Apr 5 CVE-2010-0188 PDF with Bifrose- nov varianty evro SPO SHA from lukin@mail.ru
Tags
| country: | China Czechia Poland Russia |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | bfb1b6fd-990d-49f7-bfb0-b61644749a56 |
| Fingerprint | aeaffb1f66439dce |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 5, 2010, 1:21 p.m. |
| Added to db | Jan. 18, 2023, 7:45 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | UNKNOWN |
| Title | Apr 5 CVE-2010-0188 PDF with Bifrose- nov varianty evro SPO SHA from lukin@mail.ru |
| Detected Hints/Tags/Attributes | 38/3/51 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 53 | cve-2010-0188 |
|
| Details | Domain | 246 | mail.ru |
|
| Details | Domain | 22 | anubis.iseclab.org |
|
| Details | Domain | 18 | robtex.com |
|
| Details | Domain | 1 | z-mgo.com |
|
| Details | Domain | 1 | e-yzr.com |
|
| Details | Domain | 1 | 7cxsp.com |
|
| Details | Domain | 1 | szeol.net |
|
| Details | Domain | 1 | star138.com |
|
| Details | Domain | 1 | my-public.sc.cninfo.net |
|
| Details | Domain | 1 | mail.sc.cninfo.net |
|
| Details | Domain | 1 | noc.cd.sc.cn |
|
| Details | 1 | lukin@mail.ru |
||
| Details | 1 | ipadmin@my-public.sc.cninfo.net |
||
| Details | 1 | anti-spam@mail.sc.cninfo.net |
||
| Details | 1 | security@mail.sc.cninfo.net |
||
| Details | 1 | zhangys@mail.sc.cninfo.net |
||
| Details | File | 1 | nov_varianty_evro_spo_sha.pdf |
|
| Details | File | 1 | %temp%\686953_res.tmp |
|
| Details | File | 1 | %temp%\688031_res.tmp |
|
| Details | File | 1 | %temp%\nov varianty evro spo sha.pdf |
|
| Details | File | 16 | %temp%\svchost.exe |
|
| Details | File | 1 | 686953_res.tmp |
|
| Details | File | 1 | 688031_res.tmp |
|
| Details | File | 1122 | svchost.exe |
|
| Details | md5 | 1 | 176fa5b6dbc10b78a6f21c18f2e4d211 |
|
| Details | md5 | 1 | 296ef9ae32909633c09320765bf2582f |
|
| Details | md5 | 1 | 2f881cd6f1a98bc8d7c9b67e15216a0b |
|
| Details | md5 | 1 | d4dc2d1b658b480973f9bebde0c33e3d |
|
| Details | sha256 | 1 | 12112cd97c7fb05f8b4719ce70f49e9ebab815cc11fab4263255c93e3455a659 |
|
| Details | sha256 | 1 | 1cd77175e3b1ecf366409ff362ef05180a4e8a21b08089e09e17341d2acbe478 |
|
| Details | sha256 | 1 | 13245d160694fd94275d35fb3978aa44544cee7f3df98b4b45b18b4b6287e0a9 |
|
| Details | sha256 | 1 | 3f6791d73f773dded5616a52fedba36606b0fbb198b80e9dd0c67dd553f90a6e |
|
| Details | IPv4 | 15 | 91.2.0.41 |
|
| Details | IPv4 | 1 | 7.10.6.30 |
|
| Details | IPv4 | 28 | 5.2.0.5 |
|
| Details | IPv4 | 10 | 4.5.1.85 |
|
| Details | IPv4 | 14 | 4.0.14.0 |
|
| Details | IPv4 | 25 | 10.0.2.2 |
|
| Details | IPv4 | 41 | 2.0.3.7 |
|
| Details | IPv4 | 59 | 7.0.0.125 |
|
| Details | IPv4 | 3 | 6.5.2.0 |
|
| Details | IPv4 | 5 | 3.12.12.4 |
|
| Details | IPv4 | 1 | 61.139.126.23 |
|
| Details | IPv4 | 1 | 61.139.126.0 |
|
| Details | IPv4 | 1 | 61.139.126.63 |
|
| Details | Url | 1 | http://www.virustotal.com/analisis/12112cd97c7fb05f8b4719ce70f49e9ebab815cc11fab4263255c93e3455a659-1270562041 |
|
| Details | Url | 1 | http://www.virustotal.com/analisis/1cd77175e3b1ecf366409ff362ef05180a4e8a21b08089e09e17341d2acbe478-1270563466 |
|
| Details | Url | 1 | http://www.virustotal.com/analisis/13245d160694fd94275d35fb3978aa44544cee7f3df98b4b45b18b4b6287e0a9-1270563441 |
|
| Details | Url | 1 | http://www.virustotal.com/analisis/3f6791d73f773dded5616a52fedba36606b0fbb198b80e9dd0c67dd553f90a6e-1270563456 |
|
| Details | Url | 1 | http://anubis.iseclab.org/?action=result&task_id=130e1cf65a2892404f14172e28e865cf4 |