× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d4701c59264760f0d9a4e47cb9d7db9cb76445bf4f042c1d845ab5191f1cd689
File name: Customer Statements.PDF
Detection ratio: 6 / 55
Analysis date: 2014-08-27 10:23:50 UTC ( 4 years, 8 months ago ) View latest
Antivirus Result Update
CAT-QuickHeal Exploit/CVE-2013-2729 20140827
DrWeb SCRIPT.Virus 20140827
Kaspersky HEUR:Exploit.Script.Generic 20140827
NANO-Antivirus Trojan.Script.Heuristic-pdf.gutwr 20140827
Qihoo-360 Trojan.Generic 20140827
Rising NORMAL:Hack.Exploit.MalPDF.a!1609222 20140827
Ad-Aware 20140827
AegisLab 20140827
Yandex 20140826
AhnLab-V3 20140827
AntiVir 20140827
Antiy-AVL 20140827
Avast 20140827
AVG 20140827
AVware 20140827
Baidu-International 20140827
BitDefender 20140827
Bkav 20140826
ByteHero 20140827
ClamAV 20140826
CMC 20140827
Commtouch 20140827
Comodo 20140827
Emsisoft 20140827
ESET-NOD32 20140827
F-Prot 20140827
F-Secure 20140827
Fortinet 20140827
GData 20140827
Ikarus 20140827
Jiangmin 20140826
K7AntiVirus 20140826
K7GW 20140826
Kingsoft 20140827
Malwarebytes 20140827
McAfee 20140827
McAfee-GW-Edition 20140827
Microsoft 20140827
eScan 20140827
Norman 20140827
nProtect 20140826
Panda 20140826
Sophos AV 20140827
SUPERAntiSpyware 20140827
Symantec 20140827
Tencent 20140827
TheHacker 20140826
TotalDefense 20140827
TrendMicro 20140827
TrendMicro-HouseCall 20140827
VBA32 20140827
VIPRE 20140827
ViRobot 20140827
Zillya 20140826
Zoner 20140826
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.7.
PDFiD information
This PDF document has an invalid cross reference table.
This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers.
This PDF document has 1 page, please note that most malicious PDFs have only one page.
This PDF document has 6 object start declarations and 6 object end declarations.
This PDF document has 2 stream object start declarations and 2 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a pointer to the cross reference table (startxref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

FileType
PDF

Linearized
No

Warning
Invalid xref table

FileTypeExtension
pdf

PDFVersion
1.7

File identification
MD5 49aa96f311fd76055292fbae763f739c
SHA1 2e973519334f0cd5d55aa75d25cbf7b5e0b947bb
SHA256 d4701c59264760f0d9a4e47cb9d7db9cb76445bf4f042c1d845ab5191f1cd689
ssdeep
768:3q6ZRC2Nsu7kTnKHizjZHRIgd84KkERBalHqiczvPUJmz4ObVZL3pMDQIfD9yKYu:3qsPsugsidHV+4KDRBm3WtLZwQI7UdM

File size 49.8 KB ( 50965 bytes )
File type PDF
Magic literal
PDF document, version 1.7

TrID Adobe Portable Document Format (100.0%)
Tags
cve-2013-2729 exploit attachment pdf invalid-xref acroform

VirusTotal metadata
First submission 2014-08-27 08:32:12 UTC ( 4 years, 8 months ago )
Last submission 2015-09-22 16:28:15 UTC ( 3 years, 8 months ago )
File names 68abcd5b82996bb6c1f441e821052038
49aa96f311fd76055292fbae763f739c.malware
2f2979c5f03b7a8415886199178bb98a
Invoice_5626965.pdf
Invoice_2224123.pdf
Customer Statements.PDF
vti-rescan
eae842bcc4a58eb71aea954600d45850
Customer Statements_virus.pdf
bf080a826e379be16486841d4b54b0e5
Customer_Statements_PDF_BAD
Invoice_7835055.pdf
Invoice_2656911.pdf
9fe8100a06957e1c6605afd81dfafb40
b428166910869c8733e8d1777b43bb1d
Invoice_5493123.pdf
Invoice_1873706.pdf
572fdca23eea678ff7c0f984e7ed0ea5
Invoice_4061288.pdf
Customer_Statements.PDF
Invoice_8980332.pdf
Customer Statements.PDF
file-7383564_PDF
Invoice_8954372.pdf
Invoice_1678037.pdf
ExifTool file metadata
MIMEType
application/pdf

FileType
PDF

Linearized
No

Warning
Invalid xref table

FileTypeExtension
pdf

PDFVersion
1.7

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!