← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
ThreatFox Hunt: Vidar IOCs - 2026-01-30
WHITE pduggusa 2026-01-30 Modified: 2026-03-01
22
IOCs
MEDIUM VOLUME
Automated ThreatFox hunt for Vidar indicators. 28 IOCs collected via Pattern 49 intelligence streaming. MITRE ATT&CK: T1555.003, T1539, T1005, T1041. Reference: https://analytics.dugganusa.com
vidarthreatfoxautomated-huntpattern-49dugganusastealercredential-theft
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Vidar
Indicators of Compromise (22)
All URL hostname
TYPEINDICATORDESCRIPTIONCREATED
URL https://csp.cloudvaly.com/ Vidar botnet_cc - ThreatFox ID: 1738607 2026-01-30
URL https://csp.beznervov.com/ Vidar botnet_cc - ThreatFox ID: 1738608 2026-01-30
hostname csp.cloudvaly.com Vidar botnet_cc - ThreatFox ID: 1738609 2026-01-30
hostname csp.beznervov.com Vidar botnet_cc - ThreatFox ID: 1738610 2026-01-30
URL https://tor.cloudvaly.com/ Vidar botnet_cc - ThreatFox ID: 1738689 2026-01-30
URL https://tor.beznervov.com/ Vidar botnet_cc - ThreatFox ID: 1738690 2026-01-30
URL https://pov.cloudvaly.com/ Vidar botnet_cc - ThreatFox ID: 1738691 2026-01-30
URL https://pov.beznervov.com/ Vidar botnet_cc - ThreatFox ID: 1738692 2026-01-30
URL https://bek.cloudvaly.com/ Vidar botnet_cc - ThreatFox ID: 1738693 2026-01-30
URL https://bek.beznervov.com/ Vidar botnet_cc - ThreatFox ID: 1738694 2026-01-30
URL https://49.13.124.144/ Vidar botnet_cc - ThreatFox ID: 1738695 2026-01-30
URL https://49.13.33.221/ Vidar botnet_cc - ThreatFox ID: 1738696 2026-01-30
URL https://135.181.14.70/ Vidar botnet_cc - ThreatFox ID: 1738697 2026-01-30
URL https://37.27.63.113/ Vidar botnet_cc - ThreatFox ID: 1738698 2026-01-30
URL https://95.217.227.187/ Vidar botnet_cc - ThreatFox ID: 1738699 2026-01-30
URL https://178.17.59.34/ Vidar botnet_cc - ThreatFox ID: 1738700 2026-01-30
hostname bek.cloudvaly.com Vidar botnet_cc - ThreatFox ID: 1738701 2026-01-30
hostname bek.beznervov.com Vidar botnet_cc - ThreatFox ID: 1738702 2026-01-30
hostname pov.cloudvaly.com Vidar botnet_cc - ThreatFox ID: 1738703 2026-01-30
hostname pov.beznervov.com Vidar botnet_cc - ThreatFox ID: 1738704 2026-01-30
hostname tor.cloudvaly.com Vidar botnet_cc - ThreatFox ID: 1738705 2026-01-30
hostname tor.beznervov.com Vidar botnet_cc - ThreatFox ID: 1738706 2026-01-30
References (2)
↗ https://analytics.dugganusa.com/api/v1/stix-feed/v2 ↗ https://threatfox.abuse.ch