VTPRACTITIONERS{ACRONIS}: Tracking FileFix, Shadow Vector, and SideWinder

Acronis Threat Research Unit demonstrates practical VirusTotal-driven threat hunting across multiple active campaigns — FileFix (clipboard-based web payloads and steganographic stages), SideWinder (document-based targeted intrusions leveraging CVE-2017-0199/11882 against South Asia), and Shadow Vector (judicial-themed malicious SVGs targeting Colombia). The report details iterative Livehunt/YARA rule development, retrohunt and VT Diff usage, pivoting on metadata, hashes and domains, example IoCs and detection rules, and recommended hunting and defensive practices.