An (un)documented Word feature abused by attackers
Tags
attack-pattern: Data Exploits - T1587.004 Exploits - T1588.005 Malicious Link - T1204.001 Software - T1592.002 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID 7ce49ec4-6935-4b71-a244-06331e4ce219
Fingerprint 221e10136ca4ff66
Analysis status DONE
Considered CTI value 1
Text language
Published Sept. 18, 2017, 9 a.m.
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Nov. 6, 2024, 6:24 a.m.
Headline An (un)documented Word feature abused by attackers
Title An (un)documented Word feature abused by attackers
Detected Hints/Tags/Attributes 32/1/9
Source URLs
Redirection Url
Details Source https://securelist.com/an-undocumented-word-feature-abused-by-attackers/81899
Details Source https://securelist.com/an-undocumented-word-feature-abused-by-attackers/81899/
URL Provider
Details Provider Source level domain
Details securelist.com securelist.com
Attributes
Details Type #Events CTI Value
Details CVE 1 
cve-2002-1143
Details Domain 1 
evil-333.com
Details Domain 29 
www.cvedetails.com
Details Domain 114 
tools.cisco.com
Details File 1 
ccccccccc.php
Details IPv4 1 
2.16.5.33
Details Url 1 
http://evil-333.com/cccccccccccc/ccccccccc/ccccccccc.php?cccccccccc
Details Url 1 
http://www.cvedetails.com/cve/cve-2002-1143
Details Url 1 
https://tools.cisco.com/security/center/viewalert.x?alertid=4683