to db	Aug. 31, 2024, 2:11 a.m.
Last updated	Nov. 7, 2024, 2:09 a.m.
Headline	AridViper Windows Malware Threat Intel Advisory
Title	AridViper Windows Malware Threat Intel Advisory \| Threat Intelligence \| CloudSEK
Detected Hints/Tags/Attributes	73/4/78

Source URLs

	Redirection	Url
Details	Source	https://www.cloudsek.com/threatintelligence/aridviper-windows-malware-threat-intel-advisory

URL Provider

Details	Provider	Source level domain
Details	cloudsek.com	www.cloudsek.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	89	✔	CloudSEK Threat Intelligence	https://cloudsek.com/threatintelligence/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1	baldwin-gonzalez.live
Details	Domain	2	benyallen.club
Details	Domain	3	chad-jessie.info
Details	Domain	4	escanor.live
Details	Domain	3	jaime-martinez.info
Details	Domain	4	judystevenson.info
Details	Domain	4	krasil-anthony.icu
Details	Domain	6	nicoledotson.icu
Details	Domain	1	robert-keegan.life
Details	Domain	1	samwinchester.club
Details	Domain	1	tatsumifoughtogre.club
Details	File	1	chad-jessie.inf
Details	File	1	jaime-martinez.inf
Details	File	1	judystevenson.inf
Details	md5	1	e098135ca0b3bdfdd8465312c378e4e2
Details	md5	3	835f86e1e83a3da25c715e89db5355cc
Details	md5	2	6e2d058c3508694a392194dbb6e9fe44
Details	md5	2	e35d13bd8f04853e69ded48cf59827ef
Details	md5	3	ae0b53e6b378bf74e1dd2973d604be55
Details	md5	1	533b1aea016aacf4afacfe9a8510b168
Details	md5	1	bbf630ca23976ddf8a561ccdb477c73d
Details	md5	1	315c2dbe40bc2dc62cd58872744d1f0c
Details	md5	3	89e9823013f711d384824d8461cc425d
Details	md5	3	f5bac4d2de2eb1f8007f68c77bfa460e
Details	md5	2	4d9b6b0e7670dd5919b188cb71d478c0
Details	md5	2	7ea20c7c999bbd59e9b90309c0afa972
Details	md5	2	f93faca357f9a8041a377ca913888565
Details	md5	1	cf24ddd2bfd6ea9b362722baff36cc21
Details	md5	3	9d76d59de0ee91add92c938e3335f27f
Details	md5	2	94a5e595be051b9250e678de1ff927ac
Details	md5	2	c7d7ee62e093c84b51d595f4dc56eab1
Details	md5	3	c27f925a7c424c0f5125a681a9c44607
Details	sha256	1	078212fc6d69641e96ed04352fba4d028fd5eadc87c7a4169bfbcfc52b8ef8f2
Details	sha256	1	0d65b9671e51baf64e1389649c94f2a9c33547bfe1f5411e12c16ae2f2f463dd
Details	sha256	1	11487246a864ee0edf2c05c5f1489558632fb05536d6a599558853640df8cd78
Details	sha256	1	2115d02ead5e497ce5a52ab9b17f0e007a671b3cd95aa55554af17d9a30de37c
Details	sha256	1	26253e9027f798bafc4a70bef1b5062f096a72b0d7af3065b0f4a9b3be937c99
Details	sha256	1	3884ac554dcd58c871a4e55900f8847c9e308a79c321ae46ced58daa00d82ab4
Details	sha256	1	3c8979740d2f634ff2c0c0ab7adb78fe69d6d42307118d0bb934f03974deddac
Details	sha256	1	3da95f33b6feb5dcc86d15e2a31e211e031efa2e96792ce9c459b6b769ffd6a4
Details	sha256	1	42fa99e574b8ac5eddf084a37ef891ee4d16742ace9037cda3cdf037678e7512
Details	sha256	1	46dae9b27f100703acf5b9fda2d1b063cca2af0d4abeeccc6cd45d12be919531
Details	sha256	1	47d53f4ab24632bf4ca34e9a10e11b4b6c48a242cbcfcb1579d67523463e59d2
Details	sha256	1	4eced949a2da569ee9c4e536283dabad49e2f41371b6e8d40b80a79ec1b0e986
Details	sha256	1	5b8b71d1140beaae4736eb58adc64930613ebeab997506fbb09aabff68242e17
Details	sha256	1	82ad34384fd3b37f85e735a849b033326d8ce907155f5ff2d24318b1616b2950
Details	sha256	1	83e0db0fa3feaf911a18c1e2076cc40ba17a185e61623a9759991deeca551d8b
Details	sha256	1	a60cadbf6f5ef8a2cbb699b6d7f072245c8b697bbad5c8639bca9bb55f57ae65
Details	sha256	1	b0562b41552a2fa744390a5f79a843940dade57fcf90cd23187d9c757dc32c37
Details	sha256	2	b61fa79c6e8bfcb96f6e2ed4057f5a835a299e9e13e4c6893c3c3309e31cad44
Details	sha256	1	d28ab0b04dc32f1924f1e50a5cf864325c901e11828200629687cca8ce6b2d5a
Details	sha256	1	db1c2482063299ba5b1d5001a4e69e59f6cc91b64d24135c296ec194b2cab57a
Details	sha256	1	ddaeffb12a944a5f4d47b28affe97c1bc3a613dab32e5b5b426ef249cfc29273
Details	sha256	1	e869c7f981256ddb7aa1c187a081c46fed541722fa5668a7d90ff8d6b81c1db6
Details	sha256	1	eab20d4c0eeff48e7e1b6b59d79cd169cac277aeb5f91f462f838fcd6835e0ac
Details	sha256	1	eda6d901c7d94cbd1c827dfa7c518685b611de85f4708a6701fcbf1a3f101768
Details	MITRE ATT&CK Techniques	17	T1444
Details	MITRE ATT&CK Techniques	13	T1476
Details	MITRE ATT&CK Techniques	14	T1575
Details	MITRE ATT&CK Techniques	16	T1402
Details	MITRE ATT&CK Techniques	6	T1508
Details	MITRE ATT&CK Techniques	23	T1418
Details	MITRE ATT&CK Techniques	16	T1420
Details	MITRE ATT&CK Techniques	25	T1426
Details	MITRE ATT&CK Techniques	9	T1433
Details	MITRE ATT&CK Techniques	11	T1432
Details	MITRE ATT&CK Techniques	12	T1517
Details	MITRE ATT&CK Techniques	22	T1429
Details	MITRE ATT&CK Techniques	10	T1512
Details	MITRE ATT&CK Techniques	14	T1412
Details	MITRE ATT&CK Techniques	19	T1533
Details	MITRE ATT&CK Techniques	16	T1513
Details	MITRE ATT&CK Techniques	3	T1438
Details	MITRE ATT&CK Techniques	13	T1437
Details	MITRE ATT&CK Techniques	3	T1544
Details	MITRE ATT&CK Techniques	10	T1532
Details	MITRE ATT&CK Techniques	7	T1447
Details	Threat Actor Identifier - APT-C	79	APT-C-23