ioc[.]one - OSINT Cyber Threat Intelligence Database

DNS on fire

Show in Graph

Common Information

Type	Value
UUID	6f7f4afb-2a36-4fc3-a483-6797191e0ec0
Fingerprint	e434e25b3e43f201b03a63251143fab6a0eccaebc03df6948860d56f75e57bd1
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 7, 2019, 9:58 a.m.
Added to db	April 14, 2024, 2:05 a.m.
Last updated	Aug. 31, 2024, 2:24 a.m.
Headline	DNS on fire
Title	DNS on fire
Detected Hints/Tags/Attributes	124/3/85

Source URLs

	Redirection	Url
Details	Source	https://www.virusbulletin.com/uploads/pdf/magazine/2019/VB2019-Mercer-Rascagneres.pdf

URL Provider

Details	Provider	Source level domain
Details	virusbulletin.com	www.virusbulletin.com

Attributes

Details	Type	#Events	Value
Details	CVE	5	cve-2009-1151
Details	CVE	57	cve-2014-6271
Details	CVE	7	cve-2017-3881
Details	CVE	5	cve-2017-6736
Details	CVE	12	cve-2017-12617
Details	CVE	12	cve-2018-0296
Details	CVE	56	cve-2018-7600
Details	CVE	20	cve-2014-7169
Details	CVE	12	cve-2014-7186
Details	CVE	12	cve-2014-7187
Details	CVE	15	cve-2014-6277
Details	Domain	247	www.virusbulletin.com
Details	Domain	164	cisco.com
Details	Domain	64	www.talosintelligence.com
Details	Domain	5	hr-wipro.com
Details	Domain	4	wipro.com
Details	Domain	4	hr-suncor.com
Details	Domain	4	suncor.com
Details	Domain	1	ce36o.com
Details	Domain	1	nance.gov.lb
Details	Domain	3	adpvpn.adpolice.gov.ae
Details	Domain	2	mail.mgov.ae
Details	Domain	2	mail.apc.gov.ae
Details	Domain	2	memail.mea.com.lb
Details	Domain	1	netnod.se
Details	Domain	3	ns1.intersecdns.com
Details	Domain	3	ns2.intersecdns.com
Details	Domain	2	ns1.lcjcomputing.com
Details	Domain	2	ns2.lcjcomputing.com
Details	Domain	2	ns1.rootdnservers.com
Details	Domain	2	ns2.rootdnservers.com
Details	Domain	2	rootdnservers.com
Details	Domain	3	sa1.dnsnode.net
Details	Domain	2	root-server.net
Details	Domain	261	blog.talosintelligence.com
Details	Domain	3	www.netnod.se
Details	Domain	68	tools.ietf.org
Details	Domain	21	www.iana.org
Details	Domain	27	www.icann.org
Details	Domain	2	root-servers.org
Details	Domain	145	www.us-cert.gov
Details	Domain	172	www.crowdstrike.com
Details	Domain	641	nvd.nist.gov
Details	Domain	1	www.cafax.se
Details	Domain	768	www.youtube.com
Details	Email	1	prascagn}@cisco.com
Details	File	2	svshost_serv.doc
Details	File	2	svshost_serv.exe
Details	File	1	gure.txt
Details	File	85	log.txt
Details	File	816	index.html
Details	File	2	adpvpn.adp
Details	File	1	middle-east.html
Details	File	5	seaturtle.html
Details	File	2	swimming.html
Details	File	2	system.pdf
Details	File	17	home.html
Details	IPv4	1	104.17.59.76
Details	IPv4	4	185.20.184.138
Details	IPv4	3	0.1.0.3
Details	IPv4	4	100.105.114.0
Details	IPv4	5	185.161.211.72
Details	IPv4	6	185.20.187.8
Details	Url	1	http://hr-suncor.com/suncor_
Details	Url	3	http://ip/index.html?id=xx
Details	Url	1	https://blog.talosintelligence.com/2018/11/dnspionage-campaign-targets-
Details	Url	4	https://blog.talosintelligence
Details	Url	2	https://blog.talosintelligence.com/2019/07/sea-turtle-keeps-on-
Details	Url	1	https://www.netnod.se/news/statement-on-man-in-the-middle-attack-against-netnod.
Details	Url	1	https://tools.ietf.org/html/rfc5730.
Details	Url	1	https://www.iana.org/domains/root/servers.
Details	Url	1	https://www.icann.org
Details	Url	1	https://root-servers.org/news/20190314-rootops_statement_integrity_of_root_server_
Details	Url	1	https://www.us-cert.gov/ncas/alerts/aa19-024a.
Details	Url	3	https://www.crowdstrike.com/blog/widespread-dns-hijacking-activity-targets-
Details	Url	1	https://nvd.nist.gov/vuln/detail/cve-2009-1151.
Details	Url	1	https://nvd.nist.gov/vuln/detail/cve-2014-6271.
Details	Url	2	https://www.us-cert.gov/ncas
Details	Url	1	https://nvd.nist.gov/vuln/detail/cve-2017-3881.
Details	Url	1	https://nvd.nist.gov/vuln/detail/cve-2017-6736.
Details	Url	1	https://nvd.nist.gov/vuln/detail/cve-2017-12617.
Details	Url	1	https://nvd.nist.gov/vuln/detail/cve-2018-0296.
Details	Url	1	https://nvd.nist.gov/vuln/detail/cve-2018-7600.
Details	Url	1	http://www.cafax.se/home.html
Details	Url	1	https://www.youtube.com/watch?v=onf6te75mzg