ioc[.]one - OSINT Cyber Threat Intelligence Database

May 17 CVE-2010-2883 PDF Bin Laden's successor from spoofed Nationalpost.com

Tags

country:	Canada China Hong Kong Thailand Singapore United States Of America
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Connection Proxy - T1090 Denial Of Service

Show in Graph

Common Information

Type	Value
UUID	4be52e1d-4acf-47de-9e92-8f0c0d810e5e
Fingerprint	75bc6c92ddba2cd2
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 31, 2011, 8:24 a.m.
Added to db	Jan. 18, 2023, 7:45 p.m.
Last updated	Nov. 17, 2024, 6:50 p.m.
Headline	UNKNOWN
Title	May 17 CVE-2010-2883 PDF Bin Laden's successor from spoofed Nationalpost.com
Detected Hints/Tags/Attributes	63/2/60

Source URLs

	Redirection	Url
Details	Source	http://contagiodump.blogspot.com/2011/05/may-17-cve-2010-2883-pdf-bin-ladens.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	contagiodump.blogspot.com

Attributes

Details	Type	#Events	Value
Details	CVE	38	cve-2010-2883
Details	CVE	13	cve-2010-3654
Details	CVE	43	cve-2009-4324
Details	CVE	26	cve-2009-0927
Details	CVE	11	cve-2008-0655
Details	CVE	79	cve-2010-3333
Details	Domain	1	nationalpost.com
Details	Domain	1	pccwglobal.com
Details	Domain	1	goto.canada.com
Details	Domain	1	postmedia.com
Details	Domain	1	www.offlinewebpage.com
Details	Domain	1	live-facebook.com
Details	Domain	1	live-msn.net
Details	Domain	1	offlinewebpage.com
Details	Domain	85	163.com
Details	Domain	2	dns1.51.net
Details	Domain	2	dns2.51.net
Details	Domain	1	msn.offlinewebpage.com
Details	Email	1	gpeter@nationalpost.com
Details	Email	1	cdownes@pccwglobal.com
Details	Email	1	usnoc@pccwglobal.com
Details	Email	1	abuse.ops@pccwglobal.com
Details	Email	1	webnames@postmedia.com
Details	File	12	cooltype.dll
Details	File	1	successor.pdf
Details	File	1	journals.pl
Details	File	63	report.html
Details	File	6	script.pdf
Details	File	37	exploit.pdf
Details	File	2	c:\documents and settings\mila\local settings\application data\windows\userinit.dll
Details	File	2	c:\documents and settings\mila\local settings\application data\windows\userinit.exe
Details	File	2	c:\documents and settings\mila\start menu\programs\startup\userinit.exe
Details	File	2	c:\documents and settings\all users\application data\desktop.bin
Details	File	50	userinit.exe
Details	File	2	desktop.bin
Details	File	1	qduxwfnfozvsrtkjprepggxrpnrvyst.htm
Details	md5	1	8E633588B3EE59DE09FE126D99869D2D
Details	md5	1	8e633588b3ee59de09fe126d99869d2d
Details	md5	1	5D4877E3603149372CA210A8D2B60492
Details	md5	1	4353E469D8B4A7BAE876C81D3CAAA0D1
Details	sha256	1	d9493b6243a0378859610748590de21dc4df36c287197fde13c507d3895f8be6
Details	IPv4	1	63.221.138.44
Details	IPv4	1	63.221.138.4
Details	IPv4	1	63.216.0.0
Details	IPv4	1	63.223.255.255
Details	IPv4	1	199.71.40.135
Details	IPv4	1	7.11.8.205
Details	IPv4	41	2.0.3.7
Details	IPv4	12	0.97.0.0
Details	IPv4	17	5.3.2.6
Details	IPv4	16	4.6.2.117
Details	IPv4	10	3.1.1.104
Details	IPv4	1	58.68.224.22
Details	IPv4	2	118.144.82.171
Details	IPv4	2	118.145.1.7
Details	IPv4	1441	127.0.0.1
Details	IPv4	1	114.248.80.32
Details	IPv4	1	114.240.0.0
Details	IPv4	2	114.255.255.255
Details	Url	1	http://www.virustotal.com/file-scan/report.html?id=d9493b6243a0378859610748590de21dc4df36c287197fde13c507d3895f8be6