← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Winter Vivern | Uncovering a Wave of Global Espionage - SentinelOne
WHITE Winter Vivern CyberHunter_NL 2023-03-16 Modified: 2023-04-15
25
IOCs
MEDIUM VOLUME
The Winter Vivern Advanced Persistent Threat (APT) is a pro-Russian cyber-espionage group that targets government and private businesses, including those involved in the ongoing war in Ukraine.
winter vivernprev icefireaperetifcbzcukraineforeign affairspowershellthreatukraine certbelarusrussiaslovakialive
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Prev IceFire Winter Vivern
Indicators of Compromise (25)
All URL FileHash-SHA1 domain
TYPEINDICATORDESCRIPTIONCREATED
URL https://t.co/GrKYnp6Pih 2023-03-16
URL https://t.co/2B7fIPsrws 2023-03-16
FileHash-SHA1 0e41d3e3b464f3fb8c140340e6a85a376c6c1749 2023-03-16
FileHash-SHA1 0fe3fe479885dc4d9322b06667054f233f343e20 2023-03-16
FileHash-SHA1 83f00ee38950436527499769db5c7ecb74a9ea41 2023-03-16
FileHash-SHA1 a19d46251636fb46a013c7b52361b7340126ab27 2023-03-16
FileHash-SHA1 a574c5d692b86c6c3ee710af69fccbb908fe1bb8 2023-03-16
FileHash-SHA1 c7fa6727fe029c3eaa6d9d8bd860291d7e6e3dd0 2023-03-16
FileHash-SHA1 f39b260a9209013d9559173f12fbc2bd5332c52a 2023-03-16
URL http://ocs-romastassec.com/goog_comredira3cf7ed34f8.php 2023-03-16
URL https://applesaltbeauty.com/wordpress/wp-includes/widgets/classwp/521734i 2023-03-16
URL https://marakanas.com/Kkdn7862Jj6h2oDASGmpqU4Qq4q4.php 2023-03-16
URL https://marakanas.com/Kkdn7862Jj6h2oDASGmpqU4Qq4q4.php?idU=$a 2023-03-16
URL https://natply.com/wordpress/wp-includes/fonts/ch/097214o 2023-03-16
URL https://ocs-romastassec.com/goog_comredira3cf7ed34f8.php 2023-03-16
URL https://ocs-romastassec.com/goog_comredira3cf7ed34f8.php' 2023-03-16
domain applesaltbeauty.com 2023-03-16
domain bugiplaysec.com 2023-03-16
domain email.gov.in 2023-03-16
domain marakanas.com 2023-03-16
domain natply.com 2023-03-16
domain ocs-romastassec.com 2023-03-16
domain ocspdep.com 2023-03-16
domain security-ocsp.com 2023-03-16
domain troadsecow.com 2023-03-16
References (1)
↗ https://www.sentinelone.com/labs/winter-vivern-uncovering-a-wave-of-global-espionage/