× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1a044231e6a9f3026f5201f38d552108f28ba98ab631a4322af3d3131f3a9316
File name: pdf_new.pdf
Detection ratio: 26 / 46
Analysis date: 2012-12-01 23:11:03 UTC ( 5 years, 5 months ago )
Antivirus Result Update
AntiVir EXP/Pidief.dmx 20121201
Avast JS:Pdfka-gen [Expl] 20121201
AVG Exploit_c.VVU 20121201
BitDefender Exploit.TIFF.Gen 20121201
Commtouch JS/Pdfka.IZ 20121201
Comodo Exploit.JS.Pdfka.ra 20121201
DrWeb Exploit.PDF.3096 20121201
ESET-NOD32 JS/Exploit.Pdfka.PVJ 20121201
F-Prot JS/Pdfka.IZ 20121201
F-Secure Exploit.TIFF.Gen 20121201
Fortinet JS/Pdfka.GGH!exploit 20121201
GData Exploit.TIFF.Gen 20121201
Ikarus Exploit.JS.Pdfka 20121201
Jiangmin Exploit.PDF.na 20121201
Kaspersky Exploit.JS.Pdfka.ggh 20121201
McAfee Artemis!1D35073B2C1A 20121201
McAfee-GW-Edition Artemis!1D35073B2C1A 20121201
Microsoft Exploit:Win32/Pdfjsc.ADF 20121201
eScan Exploit.TIFF.Gen 20121201
NANO-Antivirus Trojan.Script.Heuristic-pdf.gutwr 20121201
nProtect Exploit.TIFF.Gen 20121201
PCTools Trojan.Gen 20121201
Sophos AV Troj/PDFJs-AAS 20121201
Symantec Trojan.Gen.2 20121201
TrendMicro-HouseCall TROJ_GEN.F47V1129 20121201
VIPRE LooksLike.PDF.Malware.c (v) 20121201
Yandex 20121201
AhnLab-V3 20121201
Antiy-AVL 20121130
ByteHero 20121130
CAT-QuickHeal 20121201
ClamAV 20121201
Emsisoft 20121201
eSafe 20121128
K7AntiVirus 20121130
Kingsoft 20121119
Malwarebytes 20121201
Norman 20121201
Panda 20121201
Rising 20121130
SUPERAntiSpyware 20121201
TheHacker 20121129
TotalDefense 20121201
TrendMicro 20121201
VBA32 20121130
ViRobot 20121201
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.6.
PDFiD information
This PDF document contains at least one embedded file. Embedded files can be used in conjunction with launch actions in order to run malicious executables in the machine viewing the PDF.
This PDF document has an invalid cross reference table.
This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers.
This PDF document has 2 pages, please note that most malicious PDFs have only one page.
This PDF document has 27 object start declarations and 27 object end declarations.
This PDF document has 13 stream object start declarations and 12 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

FileType
PDF

Warning
Invalid xref table

PDFVersion
1.6

Linearized
No

File identification
MD5 1d35073b2c1ab55ebb58443e53bde89c
SHA1 2956b6e3b057a08cd824965dca69f11f606e2a7b
SHA256 1a044231e6a9f3026f5201f38d552108f28ba98ab631a4322af3d3131f3a9316
ssdeep
384:khzaNwAO9GikR32zDR27l9BRinQi/60G7Vcvs:shZGikY07LBR6QC6dZ

File size 13.1 KB ( 13429 bytes )
File type PDF
Magic literal
PDF document, version 1.6

TrID Adobe Portable Document Format (100.0%)
Tags
exploit invalid-xref cve-2012-5067 pdf acroform cve-2010-0188

VirusTotal metadata
First submission 2012-11-10 17:22:16 UTC ( 5 years, 6 months ago )
Last submission 2012-12-01 23:11:03 UTC ( 5 years, 5 months ago )
File names pdf_new.pdf
ExifTool file metadata
MIMEType
application/pdf

FileType
PDF

Warning
Invalid xref table

PDFVersion
1.6

Linearized
No

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!