Another malicious document with CVE-2017–11882
Tags
attack-pattern: Data Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 9c49a36e-74e4-4504-8422-0a30e16a393f
Fingerprint b1749902348c5687
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 3, 2019, 10:56 a.m.
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Another malicious document with CVE-2017–11882
Title Another malicious document with CVE-2017–11882
Detected Hints/Tags/Attributes 14/1/21
Source URLs
Redirection Url
Details Source https://tradahacking.vn/another-malicious-document-with-cve-2017-11882-839e9c0bbf2f
URL Provider
Details Provider Source level domain
Details tradahacking.vn tradahacking.vn
Attributes
Details Type #Events CTI Value
Details CVE 375 
cve-2017-11882
Details Domain 1 
tradahacking.vn
Details Domain 5 
skylineqaz.crabdance.com
Details Domain 3 
ylineqaz-y25ja.crabdance.com
Details File 57 
eqnedt32.exe
Details File 2 
iassvcs.exe
Details File 104 
sqlite3.dll
Details File 20 
rastls.dll
Details File 1 
189afe4.tmp
Details File 1 
%appdata%\iiswebclient\iassvcs.exe
Details File 1 
%appdata%\iiswebclient\sqlite3.dll
Details File 1 
%appdata%\iiswebclient\rastls.dll
Details md5 1 
62944E26B36B1DCACE429AE26BA66164
Details md5 1 
FEE0B982AF421FF8C16C0187B376B086
Details md5 1 
C6A73E29C770065B4911EF46285D6557
Details sha1 1 
8d7425ae30fd2d5196ec4dcd2540b31a0d26772f
Details sha256 4 
c580d77722d85238ed76689a17b0205b4d980c010bef9616b8611ffba21b142e
Details Url 1 
https://tradahacking.vn/lĂ -1937cn-hay-oceanlotus-hay-lazarus-6ca15fe1b241
Details Windows Registry Key 29 
HKEY_CURRENT_USER\Software
Details Windows Registry Key 1 
HKCU\Software\Microsoft\windows
Details Windows Registry Key 1 
HKEY_CURRENT_USER\Software\Direct3D