× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 66eb8301d94c2493c0ade5087425b33b92adb2cd4426be120b644c2a00c282b2
File name: zyzoom.pdf
Detection ratio: 31 / 52
Analysis date: 2014-05-08 10:47:37 UTC ( 3 years, 3 months ago )
Antivirus Result Update
Ad-Aware PDF:Exploit.PDF-JS.UN 20140508
AntiVir EXP/Pidief.edq 20140508
Avast JS:Pdfka-gen [Expl] 20140508
AVG Exploit_c.WPP 20140508
BitDefender PDF:Exploit.PDF-JS.UN 20140508
ClamAV Pdf.Exploit.CVE_2010_0188-5 20140508
Commtouch JS/Pdfka.NT.gen 20140508
Comodo UnclassifiedMalware 20140508
DrWeb Exploit.PDF.3216 20140508
Emsisoft PDF:Exploit.PDF-JS.UN (B) 20140508
ESET-NOD32 JS/Exploit.Pdfka.QLH 20140508
F-Prot JS/Pdfka.NT.gen 20140508
F-Secure Exploit:W32/CVE-2010-0188.C 20140508
Fortinet PDF/Pdfka.QCL!exploit 20140508
GData PDF:Exploit.PDF-JS.UN 20140508
Ikarus Exploit.PDF 20140508
Kaspersky HEUR:Exploit.PDF.Generic 20140508
McAfee PDF/Blacole-FCW!EFF7D3C7066C 20140508
McAfee-GW-Edition PDF/Blacole-FCW!EFF7D3C7066C 20140507
Microsoft Exploit:Win32/Pdfjsc.AGD 20140508
eScan PDF:Exploit.PDF-JS.UN 20140508
NANO-Antivirus Trojan.Script.Pdfka.bfozxe 20140508
Norman Exploit.ADQ 20140508
nProtect Exploit.TIFF.Gen 20140507
Qihoo-360 virus.xfa.unsafe.1 20140508
Sophos AV Troj/PDFEx-HO 20140508
Symantec Trojan.Pidief 20140508
TrendMicro HEUR_PDFF.SHARP 20140508
TrendMicro-HouseCall TROJ_GEN.F47V0227 20140508
VIPRE LooksLike.PDF.Malware.b (v) 20140508
ViRobot PDF.S.Exploit.5638 20140508
AegisLab 20140508
Yandex 20140507
AhnLab-V3 20140507
Antiy-AVL 20140508
Baidu-International 20140508
Bkav 20140507
ByteHero 20140508
CAT-QuickHeal 20140508
CMC 20140506
Jiangmin 20140508
K7AntiVirus 20140507
K7GW 20140507
Kingsoft 20140508
Malwarebytes 20140508
Panda 20140508
Rising 20140507
SUPERAntiSpyware 20140508
TheHacker 20140508
TotalDefense 20140508
VBA32 20140507
Zillya 20140507
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.3.
PDFiD information
This PDF document contains at least one embedded file. Embedded files can be used in conjunction with launch actions in order to run malicious executables in the machine viewing the PDF.
This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers.
This PDF document has 1 page, please note that most malicious PDFs have only one page.
This PDF document has 12 object start declarations and 12 object end declarations.
This PDF document has 2 stream object start declarations and 2 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a pointer to the cross reference table (startxref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

FileCreateDate
2014:05:08 11:46:32+01:00

FileType
PDF

Linearized
No

FileAccessDate
2014:05:08 11:46:32+01:00

Warning
Error reading xref table

PDFVersion
1.3

File identification
MD5 eff7d3c7066cac351d3232cccf60fe81
SHA1 f2706ceb7d06db29d3ccd657585a9aa0db762010
SHA256 66eb8301d94c2493c0ade5087425b33b92adb2cd4426be120b644c2a00c282b2
ssdeep
96:fVYlLGHfaScdtUK178pfPaKvJs7gbW7AJ9MlczaZVsjgligoqjOAX42dTymgmt9T:NKLG/a61Sce7tA4s8rE2dT+mtZ

File size 5.5 KB ( 5638 bytes )
File type PDF
Magic literal
PDF document, version 1.3

TrID Adobe Portable Document Format (100.0%)
Tags
exploit invalid-xref pdf acroform file-embedded cve-2010-0188

VirusTotal metadata
First submission 2013-01-24 01:32:17 UTC ( 4 years, 6 months ago )
Last submission 2014-05-08 10:47:37 UTC ( 3 years, 3 months ago )
File names test.pdf
test.pdf_
zyzoom.pdf
1.test
ExifTool file metadata
MIMEType
application/pdf

FileCreateDate
2014:05:08 11:46:32+01:00

FileType
PDF

Linearized
No

FileAccessDate
2014:05:08 11:46:32+01:00

Warning
Error reading xref table

PDFVersion
1.3

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!