Sep 15 CVE-2010-2883 Adobe 0-Day PDF US Government Programs to Pay Medical Expenses from rodney.cadataa@gmail.com
Tags
| country: | China United States Of America |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Connection Proxy - T1090 Rootkit - T1014 Rootkit |
Common Information
| Type | Value |
|---|---|
| UUID | 8681bf2c-7b25-49f8-bef1-d6e3e1bd5bbf |
| Fingerprint | b4228553e7320db0 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 16, 2010, 1:26 p.m. |
| Added to db | Jan. 18, 2023, 7:45 p.m. |
| Last updated | Nov. 17, 2024, 11:36 p.m. |
| Headline | UNKNOWN |
| Title | Sep 15 CVE-2010-2883 Adobe 0-Day PDF US Government Programs to Pay Medical Expenses from rodney.cadataa@gmail.com |
| Detected Hints/Tags/Attributes | 53/3/58 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 38 | cve-2010-2883 |
|
| Details | Domain | 1175 | gmail.com |
|
| Details | Domain | 19 | vnd.ms |
|
| Details | Domain | 1 | www.mysundayparty.com |
|
| Details | Domain | 46 | www.yahoo.com |
|
| Details | Domain | 4 | mysundayparty.com |
|
| Details | Domain | 54 | godaddy.com |
|
| Details | Domain | 14 | www.godaddy.com |
|
| Details | Domain | 287 | yahoo.com |
|
| Details | Domain | 3 | ns09.domaincontrol.com |
|
| Details | Domain | 3 | ns10.domaincontrol.com |
|
| Details | Domain | 22 | anubis.iseclab.org |
|
| Details | 2 | rodney.cadataa@gmail.com |
||
| Details | 1 | g.debbei_x@yahoo.com |
||
| Details | File | 2 | programs.pdf |
|
| Details | File | 63 | report.html |
|
| Details | File | 37 | exploit.pdf |
|
| Details | File | 16 | behaveslike.pdf |
|
| Details | File | 10 | clip.exe |
|
| Details | File | 1 | eparty.dll |
|
| Details | File | 1 | eparty.exe |
|
| Details | File | 146 | wininet.dll |
|
| Details | File | 2 | serverdll.dll |
|
| Details | File | 1 | pdeparty.tmp |
|
| Details | File | 1 | gdeparty.tmp |
|
| Details | File | 1 | peparty.tmp |
|
| Details | File | 1 | geparty.tmp |
|
| Details | File | 7 | kys_allow_get.asp |
|
| Details | File | 199 | firefox.exe |
|
| Details | File | 173 | outlook.exe |
|
| Details | File | 263 | iexplore.exe |
|
| Details | File | 3 | kys_allow_put.asp |
|
| Details | File | 32 | prefs.js |
|
| Details | File | 3 | win32.cs |
|
| Details | md5 | 1 | 32dbd816b0b08878bd332eee299bbec4 |
|
| Details | md5 | 1 | 0ade988a4302a207926305618b4dad01 |
|
| Details | md5 | 1 | 68f5a1faff35ad1ecaa1654b288f6cd9 |
|
| Details | sha256 | 1 | 152a18a1f684c00ef4f5d80d2a158a3e84929affe72258d1b2efcad63989cbf3 |
|
| Details | sha256 | 1 | cf656854e07999b89e1e751f0865a22c88e18b60019937eb99f95709b06d169c |
|
| Details | IPv4 | 1 | 10.224.61.12 |
|
| Details | IPv4 | 1 | 10.229.213.18 |
|
| Details | IPv4 | 59 | 7.0.0.125 |
|
| Details | IPv4 | 26 | 10.0.2.7 |
|
| Details | IPv4 | 39 | 7.0.3.5 |
|
| Details | IPv4 | 9 | 101.1.1.7 |
|
| Details | IPv4 | 4 | 1.9.0.7 |
|
| Details | IPv4 | 5 | 68.178.232.100 |
|
| Details | IPv4 | 1 | 8.2.4.52 |
|
| Details | IPv4 | 28 | 5.2.0.5 |
|
| Details | IPv4 | 8 | 4.6.1.107 |
|
| Details | IPv4 | 4 | 3.12.14.0 |
|
| Details | Url | 1 | http://www.virustotal.com/file-scan/report.html?id=152a18a1f684c00ef4f5d80d2a158a3e84929affe72258d1b2efcad63989cbf3 |
|
| Details | Url | 8 | http://www.yahoo.com |
|
| Details | Url | 1 | https://www.mysundayparty.com/asp/kys_allow_get.asp?name=getkys.kys |
|
| Details | Url | 1 | https://www.mysundayparty.com/asp/kys_allow_get.asp?name= |
|
| Details | Url | 5 | http://www.godaddy.com |
|
| Details | Url | 1 | http://anubis.iseclab.org/?action=result&task_id=168dda0c90f205044514f313c5920ae89&format=html |
|
| Details | Url | 1 | http://www.virustotal.com/file-scan/report.html?id=cf656854e07999b89e1e751f0865a22c88e18b60019937eb99f95709b06d169c |