ioc[.]one - OSINT Cyber Threat Intelligence Database

CVE-2010-3654 Adobe Reader 0 day + CVE-2010-2883 Flash 10.1.102.64 + Reader 9.4.0.195 PDF Federal Benefits

Tags

country:	China United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Dns - T1071.004 Dns - T1590.002 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Vulnerabilities - T1588.006 Whois - T1596.002 Connection Proxy - T1090 Denial Of Service

Show in Graph

Common Information

Type	Value
UUID	ce3b1f67-6477-4842-b1d7-90f93c4751ab
Fingerprint	ef90e5964d332487
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 10, 2010, 12:47 p.m.
Added to db	Jan. 18, 2023, 7:45 p.m.
Last updated	Nov. 17, 2024, 11:36 p.m.
Headline	UNKNOWN
Title	CVE-2010-3654 Adobe Reader 0 day + CVE-2010-2883 Flash 10.1.102.64 + Reader 9.4.0.195 PDF Federal Benefits
Detected Hints/Tags/Attributes	68/3/85

Source URLs

	Redirection	Url
Details	Source	http://contagiodump.blogspot.com/2010/11/cve-2010-3654.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	contagiodump.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Autonomous System Number	1	AS6298
Details	Autonomous System Number	4	AS26496
Details	CVE	13	cve-2010-3654
Details	CVE	38	cve-2010-2883
Details	Domain	3	libauthplay.so
Details	Domain	4	mysundayparty.com
Details	Domain	54	godaddy.com
Details	Domain	14	www.godaddy.com
Details	Domain	287	yahoo.com
Details	Domain	1	ns1.suspended-for.spam-and-abuse.com
Details	Domain	1	ns2.suspended-for.spam-and-abuse.com
Details	Domain	1	wsip-24-248-182-214.ph.ph.cox.net
Details	Domain	1	web120310.mail.ne1.yahoo.com
Details	Domain	3	opm.gov
Details	Domain	707	google.com
Details	Domain	10	mx.google.com
Details	Domain	1	273636.18703.bm
Details	Domain	1	omp1011.mail.ne1.yahoo.com
Details	Domain	36	contagiodump.blogspot.com
Details	Domain	1	www.malwaretracker.com
Details	Domain	22	www.threatexpert.com
Details	Domain	45	www.securelist.com
Details	Domain	4	news.mysundayparty.com
Details	Domain	3	ns09.domaincontrol.com
Details	Domain	3	ns10.domaincontrol.com
Details	Domain	4	mailstore1.secureserver.net
Details	Domain	1	m1pismtp01-v01.prod.mesa1.secureserver.net
Details	Domain	16	smtp.secureserver.net
Details	Email	1	g.debbei_@yahoo.com
Details	Email	4	abuse@godaddy.com
Details	Email	1	usajobs@opm.gov
Details	Email	1	usaj0bs@yahoo.com
Details	Email	1	smtp.mail=usaj0bs@yahoo.com
Details	Email	1	header.i=@yahoo.com
Details	File	11	authplay.dll
Details	File	12	cooltype.dll
Details	File	1	announcements.pdf
Details	File	1	1289392517031.java
Details	File	1	potential-new-adobe-flash-player-zero.html
Details	File	63	report.html
Details	File	37	exploit.pdf
Details	File	1	pdfsearch.php
Details	File	1	%temp%\open season announcements.pdf
Details	File	9	adobeupdate.exe
Details	File	19	report.aspx
Details	md5	1	d143a09611c45ac34ff0f85cc5efcc2e
Details	md5	1	db1991c1120c3f75991cbe91c2649ad3
Details	md5	1	27ba4695567a60f25a32bab240b3b832
Details	sha1	1	a2378a47bf084a155974b6fd20559732ecac1608
Details	sha1	1	8f9e5aee02a4b340faae1a8057db419a34ace951
Details	sha256	1	d6c999e9279765f8924ed91422370193ea6ef856b2478513013bb3b75114f1c5
Details	sha256	1	72b3342ad2132931d8e6524ef11b9e36b05c90cf707346c05acd01b801b28e0b
Details	sha256	1	590bdc2952e54739d2d3b0a692691d7ec6f7489a7944a9798feaa513c07aa91e
Details	IPv4	1	10.1.102.64
Details	IPv4	1	9.4.0.195
Details	IPv4	3	10.1.85.3
Details	IPv4	3	10.1.95.2
Details	IPv4	1	24.248.182.214
Details	IPv4	1	173.245.79.62
Details	IPv4	1	98.138.91.66
Details	IPv4	1	7.10.13.202
Details	IPv4	3	4.2.249.0
Details	IPv4	59	7.0.0.125
Details	IPv4	1	7.10.13.204
Details	IPv4	28	5.2.0.5
Details	IPv4	16	4.6.2.117
Details	IPv4	26	10.0.2.7
Details	IPv4	4	3.12.14.1
Details	IPv4	1	24.248.176.0
Details	IPv4	5	68.178.232.100
Details	IPv4	2	68.178.232.0
Details	IPv4	2	216.69.185.5
Details	IPv4	2	216.69.185.0
Details	IPv4	2	208.109.255.5
Details	IPv4	2	208.109.255.0
Details	IPv4	1	216.69.186.201
Details	IPv4	1	216.69.184.0
Details	Url	5	http://www.godaddy.com
Details	Url	1	http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html
Details	Url	1	http://www.virustotal.com/file-scan/report.html?id=d6c999e9279765f8924ed91422370193ea6ef856b2478513013bb3b75114f1c5
Details	Url	1	http://www.malwaretracker.com/pdfsearch.php?hash=d143a09611c45ac34ff0f85cc5efcc2e
Details	Url	1	http://www.virustotal.com/file-scan/report.html?id=72b3342ad2132931d8e6524ef11b9e36b05c90cf707346c05acd01b801b28e0b
Details	Url	1	http://www.virustotal.com/file-scan/report.html?id=590bdc2952e54739d2d3b0a692691d7ec6f7489a7944a9798feaa513c07aa91e
Details	Url	1	http://www.threatexpert.com/report.aspx?md5=27ba4695567a60f25a32bab240b3b832
Details	Windows Registry Key	582	HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run