SecurityHome.eu Exploit:Win32/CVE-2010-3333

Home / malware PDF

Exploit:Win32/CVE-2010-3333

First posted on 05 April 2019.
Source: Microsoft
Aliases :
There are no other names known for Exploit:Win32/CVE-2010-3333.
Explanation :
Installation

You might get this threat in your PC as a Word document attachment to a spammed email, or shared via social media.

One variant we observed being distributed in the wild in late December 2010 opens a non-malicious Word document (seen below) after doing its malicious paylod.

The message is Russian and translates as:

Dear colleagues and friends!
Happy New Year!

Payload

Downloads and runs other malware

Some variants contain a payload to download and run other malware on your PC. One such variant connected to mywindowsupdate.net/****/svchost.exe and saved the targeted file to a.exe. This file is detected as Trojan:Win32/Turkojan.C.

Drops and installs other malware

Some variants contain a payload to drop and run other malware on your PC. One such variant dropped the file mspmsnsr.dllx90x90x90x90x90x90x90x90x90x90x90x90x90x90x90x90x90x90x90x90. This file is detected as TrojanDropper:Win32/Meciv.A.

In turn, this file drops another service DLL component to wucltul.dll. This file is detected as Backdoor:Win32/Meciv.A.

Analysis by Rodel Finones
Last update 05 April 2019

TOP

Malware :

Last 20