× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 452314287db72468f6bcd06089cd5ed832d912f0272795133c58949240edac08
File name: weevappellatebrief.pdf
Detection ratio: 25 / 47
Analysis date: 2013-10-26 04:00:09 UTC ( 4 years, 10 months ago ) View latest
Antivirus Result Update
Yandex Trojan.Rosena.Gen.1 20131025
AhnLab-V3 Trojan/Win32.Shell 20131025
Avast Win32:SwPatch [Wrm] 20131026
AVG Exploit.PDF 20131025
Bkav W32.PdfLaunch.Trojan 20131025
ClamAV Suspect.PDF.EmbeddedExecutable-2 20131025
Commtouch PDF/Autorun.A!Camelot 20131026
DrWeb SCRIPT.Virus 20131026
Emsisoft Exploit.PDF-Dropper.Gen (B) 20131026
ESET-NOD32 PDF/Exploit.Pidief.PFW 20131026
F-Prot W32/Swrort.A.gen!Eldorado 20131026
F-Secure Exploit.PDF-Dropper.Gen 20131026
Fortinet W32/Swrort.C!tr 20131026
GData Exploit.PDF-Dropper.Gen 20131026
Ikarus possible-Threat.PDF.Acmd 20131025
Kaspersky HEUR:Trojan.Win32.Generic 20131026
Microsoft Trojan:Win32/Swrort.A 20131026
eScan Exploit.PDF-Dropper.Gen 20131025
NANO-Antivirus Trojan.Win32.Swrort.uhpfc 20131026
nProtect Exploit.PDF-Dropper.Gen 20131025
Sophos AV Mal/EncPk-ACE 20131026
Symantec Packed.Generic.347 20131026
TrendMicro HEUR_PDFEXP.D 20131026
TrendMicro-HouseCall TROJ_SWRORT.SME 20131026
VIPRE Trojan.Win32.Swrort.B (v) 20131026
AntiVir 20131025
Antiy-AVL 20131025
Baidu-International 20131025
BitDefender 20090218
ByteHero 20131025
CAT-QuickHeal 20131023
Comodo 20131026
Jiangmin 20131025
K7AntiVirus 20131025
K7GW 20131025
Kingsoft 20130829
Malwarebytes 20131026
McAfee 20131026
McAfee-GW-Edition 20131026
Norman 20131025
Panda 20131025
Rising 20131025
SUPERAntiSpyware 20131025
TheHacker 20131025
TotalDefense 20131025
VBA32 20131025
ViRobot 20131026
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.4.
PDFiD information
This PDF file contains 2 JavaScript blocks. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent.
This PDF file contains an open action to be performed when the document is viewed. Malicious PDF documents with JavaScript very often use open actions to launch the JavaScript without user interaction.
This PDF file contains an automatic action to be performed when a given page of the document is viewed. Malicious PDF documents with JavaScript very often use an automatic action to launch the JavaScript without user interaction.
The combination of automatic actions and JavaScript makes this PDF document suspicious.
This PDF document contains 1 launch action. A Launch action is intended to be used to run an application or to open or print a document. This feature could also be used to run an executable embedded within the PDF file.
This PDF document has 68 pages, please note that most malicious PDFs have only one page.
This PDF document has 384 object start declarations and 384 object end declarations.
This PDF document has 213 stream object start declarations and 213 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a pointer to the cross reference table (startxref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

ModifyDate
2013:10:25 20:56:06-04:00

Producer
Mac OS X 10.7.5 Quartz PDFContext; modified using iText 2.1.7 by 1T3XT

Creator
Word

FileType
PDF

Author
Stephanie Shattuck

Linearized
No

PageCount
67

Title
Auernheimer Reply Brief Final

PDFVersion
1.4

CreateDate
2013:10:26 00:46:18Z

File identification
MD5 5238f995c121635b2cf3af1ceca60c10
SHA1 854a8e715aad105c33ba05c7d3e439571ca7dd2d
SHA256 452314287db72468f6bcd06089cd5ed832d912f0272795133c58949240edac08
ssdeep
6144:bADU6vL22p4dSr2rzIOVOed6tjJrNscJTnbWz3tmH75TDgyJrLi4uFRnZpQuyumF:X6xs224wOV1JrOcJLbWTtC3uRZpQurmF

File size 543.5 KB ( 556559 bytes )
File type PDF
Magic literal
PDF document, version 1.4

TrID Adobe Portable Document Format (100.0%)
Tags
pdf js-embedded autoaction launch-action

VirusTotal metadata
First submission 2013-10-26 04:00:09 UTC ( 4 years, 10 months ago )
Last submission 2013-11-06 17:14:59 UTC ( 4 years, 10 months ago )
File names vti-rescan
weevappellatebrief.pdf
ExifTool file metadata
MIMEType
application/pdf

ModifyDate
2013:10:25 20:56:06-04:00

Producer
Mac OS X 10.7.5 Quartz PDFContext; modified using iText 2.1.7 by 1T3XT

Creator
Word

FileType
PDF

Author
Stephanie Shattuck

Linearized
No

PageCount
67

Title
Auernheimer Reply Brief Final

PDFVersion
1.4

CreateDate
2013:10:26 00:46:18Z

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!