ioc[.]one - OSINT Cyber Threat Intelligence Database

May 31 CVE-2010-3333 DOC Q and A.doc compromised louisvilleheartsurgery.com w Trojan Taidoor

Tags

country:	Afghanistan China Japan United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Whois - T1596.002 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	3890ab57-02e2-4a31-b4aa-41c83921e64f
Fingerprint	56d0915ab004bdc6
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 13, 2011, 6:36 p.m.
Added to db	Jan. 18, 2023, 7:45 p.m.
Last updated	Nov. 18, 2024, 3:36 a.m.
Headline	UNKNOWN
Title	May 31 CVE-2010-3333 DOC Q and A.doc compromised louisvilleheartsurgery.com w Trojan Taidoor
Detected Hints/Tags/Attributes	100/3/222

Source URLs

	Redirection	Url
Details	Source	http://contagiodump.blogspot.com/2011/06/may-31-cve-2010-3333-doc-q-and-adoc.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	contagiodump.blogspot.com

Attributes

Details	Type	#Events	Value
Details	CVE	79	cve-2010-3333
Details	Domain	5	louisvilleheartsurgery.com
Details	Domain	4	mail.louisvilleheartsurgery.com
Details	Domain	1176	gmail.com
Details	Domain	4	ucsamd.com
Details	Domain	2	iosys.exe-078f7196.pf
Details	Domain	6	suspicious.cloud
Details	Domain	12	att.com
Details	Domain	52	whois.arin.net
Details	Domain	3	gatortech.com
Details	Domain	3	vortex.gatortech.com
Details	Domain	14	www.robtex.com
Details	Domain	3	dudleycarson.com
Details	Domain	3	sarasota-gulfcoast.com
Details	Domain	3	yourhometownsweethearts.com
Details	Domain	3	allstarrealtytony.com
Details	Domain	3	rightwaysales.com
Details	Email	2	cbricks@gmail.com
Details	Email	3	ipadmin@att.com
Details	File	5	a.doc
Details	File	63	report.html
Details	File	5	exploit.rtf
Details	File	6	qfgkt.php
Details	File	5	bbbbb.php
Details	File	1	%temp%\1.doc
Details	File	2	df3055.bat
Details	File	1122	svchost.exe
Details	File	1	winhlp.tmp
Details	File	1	c:\windows\prefetch\iosys.exe
Details	File	1	c:\documents and settings\mila\local settings\temp\1.doc
Details	File	4	sasfis.bk
Details	File	533	ntdll.dll
Details	File	29	1.doc
Details	File	7	flashutil.exe
Details	File	66	normal.dot
Details	File	2	winhp.tmp
Details	File	4	5.doc
Details	File	3	fvlbk.php
Details	File	3	epzkq.php
Details	File	3	vkreb.php
Details	File	3	wmssk.php
Details	File	3	ldtxh.php
Details	File	4	102.html
Details	File	2	iiohf.php
Details	File	2	figuq.php
Details	File	2	heisp.php
Details	File	2	qtcbv.php
Details	File	2	hlobe.php
Details	File	2	tlhdt.php
Details	File	2	vyqld.php
Details	File	2	ttlvm.php
Details	File	2	vocpb.php
Details	File	2	ixoga.php
Details	File	2	mrhfu.php
Details	File	2	uklxd.php
Details	File	2	mwmco.php
Details	File	2	mnopi.php
Details	File	2	janim.php
Details	File	2	ashlg.php
Details	File	2	ygzad.php
Details	File	2	bpomm.php
Details	File	2	rjjoe.php
Details	File	2	cslvv.php
Details	File	2	vghtg.php
Details	File	2	kbyny.php
Details	File	2	ypanf.php
Details	File	2	gmvrl.php
Details	File	2	xtjan.php
Details	File	2	ofypv.php
Details	File	2	luiae.php
Details	File	2	ksycs.php
Details	File	2	ydtff.php
Details	File	2	vskti.php
Details	File	2	tzdhx.php
Details	File	2	qgzrs.php
Details	File	2	gjyxf.php
Details	File	2	nhfwt.php
Details	File	2	uokpr.php
Details	File	2	tfbop.php
Details	File	2	mctvb.php
Details	File	2	qkyqc.php
Details	File	2	balzi.php
Details	File	2	nacey.php
Details	File	2	udgnd.php
Details	File	2	lwcnf.php
Details	File	2	zlkqq.php
Details	File	2	goydj.php
Details	File	2	adljt.php
Details	File	2	bzymc.php
Details	File	2	otcvx.php
Details	File	2	yjzbo.php
Details	md5	1	46863c6078905dab6fd9c2a480e30ad0
Details	md5	1	36555046056B10DFC0552A28A364FF73
Details	md5	1	4F1EAB340D9D94DA279B9D076EEE23CB
Details	md5	2	5EA58C5F12405A4E959234134123380D
Details	md5	2	D679CFCD2096E351DBBBB968B52B6C3C
Details	md5	1	9032D61FCAFEC94C2C52B38B9383A86C
Details	md5	1	9032d61fcafec94c2c52b38b9383a86c
Details	md5	2	5ea58c5f12405a4e959234134123380d
Details	sha256	1	0ad44b7a627f801cb92ffd73f63fc4d5d815ee225ba31bd5b1ed4906e94df365
Details	sha256	1	0bc5a0f0971b7f7221e81fbda2846f049db7cd512b469e4d25d5edaecee14964
Details	sha256	2	bb40b1e17e37e0fba0f40d42d2064e97d32cb20f1fc3ea49f33781c570182196
Details	IPv4	3	66.147.51.202
Details	IPv4	3	192.168.20.2
Details	IPv4	2	7.11.9.167
Details	IPv4	12	0.97.0.0
Details	IPv4	17	5.3.2.6
Details	IPv4	6	5.1.0.8
Details	IPv4	10	3.1.1.104
Details	IPv4	39	7.0.3.5
Details	IPv4	6	111.1.0.186
Details	IPv4	3	99.1.23.71
Details	IPv4	3	3.12.16.1
Details	IPv4	19	10.0.3.5
Details	IPv4	3	65.87.199.102
Details	IPv4	3	99.1.23.64
Details	Url	1	http://www.virustotal.com/file-scan/report.html?id=0ad44b7a627f801cb92ffd73f63fc4d5d815ee225ba31bd5b1ed4906e94df365
Details	Url	3	http://99.1.23.71/qfgkt.php?id=030696111d308d0e8d
Details	Url	4	http://aaaaa/bbbbb.php?id=xxxxxxyyyyyyyyyyyy
Details	Url	1	http://www.virustotal.com/file-scan/report.html?id=0bc5a0f0971b7f7221e81fbda2846f049db7cd512b469e4d25d5edaecee14964
Details	Url	2	http://www.virustotal.com/file-scan/report.html?id=bb40b1e17e37e0fba0f40d42d2064e97d32cb20f1fc3ea49f33781c570182196
Details	Url	3	http://99.1.23.71:443/epzkq.php?id=018399121212121212
Details	Url	3	http://99.1.23.71:443/vkreb.php?id=017322121212121212
Details	Url	3	http://65.87.199.102:443/vkreb.php?id=020437121212121212
Details	Url	3	http://www.robtex.com/ip/65.87.199.102.html
Details	Url	2	http://99.1.23.71:443/iiohf.php?id=029590121212121212
Details	Url	2	http://65.87.199.102:443/iiohf.php?id=024326121212121212
Details	Url	2	http://99.1.23.71:443/figuq.php?id=025431121212121212
Details	Url	2	http://65.87.199.102:443/figuq.php?id=017975121212121212
Details	Url	2	http://99.1.23.71:443/heisp.php?id=014218121212121212
Details	Url	2	http://65.87.199.102:443/heisp.php?id=013836121212121212
Details	Url	2	http://99.1.23.71:443/qtcbv.php?id=022665121212121212
Details	Url	2	http://65.87.199.102:443/qtcbv.php?id=003529121212121212
Details	Url	2	http://99.1.23.71:443/hlobe.php?id=004518121212121212
Details	Url	2	http://65.87.199.102:443/hlobe.php?id=009835121212121212
Details	Url	2	http://65.87.199.102:443/epzkq.php?id=012316121212121212
Details	Url	2	http://99.1.23.71:443/tlhdt.php?id=015598121212121212
Details	Url	2	http://65.87.199.102:443/tlhdt.php?id=026804121212121212
Details	Url	2	http://99.1.23.71:443/vyqld.php?id=024007121212121212
Details	Url	2	http://65.87.199.102:443/vyqld.php?id=008414121212121212
Details	Url	2	http://99.1.23.71:443/ttlvm.php?id=013126121212121212
Details	Url	2	http://65.87.199.102:443/ttlvm.php?id=022955121212121212
Details	Url	2	http://99.1.23.71:443/vocpb.php?id=011307121212121212
Details	Url	2	http://65.87.199.102:443/vocpb.php?id=006291121212121212
Details	Url	2	http://99.1.23.71:443/ixoga.php?id=008375121212121212
Details	Url	2	http://65.87.199.102:443/ixoga.php?id=019758121212121212
Details	Url	2	http://99.1.23.71:443/mrhfu.php?id=029330121212121212
Details	Url	2	http://65.87.199.102:443/mrhfu.php?id=010690121212121212
Details	Url	2	http://99.1.23.71:443/uklxd.php?id=002815121212121212
Details	Url	2	http://65.87.199.102:443/uklxd.php?id=008982121212121212
Details	Url	2	http://99.1.23.71:443/mwmco.php?id=031260121212121212
Details	Url	2	http://65.87.199.102:443/mwmco.php?id=028267121212121212
Details	Url	2	http://99.1.23.71:443/mnopi.php?id=028612121212121212
Details	Url	2	http://65.87.199.102:443/mnopi.php?id=023566121212121212
Details	Url	2	http://99.1.23.71:443/janim.php?id=006088121212121212
Details	Url	2	http://65.87.199.102:443/janim.php?id=030408121212121212
Details	Url	2	http://99.1.23.71:443/ashlg.php?id=002182121212121212
Details	Url	2	http://65.87.199.102:443/ashlg.php?id=016018121212121212
Details	Url	2	http://99.1.23.71:443/ygzad.php?id=011976121212121212
Details	Url	2	http://65.87.199.102:443/ygzad.php?id=020329121212121212
Details	Url	2	http://99.1.23.71:443/bpomm.php?id=020982121212121212
Details	Url	2	http://65.87.199.102:443/bpomm.php?id=002109121212121212
Details	Url	2	http://99.1.23.71:443/rjjoe.php?id=008994121212121212
Details	Url	2	http://65.87.199.102:443/rjjoe.php?id=015622121212121212
Details	Url	2	http://99.1.23.71:443/cslvv.php?id=028657121212121212
Details	Url	2	http://65.87.199.102:443/cslvv.php?id=009700121212121212
Details	Url	2	http://99.1.23.71:443/vghtg.php?id=002106121212121212
Details	Url	2	http://65.87.199.102:443/vghtg.php?id=018698121212121212
Details	Url	2	http://99.1.23.71:443/kbyny.php?id=010796121212121212
Details	Url	2	http://65.87.199.102:443/kbyny.php?id=032222121212121212
Details	Url	2	http://99.1.23.71:443/ypanf.php?id=017108121212121212
Details	Url	2	http://65.87.199.102:443/ypanf.php?id=024083121212121212
Details	Url	2	http://99.1.23.71:443/gmvrl.php?id=018065121212121212
Details	Url	2	http://65.87.199.102:443/gmvrl.php?id=003381121212121212
Details	Url	2	http://99.1.23.71:443/xtjan.php?id=027263121212121212
Details	Url	2	http://65.87.199.102:443/xtjan.php?id=010227121212121212
Details	Url	2	http://99.1.23.71:443/ofypv.php?id=015393121212121212
Details	Url	2	http://65.87.199.102:443/ofypv.php?id=023673121212121212
Details	Url	2	http://99.1.23.71:443/luiae.php?id=005768121212121212
Details	Url	2	http://65.87.199.102:443/luiae.php?id=022611121212121212
Details	Url	2	http://99.1.23.71:443/ksycs.php?id=024451121212121212
Details	Url	2	http://65.87.199.102:443/ksycs.php?id=023453121212121212
Details	Url	2	http://99.1.23.71:443/ydtff.php?id=025174121212121212
Details	Url	2	http://65.87.199.102:443/ydtff.php?id=010519121212121212
Details	Url	2	http://99.1.23.71:443/vskti.php?id=003464121212121212
Details	Url	2	http://65.87.199.102:443/vskti.php?id=030690121212121212
Details	Url	2	http://99.1.23.71:443/tzdhx.php?id=011630121212121212
Details	Url	2	http://65.87.199.102:443/tzdhx.php?id=028644121212121212
Details	Url	2	http://99.1.23.71:443/qgzrs.php?id=026953121212121212
Details	Url	2	http://65.87.199.102:443/qgzrs.php?id=002819121212121212
Details	Url	2	http://99.1.23.71:443/gjyxf.php?id=015749121212121212
Details	Url	2	http://65.87.199.102:443/gjyxf.php?id=012118121212121212
Details	Url	2	http://99.1.23.71:443/nhfwt.php?id=010929121212121212
Details	Url	2	http://65.87.199.102:443/nhfwt.php?id=003353121212121212
Details	Url	2	http://99.1.23.71:443/uokpr.php?id=022892121212121212
Details	Url	2	http://65.87.199.102:443/uokpr.php?id=016839121212121212
Details	Url	2	http://99.1.23.71:443/tfbop.php?id=001928121212121212
Details	Url	2	http://65.87.199.102:443/tfbop.php?id=019181121212121212
Details	Url	2	http://99.1.23.71:443/mctvb.php?id=016834121212121212
Details	Url	2	http://65.87.199.102:443/mctvb.php?id=020153121212121212
Details	Url	2	http://99.1.23.71:443/qkyqc.php?id=017507121212121212
Details	Url	2	http://65.87.199.102:443/qkyqc.php?id=022713121212121212
Details	Url	2	http://99.1.23.71:443/balzi.php?id=010407121212121212
Details	Url	2	http://65.87.199.102:443/balzi.php?id=001853121212121212
Details	Url	2	http://99.1.23.71:443/nacey.php?id=017409121212121212
Details	Url	2	http://65.87.199.102:443/nacey.php?id=007558121212121212
Details	Url	2	http://99.1.23.71:443/udgnd.php?id=000997121212121212
Details	Url	2	http://65.87.199.102:443/udgnd.php?id=030448121212121212
Details	Url	2	http://99.1.23.71:443/lwcnf.php?id=019193121212121212
Details	Url	2	http://65.87.199.102:443/lwcnf.php?id=013732121212121212
Details	Url	2	http://99.1.23.71:443/zlkqq.php?id=023888121212121212
Details	Url	2	http://65.87.199.102:443/zlkqq.php?id=024162121212121212
Details	Url	2	http://99.1.23.71:443/goydj.php?id=029390121212121212
Details	Url	2	http://65.87.199.102:443/goydj.php?id=006897121212121212
Details	Url	2	http://99.1.23.71:443/adljt.php?id=011083121212121212
Details	Url	2	http://65.87.199.102:443/adljt.php?id=022793121212121212
Details	Url	2	http://99.1.23.71:443/bzymc.php?id=017084121212121212
Details	Url	2	http://65.87.199.102:443/bzymc.php?id=004077121212121212
Details	Url	2	http://99.1.23.71:443/otcvx.php?id=020400121212121212
Details	Url	2	http://65.87.199.102:443/otcvx.php?id=021512121212121212
Details	Url	2	http://99.1.23.71:443/yjzbo.php?id=026078121212121212
Details	Url	2	http://65.87.199.102:443/yjzbo.php?id=018125121212121212