Apr 22 CVE-2011-0611 PDF-SWF Marshall Plan for the North Africa.pdf with Win32/Ixeshe.E
Tags
| country: | China |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Denial Of Service |
Common Information
| Type | Value |
|---|---|
| UUID | cfdc494e-2235-47fb-a68c-d508f7e520a1 |
| Fingerprint | e8bef463cca7b2ca |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 22, 2011, 3:15 p.m. |
| Added to db | Jan. 18, 2023, 7:45 p.m. |
| Last updated | Nov. 18, 2024, 3:36 a.m. |
| Headline | UNKNOWN |
| Title | Apr 22 CVE-2011-0611 PDF-SWF Marshall Plan for the North Africa.pdf with Win32/Ixeshe.E |
| Detected Hints/Tags/Attributes | 46/3/52 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 32 | cve-2011-0611 |
|
| Details | CVE | 19 | cve-2010-1297 |
|
| Details | Domain | 36 | contagiodump.blogspot.com |
|
| Details | Domain | 4 | www.cyberesi.com |
|
| Details | Domain | 1176 | gmail.com |
|
| Details | Domain | 9 | mail.gmail.com |
|
| Details | Domain | 1 | adsl-068-016-099-165.sip.asm.bellsouth.net |
|
| Details | Domain | 1 | mail.the-joy-of-travel.com |
|
| Details | Domain | 1 | the-joy-of-travel.com |
|
| Details | Domain | 1 | www.the-joy-of-travel.com |
|
| Details | 1 | serrato.christy@gmail.com |
||
| Details | 1 | banlktikpu6as48gyr9bhwkqvn1jmkz70sw@mail.gmail.com |
||
| Details | File | 1 | africa.pdf |
|
| Details | File | 11 | authplay.dll |
|
| Details | File | 2 | apr-20-cve-2011-0611-pdf-swf-chinas.html |
|
| Details | File | 37 | exploit.pdf |
|
| Details | File | 34 | acrord32.exe |
|
| Details | File | 63 | report.html |
|
| Details | File | 1 | aws7446.jsp |
|
| Details | File | 1 | aws7394.jsp |
|
| Details | File | 1 | aws7414.jsp |
|
| Details | File | 1 | aws7437.jsp |
|
| Details | File | 1 | aws7463.jsp |
|
| Details | File | 1 | aws7473.jsp |
|
| Details | File | 1 | sip.asm |
|
| Details | md5 | 2 | 6d5fb801b890bfa7cc737c018e87e456 |
|
| Details | md5 | 1 | c56dd87772312ba032fc6ac8928d480f |
|
| Details | md5 | 1 | 93b600d4d641321dae860d179d8a35cf |
|
| Details | md5 | 1 | 39822adc9bc7747dadd212e0338948cb |
|
| Details | sha1 | 1 | 441cfe9d31d271262ff693e83daa1b4fefa0e2c4 |
|
| Details | sha1 | 1 | 1fe3478d65ba9508b1fdc31d6b3e67b336b06b95 |
|
| Details | sha1 | 1 | 00d9650584489914016941fbe28cd1c02306a34b |
|
| Details | sha256 | 1 | afe8d2abf6807bb1b83affc20b8fcb424d75cb7ce340c900b59daeb9b3edc628 |
|
| Details | sha256 | 1 | fff09d52d2fedc1a85fa04f75fe9a8295a57ddc39d4888ce65662e7a7b9671c0 |
|
| Details | sha256 | 1 | b32482d120f24d88f06edb974e92b301e4bd9be99e5ee7f10e9e6dce1a557192 |
|
| Details | IPv4 | 4 | 10.2.153.1 |
|
| Details | IPv4 | 3 | 10.2.154.25 |
|
| Details | IPv4 | 4 | 10.2.156.12 |
|
| Details | IPv4 | 1 | 10.227.165.194 |
|
| Details | IPv4 | 1 | 10.227.157.66 |
|
| Details | IPv4 | 17 | 5.3.2.6 |
|
| Details | IPv4 | 6 | 101.3.2.89 |
|
| Details | IPv4 | 19 | 10.0.3.5 |
|
| Details | IPv4 | 2 | 68.16.99.165 |
|
| Details | Url | 1 | http://contagiodump.blogspot.com/2011/04/apr-20-cve-2011-0611-pdf-swf-chinas.html |
|
| Details | Url | 2 | http://www.cyberesi.com/2011/04/25/chinas-charm-diplomacy-in-brics-summit-pdf-cve-2011-0611 |
|
| Details | Url | 1 | http://www.virustotal.com/file-scan/report.html?id=b32482d120f24d88f06edb974e92b301e4bd9be99e5ee7f10e9e6dce1a557192 |
|
| Details | Url | 1 | http://68.16.99.165/aws7394.jsp?2rlfgi5c |
|
| Details | Url | 1 | http://68.16.99.165/aws7414.jsp?2rlfgi5c |
|
| Details | Url | 1 | http://68.16.99.165/aws7437.jsp?2rlfgi5c |
|
| Details | Url | 1 | http://68.16.99.165/aws7463.jsp?2rlfgi5c |
|
| Details | Url | 1 | http://68.16.99.165/aws7473.jsp?2rlfgi5c |