× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 40e22d52c00b76ad58c3c8daa644b7cfdc4f07a50718743f8e67e89bab386eab
File name: Requset.pdf
Detection ratio: 6 / 41
Analysis date: 2009-12-30 12:51:47 UTC ( 4 years, 6 months ago ) View latest
Antivirus Result Update
BitDefender Exploit.PDF-JS.Gen 20091230
F-Secure Exploit.PDF-JS.Gen 20091230
GData Exploit.PDF-JS.Gen 20091230
Ikarus Exploit.PDF-JS 20091230
Sophos Troj/PDFJs-B 20091230
a-squared Exploit.PDF-JS!IK 20091230
AVG 20091230
AhnLab-V3 20091229
AntiVir 20091230
Antiy-AVL 20091230
Authentium 20091230
Avast 20091230
CAT-QuickHeal 20091230
ClamAV 20091230
Comodo 20091230
DrWeb 20091230
F-Prot 20091230
Fortinet 20091230
Jiangmin 20091230
K7AntiVirus 20091228
Kaspersky 20091230
McAfee 20091229
McAfee+Artemis 20091229
McAfee-GW-Edition 20091230
Microsoft 20091230
NOD32 20091230
Norman 20091230
PCTools 20091230
Panda 20091230
Prevx 20091230
Rising 20091230
Sunbelt 20091230
Symantec 20091230
TheHacker 20091230
TrendMicro 20091230
VBA32 20091230
ViRobot 20091230
VirusBuster 20091229
eSafe 20091229
eTrust-Vet 20091230
nProtect 20091230
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.6.
PDFiD information
This PDF file contains 2 JavaScript blocks. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent.
This PDF file contains an automatic action to be performed when a given page of the document is viewed. Malicious PDF documents with JavaScript very often use an automatic action to launch the JavaScript without user interaction.
The combination of automatic actions and JavaScript makes this PDF document suspicious.
This PDF document contains 5 object streams. A stream object is just a sequence of bytes and very often is only used to store images and page descriptions, however, since it is not limited in length many attackers use these artifacts in conjunction with filters to obfuscate other objects.
This PDF document has 2 pages, please note that most malicious PDFs have only one page.
This PDF document has 22 object start declarations and 22 object end declarations.
This PDF document has 17 stream object start declarations and 17 stream object end declarations.
This PDF document has a pointer to the cross reference table (startxref).
ExifTool file metadata
MIMEType
application/pdf

XMPToolkit
Adobe XMP Core 4.2.1-c041 52.342996, 2008/05/07-20:48:00

ModifyDate
2009:12:28 13:12:27+08:00

CreatorTool
Acrobat 9.0

Language
zh-cn

Creator
Acrobat 9.0

InstanceID
uuid:98423b40-0789-4415-a7e3-ccb5aaf78e8e

FileType
PDF

Format
application/pdf

Producer
Adobe Acrobat 9.0.0

Linearized
No

PageCount
1

Title

MetadataDate
2009:12:28 13:12:27+08:00

PDFVersion
1.6

CreateDate
2009:12:28 11:13:40+08:00

DocumentID
uuid:5d012d06-905b-43c1-b939-02aa3e219dfc

TaggedPDF
Yes

File identification
MD5 192829aa8018987d95d127086d483cfc
SHA1 4933c0ad6b566ca52e2e819a9764a265a4ec7e0c
SHA256 40e22d52c00b76ad58c3c8daa644b7cfdc4f07a50718743f8e67e89bab386eab
ssdeep
12288:ryf81vv2mZDgSTssxh1FWNzMRW3ceo6NCctieSyYQeDrLTRA41Icn4O7FWAspkp:vvv2gDdsikhMfzBhtRn1Icp7FWAspK

File size 929.9 KB ( 952206 bytes )
File type PDF
Magic literal
PDF document, version 1.6

TrID Adobe Portable Document Format (100.0%)
VirusTotal metadata
First submission 2009-12-29 12:43:25 UTC ( 4 years, 6 months ago )
Last submission 2012-05-19 10:41:58 UTC ( 2 years, 1 month ago )
File names 4933c0ad6b566ca52e2e819a9764a265a4ec7e0c
4933c0ad6b566ca52e2e819a9764a265a4ec7e0c.pdf
Requset_pdf
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en .

ExifTool file metadata
MIMEType
application/pdf

XMPToolkit
Adobe XMP Core 4.2.1-c041 52.342996, 2008/05/07-20:48:00

ModifyDate
2009:12:28 13:12:27+08:00

CreatorTool
Acrobat 9.0

Language
zh-cn

Creator
Acrobat 9.0

InstanceID
uuid:98423b40-0789-4415-a7e3-ccb5aaf78e8e

FileType
PDF

Format
application/pdf

Producer
Adobe Acrobat 9.0.0

Linearized
No

PageCount
1

Title

MetadataDate
2009:12:28 13:12:27+08:00

PDFVersion
1.6

CreateDate
2009:12:28 11:13:40+08:00

DocumentID
uuid:5d012d06-905b-43c1-b939-02aa3e219dfc

TaggedPDF
Yes

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!