IOC Radar
TLP:WHITE1 IOC

OnionDrop Loader Uses Nation-State-Grade Evasion to Deliver LegionLoader, CGrabber, and Vidar

CP
Cyber Press
Published June 16, 2026Original Report

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREgainmsg.comCAPABILITYVidarVICTIMunknown
Adversary
Infrastructure(1)
Capability(1)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise1

TypeIndicatorConfidenceScoreFirst Seen
Domaingainmsg.com
anonymizationc2intel-blog
High
58
Jun 17, 26

IOC Relationship Graph

IOC Relationship Graph1 total IOCs
Domain
Domain1Malware1REPORTOnionDrop Loader Uses NatiVidar
scroll to zoom · drag to pan · click IOC to open