A better zip bomb
Tags
| country: | Russia |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Model Confluence - T1213.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Scripting - T1064 Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | dd593ee5-f707-4cbc-9b77-7c5c8faef8a0 |
| Fingerprint | 2e9c9a1e35a30e31 |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | July 2, 2019, midnight |
| Added to db | Feb. 17, 2023, 9:29 p.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | A better zip bomb |
| Title | A better zip bomb |
| Detected Hints/Tags/Attributes | 80/3/121 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.bamsoftware.com/hacks/zipbomb/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 1 | cve-2019-13232 |
|
| Details | Domain | 1 | bamsoftware.com |
|
| Details | Domain | 1 | www.bamsoftware.com |
|
| Details | Domain | 1 | zipbomb-20210121.zip |
|
| Details | Domain | 8 | 42.zip |
|
| Details | Domain | 1 | zblg.zip |
|
| Details | Domain | 1 | zbsm.zip |
|
| Details | Domain | 1 | zbxl.zip |
|
| Details | Domain | 1 | zbxxl.zip |
|
| Details | Domain | 1 | overlap.zip |
|
| Details | Domain | 1 | zipbomb-woot19.zip |
|
| Details | Domain | 30 | addons.mozilla.org |
|
| Details | Domain | 1 | zbsm.extra.zip |
|
| Details | Domain | 1 | jira.athr.ru |
|
| Details | Domain | 1 | project.avira.org |
|
| Details | Domain | 1 | topdesk-imp.cicapp.nl |
|
| Details | Domain | 1 | jira-eng-rtp3.cisco.com |
|
| Details | Domain | 1 | jira-eng-sjc1.cisco.com |
|
| Details | Domain | 1 | flightdataservices.atlassian.net |
|
| Details | Domain | 1 | projects.ucd.gpn.gov.uk |
|
| Details | Domain | 1 | testrail-int.qa1.immunet.com |
|
| Details | Domain | 1 | redmine-int-prod.intranet.cnim.net |
|
| Details | Domain | 3 | bugs.drweb.com |
|
| Details | Domain | 1 | dev-jira.dynatrace.org |
|
| Details | Domain | 1 | webgate.ec.europa.eu |
|
| Details | Domain | 1 | jira.egnyte-it.com |
|
| Details | Domain | 1 | jira.hq.eset.com |
|
| Details | Domain | 1 | bugzilla.olympus.f5net.com |
|
| Details | Domain | 1 | mantis.fortinet.com |
|
| Details | Domain | 1 | redmine.joesecurity.org |
|
| Details | Domain | 1 | dev.maildev.jp |
|
| Details | Domain | 1 | confluence.managed.lu |
|
| Details | Domain | 1 | jira-lvs.prod.mcafee.com |
|
| Details | Domain | 1 | jira.modulbank.ru |
|
| Details | Domain | 1 | paynearme.atlassian.net |
|
| Details | Domain | 1 | jira.proofpoint.com |
|
| Details | Domain | 1 | dev.pulsesecure.net |
|
| Details | Domain | 1 | qualtrics.atlassian.net |
|
| Details | Domain | 1 | jira.sastdev.net |
|
| Details | Domain | 1 | bugzilla.seeburger.de |
|
| Details | Domain | 1 | svm.cert.siemens.com |
|
| Details | Domain | 1 | jira.sophos.net |
|
| Details | Domain | 1 | jira.vrt.sourcefire.com |
|
| Details | Domain | 1 | task.jarvis.trendmicro.com |
|
| Details | Domain | 1 | segjira.trendmicro.com |
|
| Details | Domain | 1 | ucsc-cgl.atlassian.net |
|
| Details | Domain | 1 | jira.withbc.com |
|
| Details | Domain | 1 | zscaler.zendesk.com |
|
| Details | Domain | 707 | google.com |
|
| Details | Domain | 1 | snowflake-broker.bamsoftware.com |
|
| Details | Domain | 1 | std.zip |
|
| Details | 1 | david@bamsoftware.com |
||
| Details | File | 1 | zipbomb-20210121.zip |
|
| Details | File | 7 | 42.zip |
|
| Details | File | 2 | appnote.txt |
|
| Details | File | 1 | zblg.zip |
|
| Details | File | 1 | zbsm.zip |
|
| Details | File | 1 | zbxl.zip |
|
| Details | File | 1 | zbxxl.zip |
|
| Details | File | 674 | node.js |
|
| Details | File | 1 | overlap.zip |
|
| Details | File | 1 | zipbomb-woot19.zip |
|
| Details | File | 1 | zblg.odt |
|
| Details | File | 1 | zblg.docx |
|
| Details | File | 1 | extra.zip |
|
| Details | File | 1 | project.avi |
|
| Details | File | 2 | rapidboard.jsp |
|
| Details | File | 1206 | index.php |
|
| Details | File | 73 | view.php |
|
| Details | File | 1 | bug_view_page.php |
|
| Details | File | 1 | svm.cer |
|
| Details | File | 1 | t.sie |
|
| Details | File | 1 | create_edit_vulnerability.php |
|
| Details | File | 1 | task.jar |
|
| Details | File | 1 | std.zip |
|
| Details | sha1 | 1 | f04d9b15bd1cba1433ad5453bc3ebff933d0e3bb |
|
| Details | IPv4 | 1 | 6.1.5.2 |
|
| Details | Url | 1 | https://www.bamsoftware.com/git/zipbomb.git |
|
| Details | Url | 1 | https://www.bamsoftware.com/git/zipbomb-paper.git |
|
| Details | Url | 1 | http://jira.athr.ru/browse/web-12882 |
|
| Details | Url | 1 | https://project.avira.org/browse/engine-2307 |
|
| Details | Url | 1 | https://project.avira.org/browse/engine-2363 |
|
| Details | Url | 1 | https://topdesk-imp.cicapp.nl/tas/secure/mango/window/4 |
|
| Details | Url | 1 | https://jira-eng-rtp3.cisco.com/jira/browse/amp4e-4849 |
|
| Details | Url | 1 | https://jira-eng-sjc1.cisco.com/jira/browse/clam-965 |
|
| Details | Url | 1 | https://flightdataservices.atlassian.net/secure/rapidboard.jspa?selectedissue=fds |
|
| Details | Url | 1 | https://projects.ucd.gpn.gov.uk/browse/vuln-1483 |
|
| Details | Url | 1 | https://testrail-int.qa1.immunet.com/index.php? |
|
| Details | Url | 1 | http://redmine-int-prod.intranet.cnim.net/issues/5596 |
|
| Details | Url | 1 | https://bugs.drweb.com/view.php?id=159759 |
|
| Details | Url | 1 | https://dev-jira.dynatrace.org/browse/apm-188227 |
|
| Details | Url | 1 | https://webgate.ec.europa.eu/citnet/jira/browse/eprel-2150 |
|
| Details | Url | 1 | https://jira.egnyte-it.com/browse/in-8480 |
|
| Details | Url | 1 | https://jira.hq.eset.com/browse/ccdbl-1492 |
|
| Details | Url | 1 | https://bugzilla.olympus.f5net.com/show_bug.cgi?id=819053 |
|
| Details | Url | 1 | https://mantis.fortinet.com/bug_view_page.php?bug_id=0570222 |
|
| Details | Url | 1 | https://redmine.joesecurity.org:64998/issues/4705 |
|
| Details | Url | 1 | http://dev.maildev.jp/mantis/view.php?id=5839 |
|
| Details | Url | 1 | https://confluence.managed.lu/pages/viewpage.action?pageid=47974242 |
|
| Details | Url | 1 | https://jira-lvs.prod.mcafee.com/browse/tsws-653 |
|
| Details | Url | 1 | https://jira.modulbank.ru/browse/pv-33012 |
|
| Details | Url | 1 | http://jira.netzwerk.intern:8080/browse/sales-81 |
|
| Details | Url | 1 | https://jira-hq.paloaltonetworks.local/browse/con-43391 |
|
| Details | Url | 1 | https://jira-hq.paloaltonetworks.local/browse/gsrt-11680 |
|
| Details | Url | 1 | https://jira-hq.paloaltonetworks.local/browse/pan-124201 |
|
| Details | Url | 1 | https://paynearme.atlassian.net/browse/pnm-4494 |
|
| Details | Url | 1 | https://jira.proofpoint.com/jira/browse/pe-29410 |
|
| Details | Url | 1 | https://dev.pulsesecure.net/jira/browse/prs-379163 |
|
| Details | Url | 1 | https://qualtrics.atlassian.net/browse/app-326 |
|
| Details | Url | 1 | https://jira.sastdev.net/browse/cis-2819 |
|
| Details | Url | 1 | https://jira.sastdev.net/secure/rapidboard.jspa?selectedissue=ec |
|
| Details | Url | 1 | https://bugzilla.seeburger.de/show_bug.cgi?id=89294 |
|
| Details | Url | 1 | https://svm.cert.siemens.com/auseno/create_edit_vulnerability.php?vulnid=48573 |
|
| Details | Url | 1 | https://jira.sophos.net/browse/cpissue-6560 |
|
| Details | Url | 1 | https://jira.vrt.sourcefire.com/browse/tt-1070 |
|
| Details | Url | 1 | https://task.jarvis.trendmicro.com/browse/jpse-10432 |
|
| Details | Url | 1 | https://segjira.trendmicro.com:8443/browse/seg-55636 |
|
| Details | Url | 1 | https://segjira.trendmicro.com:8443/browse/seg-58824 |
|
| Details | Url | 1 | https://ucsc-cgl.atlassian.net/secure/rapidboard.jspa?selectedissue=seab |
|
| Details | Url | 1 | https://jira.withbc.com/browse/bc-43950 |
|
| Details | Url | 1 | https://zscaler.zendesk.com/agent/tickets/849971 |