Extracting a 19 Year Old Code Execution from WinRAR - Check Point Research
Tags
attack-pattern: Data Manual Modification File Deletion - T1070.004 File Deletion - T1630.002 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 File Deletion - T1107
Show in Graph
Common Information
Type Value
UUID b1c1a6e2-2a76-497b-8e70-71d8a58f0963
Fingerprint 6282025b6b27d9a5
Analysis status DONE
Considered CTI value 2
Text language
Published Feb. 20, 2019, 2 p.m.
Added to db Feb. 18, 2023, 1:02 a.m.
Last updated Nov. 17, 2024, 7:44 p.m.
Headline Extracting a 19 Year Old Code Execution from WinRAR
Title Extracting a 19 Year Old Code Execution from WinRAR - Check Point Research
Detected Hints/Tags/Attributes 57/1/15
Source URLs
Redirection Url
Details Source https://research.checkpoint.com/2019/extracting-code-execution-from-winrar/
Details Source https://research.checkpoint.com/extracting-code-execution-from-winrar/
URL Provider
Details Provider Source level domain
Details checkpoint.com research.checkpoint.com
Attributes
Details Type #Events CTI Value
Details CVE 31 
cve-2018-20250
Details CVE 3 
cve-2018-20251
Details CVE 2 
cve-2018-20252
Details CVE 2 
cve-2018-20253
Details Domain 4127 
github.com
Details Domain 1 
acefile.py
Details File 6 
unacev2.dll
Details File 1 
simple_file.txt
Details File 1 
simple_file.ace
Details File 1 
acefile.py
Details File 1 
c:\some_folder\some_file_.exe
Details File 1 
unacv2.dll
Details File 1 
c:\some_folder\some_file.txt
Details File 3 
some_file.exe
Details IPv4 38 
10.10.10.10