× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 065fdaaff86768216f01124793e724d55f8195d72322a33d18ed7443a03c85e0
File name: ec05f.pdf
Detection ratio: 26 / 46
Analysis date: 2013-04-23 00:05:25 UTC ( 12 months ago )
Antivirus Result Update
AVG Script/PDF.Exploit 20130422
AntiVir EXP/Pidief.egs 20130422
Avast JS:Pdfka-gen [Expl] 20130423
BitDefender PDF:Exploit.PDF-JS.ZB 20130423
Commtouch JS/Pdfka.KO 20130422
Comodo Exploit.JS.Pdfka.QV 20130423
DrWeb Exploit.PDF.4652 20130423
ESET-NOD32 JS/Exploit.Pdfka.QEV 20130422
Emsisoft PDF:Exploit.PDF-JS.ZB (B) 20130423
F-Prot JS/Pdfka.KO 20130422
F-Secure PDF:Exploit.PDF-JS.ZB 20130423
Fortinet PDF/Pdfka.QEV!tr 20130423
GData PDF:Exploit.PDF-JS.ZB 20130423
Ikarus Exploit.Win32.CVE-2010-0188 20130422
Kaspersky HEUR:Exploit.Script.Generic 20130423
McAfee PDF/Blacole-FHJ!6D2544369479 20130423
McAfee-GW-Edition PDF/Blacole-FHJ!6D2544369479 20130422
MicroWorld-eScan PDF:Exploit.PDF-JS.ZB 20130423
Microsoft Exploit:Win32/CVE-2010-0188 20130423
NANO-Antivirus Exploit.Script.Pdfka.btvxj 20130422
Norman CVE_2010_0188.JS 20130422
Sophos Troj/PDFEx-GX 20130422
TrendMicro TROJ_PIDIEF.SMAL 20130423
TrendMicro-HouseCall TROJ_PIDIEF.SMAL 20130423
VIPRE Exploit.AdobeReader.gen (v) 20130423
nProtect PDF:Exploit.PDF-JS.ZB 20130422
Agnitum 20130422
AhnLab-V3 20130422
Antiy-AVL 20130422
ByteHero 20130418
CAT-QuickHeal 20130422
ClamAV 20130423
Jiangmin 20130422
K7AntiVirus 20130422
K7GW 20130422
Kingsoft 20130422
Malwarebytes 20130423
PCTools 20130422
Panda 20130422
SUPERAntiSpyware 20130423
Symantec 20130423
TheHacker 20130422
TotalDefense 20130422
VBA32 20130422
ViRobot 20130422
eSafe 20130418
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.6.
PDFiD information
This PDF document contains at least one embedded file. Embedded files can be used in conjunction with launch actions in order to run malicious executables in the machine viewing the PDF.
This PDF document has an invalid cross reference table.
This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers.
This PDF document has 2 pages, please note that most malicious PDFs have only one page.
This PDF document has 26 object start declarations and 26 object end declarations.
This PDF document has 12 stream object start declarations and 12 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

PDFVersion
1.6

FileType
PDF

Linearized
No

FileAccessDate
2013:04:23 01:04:54+01:00

Warning
Invalid xref table

FileCreateDate
2013:04:23 01:04:54+01:00

File identification
MD5 6d254436947947d6ff37dd8f62ec50e6
SHA1 8ee25c57ac12e15227f5d77a05bab636b9ccacc5
SHA256 065fdaaff86768216f01124793e724d55f8195d72322a33d18ed7443a03c85e0
ssdeep
192:HhZjYnwAO9Gw/vqvQNi/60un/Tg1qoxFzRj8RcHHjGz0Z:HhZEwAO9GUUQi/60G7g1pHFIi6Q

File size 9.6 KB ( 9827 bytes )
File type PDF
Magic literal
PDF document, version 1.6

TrID Adobe Portable Document Format (100.0%)
Tags
exploit pdf invalid-xref acroform file-embedded cve-2010-0188

VirusTotal metadata
First submission 2013-04-23 00:05:25 UTC ( 12 months ago )
Last submission 2013-04-23 00:05:25 UTC ( 12 months ago )
File names ec05f.pdf
ExifTool file metadata
MIMEType
application/pdf

PDFVersion
1.6

FileType
PDF

Linearized
No

FileAccessDate
2013:04:23 01:04:54+01:00

Warning
Invalid xref table

FileCreateDate
2013:04:23 01:04:54+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!