× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9cecf582e0221e0c5103b6bc39835b3ed86e4cd021750ad5015473f6c7bb732e
File name: aef5a0dbc3e52cadb5b5a7cbda743a90
Detection ratio: 2 / 46
Analysis date: 2013-03-05 13:43:05 UTC ( 5 years, 5 months ago ) View latest
Antivirus Result Update
Kaspersky Exploit.JS.CVE-2010-0188.e 20130305
Microsoft Exploit:Win32/CVE-2010-0188 20130305
Yandex 20130305
AhnLab-V3 20130305
AntiVir 20130305
Antiy-AVL 20130305
Avast 20130305
AVG 20130305
BitDefender 20130305
ByteHero 20130304
CAT-QuickHeal 20130305
ClamAV 20130304
Commtouch 20130305
Comodo 20130305
DrWeb 20130305
Emsisoft 20130305
eSafe 20130211
ESET-NOD32 20130305
F-Prot 20130305
F-Secure 20130305
Fortinet 20130305
GData 20130305
Ikarus 20130305
Jiangmin 20130304
K7AntiVirus 20130304
Kingsoft 20130304
Malwarebytes 20130305
McAfee 20130305
McAfee-GW-Edition 20130305
eScan 20130305
NANO-Antivirus 20130305
Norman 20130305
nProtect 20130305
Panda 20130305
PCTools 20130305
Rising 20130305
Sophos AV 20130305
SUPERAntiSpyware 20130305
Symantec 20130305
TheHacker 20130305
TotalDefense 20130305
TrendMicro 20130305
TrendMicro-HouseCall 20130305
VBA32 20130305
VIPRE 20130305
ViRobot 20130305
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.6.
PDFiD information
This PDF document contains at least one embedded file. Embedded files can be used in conjunction with launch actions in order to run malicious executables in the machine viewing the PDF.
This PDF document has an invalid cross reference table.
This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers.
This PDF document has 2 pages, please note that most malicious PDFs have only one page.
This PDF document has 26 object start declarations and 26 object end declarations.
This PDF document has 12 stream object start declarations and 12 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

FileCreateDate
2014:03:06 11:00:42+01:00

FileType
PDF

Linearized
No

FileAccessDate
2014:03:06 11:00:42+01:00

Warning
Invalid xref table

PDFVersion
1.6

File identification
MD5 aef5a0dbc3e52cadb5b5a7cbda743a90
SHA1 d0c31d3a8ff39694c194b209fd15a5d80bad933c
SHA256 9cecf582e0221e0c5103b6bc39835b3ed86e4cd021750ad5015473f6c7bb732e
ssdeep
192:KhZjYnwAO9Gw/vqvQNi/60un/TESQu6FHG8QjGj8Z:KhZEwAO9GUUQi/60G7H608QKo

File size 9.4 KB ( 9596 bytes )
File type PDF
Magic literal
PDF document, version 1.6

TrID Adobe Portable Document Format (100.0%)
Tags
exploit pdf invalid-xref acroform file-embedded cve-2010-0188

VirusTotal metadata
First submission 2013-03-05 13:43:05 UTC ( 5 years, 5 months ago )
Last submission 2013-08-26 18:53:17 UTC ( 4 years, 11 months ago )
File names vti-rescan
aef5a0dbc3e52cadb5b5a7cbda743a90
form.pdf
expl-pdf
ExifTool file metadata
MIMEType
application/pdf

FileCreateDate
2014:03:06 11:00:42+01:00

FileType
PDF

Linearized
No

FileAccessDate
2014:03:06 11:00:42+01:00

Warning
Invalid xref table

PDFVersion
1.6

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!