← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Winter Vivern summer campaign
WHITE Wintervivern AlienVault 2021-09-28 Modified: 2021-09-28
33
IOCs
MEDIUM VOLUME
In July, 2021, researchers found a currently active infection campaign attributed to a group referred as Wintervivern after a report published by the research team from DomainTools.
wintervivernsharpshooter
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
SharpShooter
Indicators of Compromise (6 / 33 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 24ff451168937cdb4ee9a63a42485b548c980288 SHA1 of c34e98a31246f0903d4742dcf0a9890d5328ba8a1897fcf9cd803e104591ed5f 2021-09-28
FileHash-SHA1 47049d87ed32060f9827f3a275b38042a35dcfab SHA1 of 2f52434696f98c9668a85f1af5dd4af2be729a7971f878ca9125731e27c63c50 2021-09-28
FileHash-SHA1 6cbfb9c5e112443576e96edf427b3461a626eda0 SHA1 of 94f45ba55420961451afd1b70657375ec64b7697a515a37842478a5009694cfa 2021-09-28
FileHash-SHA1 952d4471b78d2f4fbbff396ce7895e31e47985ef SHA1 of 0303936e7341b47b797b42b6911101d72a82f38faa263898c5993e7ee90107cc 2021-09-28
FileHash-SHA1 ceec36e6c881b957b52d30cc9848eb53fffb32d5 2021-09-28
FileHash-SHA1 d7aed9fce2ec209b135422cf0430e95a0403c0ca SHA1 of 2a176721b35543d7f4d9e3d24a7c50e0ea57d7eaa251c6b24985d5266a6a977a 2021-09-28
References (1)
↗ https://lab52.io/blog/winter-vivern-all-summer/