ioc[.]one - OSINT Cyber Threat Intelligence Database

Kaspersky Word template

Show in Graph

Common Information

Type	Value
UUID	733b4aac-1bf2-4241-9289-d1c0c7deb342
Fingerprint	b7cf61434cb485baafd9c3205f64c0cc8f1fa2302f9405a16cd421e888f4973e
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 27, 2013, 5:07 p.m.
Added to db	Oct. 1, 2024, 2:27 p.m.
Last updated	Oct. 1, 2024, 3 p.m.
Headline	Kaspersky Word template
Title	Kaspersky Word template
Detected Hints/Tags/Attributes	112/3/85

Source URLs

	Redirection	Url
Details	Source	https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/08083618/themysteryofthepdf0-dayassemblermicrobackdoor.pdf
Details	Source	https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/20134932/themysteryofthepdf0-dayassemblermicrobackdoor.pdf
Details	Source	https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2013/03/22110148/themysteryofthepdf0-dayassemblermicrobackdoor.pdf

URL Provider

Details	Provider	Source level domain
Details	kasperskycontenthub.com	media.kasperskycontenthub.com

Attributes

Details	Type	#Events	Value
Details	CVE	11	cve-2013-0640
Details	Domain	3	blog.fireeye.com
Details	Domain	4	blog.crysys.hu
Details	Domain	8	blog.seculert.com
Details	Domain	2	www.geoiptool.com
Details	Domain	1	tsoftonline.com
Details	Domain	80	www.adobe.com
Details	Domain	1	arabooks.ch
Details	Domain	1	artas.org
Details	Domain	1	www.eamtm.com
Details	Domain	2	news.grouptumbler.com
Details	Domain	122	www.kaspersky.com
Details	File	1	beast.html
Details	File	63	report.html
Details	File	1	tukey.pdf
Details	File	1	action_plan.pdf
Details	File	3	asem_seminar.pdf
Details	File	1	euag_report.pdf
Details	File	29	report.pdf
Details	File	3	association.pdf
Details	File	2	turkey.pdf
Details	File	3	apispy32.exe
Details	File	5	apimonitor.exe
Details	File	3	winapioverride32.exe
Details	File	74	procmon.exe
Details	File	29	filemon.exe
Details	File	22	regmon.exe
Details	File	3	winspy.exe
Details	File	71	wireshark.exe
Details	File	30	dumpcap.exe
Details	File	22	tcpdump.exe
Details	File	29	tcpview.exe
Details	File	22	windump.exe
Details	File	3	netsniffer.exe
Details	File	4	iris.exe
Details	File	2	comview.exe
Details	File	40	ollydbg.exe
Details	File	35	windbg.exe
Details	File	2	odb.exe
Details	File	11	immunitydebugger.exe
Details	File	3	syser.exe
Details	File	11	idag.exe
Details	File	3	idag64.exe
Details	File	14	petools.exe
Details	File	44	vboxtray.exe
Details	File	42	vboxservice.exe
Details	File	64	procexp.exe
Details	File	8	vmtools.exe
Details	File	28	vmwaretray.exe
Details	File	30	vmwareuser.exe
Details	File	2	stat.bin
Details	File	1206	index.php
Details	File	29	www.geo
Details	File	1	xml.dat
Details	File	1	number+.gif
Details	File	1	1109821546.gif
Details	File	13	feed.php
Details	File	1	apsb13-07.html
Details	File	27	exploit.js
Details	File	1	in-turn-its-pdf-time.html
Details	md5	3	3668b018b4bb080d1875aee346e3650a
Details	md5	3	88292d7181514fda5390292d73da28d4
Details	md5	3	3f301758aa3d5d123a9ddbad1890853b
Details	md5	3	0cdf55626e56ffbf1b198beb4f6ed559
Details	md5	3	cf5a5239ada9b43592757c0d7bf66169
Details	md5	3	c03bcb0cde62b3f45b4d772ab635e2b0
Details	md5	4	1e1b0d16a16cf5c7f3a7c053ce78f515
Details	md5	1	53db085a276ebbf5798ba756cac833ea
Details	md5	2	6bc34809e44c40b61dd29e0a387ee682
Details	IPv4	1441	127.0.0.1
Details	IPv4	1	194.38.160.153
Details	IPv4	1	95.128.72.24
Details	IPv4	1	72.34.47.186
Details	IPv4	1	188.40.99.143
Details	IPv4	2	200.63.46.23
Details	IPv4	1	85.95.236.114
Details	Pdb	1	c:\src\dlldropper\release\l2p.pdb
Details	Pdb	1	c:\src\hellodll\release\hellodll.pdb
Details	Url	1	http://blog.fireeye.com/research/2013/02/the-number-of-the-
Details	Url	3	http://blog.crysys.hu/2013/02/miniduke
Details	Url	1	http://blog.seculert.com/2013/02/spear-phishing-with-mandiant-apt-
Details	Url	1	http://tsoftonline.com/views/img/1109821546.gif
Details	Url	1	https://www.adobe.com/support/security/bulletins/apsb13-07.html
Details	Url	1	http://blog.fireeye.com/research/2013/02/in-turn-its-pdf-time.html
Details	Url	1	http://www.kaspersky.com/about/press/duqu