× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9e7d71930975cd28cf3c9ec72be6f154d8f0920e86c5badb621ddd0d99957047
File name: 123-148752488-reg-invoice.pdf
Detection ratio: 10 / 56
Analysis date: 2017-04-19 11:33:07 UTC ( 3 months ago ) View latest
Antivirus Result Update
AegisLab Vba.Gen!c 20170419
Baidu Multi.Threats.InArchive 20170419
ClamAV Doc.Dropper.Dridex-6260340-0 20170419
Fortinet WM/TrojanDownloader.7A51!tr 20170419
Ikarus Win32.Outbreak 20170419
NANO-Antivirus Trojan.Ole2.Vbs-heuristic.druvzi 20170419
Panda O97M/Downloader 20170418
Qihoo-360 virus.office.obfuscated.1 20170419
Rising Heur.Macro.Downloader.d (cloud:UJEmOxwGVqO) 20170419
ZoneAlarm by Check Point HEUR:Trojan-Downloader.Script.Generic 20170419
Ad-Aware 20170419
AhnLab-V3 20170419
Alibaba 20170419
ALYac 20170419
Antiy-AVL 20170419
Arcabit 20170419
Avast 20170419
AVG 20170419
Avira (no cloud) 20170419
AVware 20170419
BitDefender 20170419
Bkav 20170419
CAT-QuickHeal 20170419
CMC 20170419
Comodo 20170419
CrowdStrike Falcon (ML) 20170130
Cyren 20170419
DrWeb 20170419
Emsisoft 20170419
Endgame 20170419
ESET-NOD32 20170419
F-Prot 20170419
F-Secure 20170419
GData 20170419
Sophos ML 20170413
Jiangmin 20170419
K7AntiVirus 20170419
K7GW 20170419
Kaspersky 20170419
Kingsoft 20170419
Malwarebytes 20170419
McAfee 20170419
McAfee-GW-Edition 20170419
Microsoft 20170419
eScan 20170419
nProtect 20170419
Palo Alto Networks (Known Signatures) 20170419
SentinelOne (Static ML) 20170330
Sophos AV 20170419
SUPERAntiSpyware 20170419
Symantec 20170418
Symantec Mobile Insight 20170414
Tencent 20170419
TheHacker 20170419
TrendMicro 20170419
TrendMicro-HouseCall 20170419
Trustlook 20170419
VBA32 20170419
VIPRE 20170419
ViRobot 20170419
Webroot 20170419
WhiteArmor 20170409
Yandex 20170418
Zillya 20170418
Zoner 20170419
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.4.
PDFiD information
This PDF file contains 2 JavaScript blocks. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent.
This PDF file contains an open action to be performed when the document is viewed. Malicious PDF documents with JavaScript very often use open actions to launch the JavaScript without user interaction.
The combination of automatic actions and JavaScript makes this PDF document suspicious.
This PDF document contains at least one embedded file. Embedded files can be used in conjunction with launch actions in order to run malicious executables in the machine viewing the PDF.
This PDF document has 1 page, please note that most malicious PDFs have only one page.
This PDF document has 13 object start declarations and 13 object end declarations.
This PDF document has 3 stream object start declarations and 3 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a pointer to the cross reference table (startxref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

ModifyDate
2017:04:18 11:49:09+03:00

Producer
iTextSharp 5.5.10 2000-2016 iText Group NV (AGPL-version)

PageCount
1

FileType
PDF

Linearized
No

FileTypeExtension
pdf

PDFVersion
1.4

CreateDate
2017:04:18 11:49:09+03:00

Compressed bundles
File identification
MD5 98a727a32fee7115d9599b4df9b6b433
SHA1 d4beae82cc7c549b660d510644c5adf677bd5bf1
SHA256 9e7d71930975cd28cf3c9ec72be6f154d8f0920e86c5badb621ddd0d99957047
ssdeep
1536:qk5560NZVX58xUTOrge3j7dcHwIsviVjelTQDoxE4:qdYXSUAi8viNkTQN4

File size 57.4 KB ( 58787 bytes )
File type PDF
Magic literal
PDF document, version 1.4

TrID Adobe Portable Document Format (100.0%)
Tags
pdf file-embedded autoaction js-embedded

VirusTotal metadata
First submission 2017-04-19 11:12:20 UTC ( 3 months ago )
Last submission 2017-05-16 13:27:37 UTC ( 2 months, 1 week ago )
File names ad3c8b71cd16576589737125f75e47d3
Scan_001_7068252888.pdf
123-962851998-reg-invoice.pdf
cba85e5ef9840a48c017fc377d4f3d9f
c3c567983ae835306bf2c5957ca63846
123-298571690-reg-invoice.pdf
56c1f23389031f2ad9fd011660c77141
Scan_0074_3478008490.pdf
123-176965606-reg-invoice.pdf
123-148752488-reg-invoice.pdf
ExifTool file metadata
MIMEType
application/pdf

ModifyDate
2017:04:18 11:49:09+03:00

Producer
iTextSharp 5.5.10 2000-2016 iText Group NV (AGPL-version)

PageCount
1

FileType
PDF

Linearized
No

FileTypeExtension
pdf

PDFVersion
1.4

CreateDate
2017:04:18 11:49:09+03:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!