× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 62988ad8e56edc685e9dc64133611067b7216e149afc8b2959ad68a0ac3773bb
File name: annonce.pdf
Detection ratio: 10 / 37
Analysis date: 2009-12-17 21:53:28 UTC ( 4 years, 4 months ago ) View latest
Antivirus Result Update
AntiVir HEUR/HTML.Malware 20091217
BitDefender Exploit.PDF-JS.Gen 20091217
GData Exploit.PDF-JS.Gen 20091217
McAfee Exploit-PDF.ac 20091217
McAfee+Artemis Exploit-PDF.ac 20091217
McAfee-GW-Edition Heuristic.HTML.Malware 20091217
Microsoft Exploit:Win32/Pdfjsc.CM 20091217
Rising Hack.Exploit.PDF.e 20091217
Sunbelt Exploit.PDF-JS.Gen (v) 20091217
eSafe PDF.Exploit 20091216
AhnLab-V3 20091217
Antiy-AVL 20091217
Authentium 20091202
Avast 20091217
CAT-QuickHeal 20091217
ClamAV 20091217
Comodo 20091217
F-Prot 20091216
Fortinet 20091217
Ikarus 20091217
Jiangmin 20091217
K7AntiVirus 20091217
Kaspersky 20091217
NOD32 20091217
Norman 20091217
Panda 20091215
Prevx 20091217
Sophos 20091217
Symantec 20091217
TheHacker 20091217
TrendMicro 20091217
VBA32 20091217
ViRobot 20091217
VirusBuster 20091217
a-squared 20091217
eTrust-Vet 20091217
nProtect 20091217
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.4.
PDFiD information
This PDF file contains 3 JavaScript blocks. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent.
This PDF document has an invalid cross reference table.
This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers.
This PDF document has 1 page, please note that most malicious PDFs have only one page.
This PDF document has 15 object start declarations and 15 object end declarations.
This PDF document has 2 stream object start declarations and 2 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a pointer to the cross reference table (startxref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

FileType
PDF

Warning
Invalid xref table

PDFVersion
1.4

Linearized
No

File identification
MD5 97021644ce594f91b8738c02f6f5420a
SHA1 19aec3e14d2d791a3730e50d9b0c6c456418fbb9
SHA256 62988ad8e56edc685e9dc64133611067b7216e149afc8b2959ad68a0ac3773bb
ssdeep
384:OA5cWAXM1lXZjGh8h79CObkd7zW0LppuuqOUBQaDRKtPCRbf+bACfr4X:OA5tAX8lXlGh8hxC447zTLppuuqOUBr1

File size 15.8 KB ( 16199 bytes )
File type PDF
Magic literal
PDF document, version 1.4

TrID Adobe Portable Document Format (100.0%)
Tags
invalid-xref acroform pdf js-embedded

VirusTotal metadata
First submission 2009-12-17 16:25:48 UTC ( 4 years, 4 months ago )
Last submission 2013-09-26 08:20:50 UTC ( 6 months, 4 weeks ago )
File names 19aec3e14d2d791a3730e50d9b0c6c456418fbb9.pdf
19aec3e14d2d791a3730e50d9b0c6c456418fbb9.pdf
19aec3e14d2d791a3730e50d9b0c6c456418fbb9.pdf
19aec3e14d2d791a3730e50d9b0c6c456418fbb9
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en .

ExifTool file metadata
MIMEType
application/pdf

FileType
PDF

Warning
Invalid xref table

PDFVersion
1.4

Linearized
No

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!