ioc[.]one - OSINT Cyber Threat Intelligence Database

Jul 28 CVE-2009-4324 PDF 990729 Summary of Network Intelligence from ljw@gsn.gov.tw 210.69.115.235

Tags

country:	Taiwan
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Server - T1583.004 Server - T1584.004 Rootkit - T1014 Rootkit

Show in Graph

Common Information

Type	Value
UUID	6c60a69e-8db9-493d-a16c-c93f2b15225c
Fingerprint	b5b0277b46c42482
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 28, 2010, 12:01 a.m.
Added to db	Jan. 18, 2023, 7:45 p.m.
Last updated	Nov. 15, 2024, 12:49 a.m.
Headline	UNKNOWN
Title	Jul 28 CVE-2009-4324 PDF 990729 Summary of Network Intelligence from ljw@gsn.gov.tw 210.69.115.235
Detected Hints/Tags/Attributes	43/3/54

Source URLs

	Redirection	Url
Details	Source	http://contagiodump.blogspot.com/2010/08/jul-28-cve-2009-4324-pdf-990729-romance.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	contagiodump.blogspot.com

Attributes

Details	Type	#Events	Value
Details	CVE	43	cve-2009-4324
Details	CVE	19	cve-2010-1297
Details	Domain	1	gsn.gov.tw
Details	Domain	23	doc.media
Details	Domain	9	yahoo.com.tw
Details	Domain	287	yahoo.com
Details	Domain	1	mail2000.tccg.gov.tw
Details	Domain	1	ymu054-189.ym.edu.tw
Details	Domain	2	oltnsck.dnsrd.com
Details	Domain	14	www.robtex.com
Details	Domain	1	dnsrd.com
Details	Domain	2	ymu034-094.ym.edu.tw
Details	Domain	4	changeip.org
Details	Domain	3	ns3.changeip.org
Details	Domain	8	changeip.com
Details	Email	1	ljw@gsn.gov.tw
Details	Email	1	agefr6nt@yahoo.com.tw
Details	Email	1	agefr6nt@yahoo.com.twsubject
Details	File	1	-990729.pdf
Details	File	63	report.html
Details	File	37	exploit.pdf
Details	File	16	behaveslike.pdf
Details	File	1	jqc.exe
Details	File	33	1.pdf
Details	File	3	packed.asp
Details	File	1	aws7838.jsp
Details	File	16	com.html
Details	md5	2	738af108a6edd46536492b1782589a04
Details	md5	1	d27e5643f1e5422be6cba2d98506ebbf
Details	sha256	1	c1d9cd02799bbb45aa6a37a16f2da1dca86f55e474b0a33e0034232c176b5f99
Details	sha256	1	26a0711f9cb1dc0d53e524ed9b90f3356c8e5c4c4b6da942d8371662e800fcd5
Details	sha256	1	7224943665fb630f371aeef1f8d6402ce4e53150c1fd8ff044977c659b514fdd
Details	IPv4	1	210.69.115.235
Details	IPv4	1	192.168.4.154
Details	IPv4	28	5.2.0.5
Details	IPv4	8	4.6.1.107
Details	IPv4	1	8.2.4.38
Details	IPv4	4	0.96.2.0
Details	IPv4	4	5.0.0.37
Details	IPv4	3	4.1.143.0
Details	IPv4	6	3.1.1.88
Details	IPv4	26	10.0.2.7
Details	IPv4	39	7.0.3.5
Details	IPv4	9	101.1.1.7
Details	IPv4	4	3.12.14.0
Details	IPv4	10	5.0.27.0
Details	IPv4	1	120.126.54.189
Details	IPv4	2	120.126.34.94
Details	IPv4	3	204.16.173.30
Details	IPv4	1	140.112.155.252
Details	Url	1	http://www.virustotal.com/file-scan/report.html?id=c1d9cd02799bbb45aa6a37a16f2da1dca86f55e474b0a33e0034232c176b5f99
Details	Url	1	http://www.virustotal.com/file-scan/report.html?id=26a0711f9cb1dc0d53e524ed9b90f3356c8e5c4c4b6da942d8371662e800fcd5
Details	Url	1	http://www.virustotal.com/file-scan/report.html?id=7224943665fb630f371aeef1f8d6402ce4e53150c1fd8ff044977c659b514fdd
Details	Url	1	http://www.robtex.com/dns/oltnsck.dnsrd.com.html