Pulse Detail — Threat Intelligence

PULSE NAME

ThreatFox Hunt: Vidar IOCs - 2026-02-14

WHITE pduggusa 2026-02-14 Modified: 2026-03-16

IOCs

MEDIUM VOLUME

Automated ThreatFox hunt for Vidar indicators. 51 IOCs collected via Pattern 49 intelligence streaming. MITRE ATT&CK: T1555.003, T1539, T1005, T1041. Reference: https://analytics.dugganusa.com

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1555.003 T1539 T1005 T1041

MALWARE FAMILIES

Vidar

Indicators of Compromise (41)

All URL hostname domain

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	https://gts.emiraride.com/	Vidar botnet_cc - ThreatFox ID: 1746479	2026-02-14
URL	https://gts.megaexdistribuidora.com.br/	Vidar botnet_cc - ThreatFox ID: 1746480	2026-02-14
URL	https://mtg.emiraride.com/	Vidar botnet_cc - ThreatFox ID: 1746481	2026-02-14
URL	https://mtg.megaexdistribuidora.com.br/	Vidar botnet_cc - ThreatFox ID: 1746482	2026-02-14
URL	https://89.167.68.164/	Vidar botnet_cc - ThreatFox ID: 1746483	2026-02-14
URL	https://65.109.252.105/	Vidar botnet_cc - ThreatFox ID: 1746484	2026-02-14
URL	https://65.109.245.121/	Vidar botnet_cc - ThreatFox ID: 1746485	2026-02-14
URL	https://65.21.182.91/	Vidar botnet_cc - ThreatFox ID: 1746486	2026-02-14
URL	https://77.42.49.62/	Vidar botnet_cc - ThreatFox ID: 1746487	2026-02-14
URL	https://89.167.8.65/	Vidar botnet_cc - ThreatFox ID: 1746488	2026-02-14
URL	https://65.109.254.225/	Vidar botnet_cc - ThreatFox ID: 1746489	2026-02-14
hostname	mtg.emiraride.com	Vidar botnet_cc - ThreatFox ID: 1746490	2026-02-14
hostname	mtg.megaexdistribuidora.com.br	Vidar botnet_cc - ThreatFox ID: 1746491	2026-02-14
hostname	gts.emiraride.com	Vidar botnet_cc - ThreatFox ID: 1746492	2026-02-14
hostname	gts.megaexdistribuidora.com.br	Vidar botnet_cc - ThreatFox ID: 1746493	2026-02-14
URL	https://zor.emiraride.com/	Vidar botnet_cc - ThreatFox ID: 1746868	2026-02-14
URL	https://zor.megaexdistribuidora.com.br/	Vidar botnet_cc - ThreatFox ID: 1746869	2026-02-14
hostname	zor.emiraride.com	Vidar botnet_cc - ThreatFox ID: 1746870	2026-02-14
hostname	zor.megaexdistribuidora.com.br	Vidar botnet_cc - ThreatFox ID: 1746871	2026-02-14
domain	gardenscup.com	Vidar payload_delivery - ThreatFox ID: 1746935	2026-02-14
URL	https://mzg.emiraride.com/	Vidar botnet_cc - ThreatFox ID: 1746937	2026-02-14
URL	https://mzg.megaexdistribuidora.com.br/	Vidar botnet_cc - ThreatFox ID: 1746938	2026-02-14
hostname	mzg.emiraride.com	Vidar botnet_cc - ThreatFox ID: 1746939	2026-02-14
hostname	mzg.megaexdistribuidora.com.br	Vidar botnet_cc - ThreatFox ID: 1746940	2026-02-14
URL	https://huu.emiraride.com/	Vidar botnet_cc - ThreatFox ID: 1747444	2026-02-14
URL	https://huu.megaexdistribuidora.com.br/	Vidar botnet_cc - ThreatFox ID: 1747445	2026-02-14
URL	https://46.224.11.92/	Vidar botnet_cc - ThreatFox ID: 1747446	2026-02-14
URL	https://151.247.22.188/	Vidar botnet_cc - ThreatFox ID: 1747447	2026-02-14
URL	https://151.247.22.211/	Vidar botnet_cc - ThreatFox ID: 1747448	2026-02-14
URL	https://46.225.137.109/	Vidar botnet_cc - ThreatFox ID: 1747449	2026-02-14
URL	https://151.247.22.212/	Vidar botnet_cc - ThreatFox ID: 1747450	2026-02-14
hostname	huu.emiraride.com	Vidar botnet_cc - ThreatFox ID: 1747451	2026-02-14
hostname	huu.megaexdistribuidora.com.br	Vidar botnet_cc - ThreatFox ID: 1747452	2026-02-14
URL	https://pst.emiraride.com/	Vidar botnet_cc - ThreatFox ID: 1747477	2026-02-14
URL	https://pst.megaexdistribuidora.com.br/	Vidar botnet_cc - ThreatFox ID: 1747478	2026-02-14
hostname	pst.emiraride.com	Vidar botnet_cc - ThreatFox ID: 1747479	2026-02-14
hostname	pst.megaexdistribuidora.com.br	Vidar botnet_cc - ThreatFox ID: 1747480	2026-02-14
URL	https://gor.emiraride.com/	Vidar botnet_cc - ThreatFox ID: 1747538	2026-02-14
URL	https://gor.megaexdistribuidora.com.br/	Vidar botnet_cc - ThreatFox ID: 1747539	2026-02-14
hostname	gor.emiraride.com	Vidar botnet_cc - ThreatFox ID: 1747540	2026-02-14
hostname	gor.megaexdistribuidora.com.br	Vidar botnet_cc - ThreatFox ID: 1747541	2026-02-14

References (2)

↗ https://analytics.dugganusa.com/api/v1/stix-feed/v2 ↗ https://threatfox.abuse.ch