× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a9007903f4eabc2e3a63382eb107287b6e279d8b8497cd973730213fabb2ab49
File name: rj65fBrBw38.pdf
Detection ratio: 3 / 48
Analysis date: 2013-10-10 12:04:09 UTC ( 6 months, 1 week ago ) View latest
Antivirus Result Update
McAfee-GW-Edition Heuristic.BehavesLike.PDF.Exploit-CRT.F 20131010
NANO-Antivirus Exploit.Script.Heuristic-pdf.gutws 20131009
TrendMicro HEUR_PDFJS.STREM 20131010
AVG 20131010
Agnitum 20131009
AhnLab-V3 20131009
AntiVir 20131010
Antiy-AVL 20131010
Avast 20131010
Baidu-International 20131010
BitDefender 20131010
Bkav 20131008
ByteHero 20131007
CAT-QuickHeal 20131010
ClamAV 20131010
Commtouch 20131010
Comodo 20131010
DrWeb 20131010
ESET-NOD32 20131010
Emsisoft 20131010
F-Prot 20131010
F-Secure 20131010
Fortinet 20131010
GData 20131010
Ikarus 20131010
Jiangmin 20130903
K7AntiVirus 20131009
K7GW 20131009
Kaspersky 20131010
Kingsoft 20130829
Malwarebytes 20131010
McAfee 20131010
MicroWorld-eScan 20131010
Microsoft 20131010
Norman 20131010
PCTools 20131002
Panda 20131010
Rising 20131010
SUPERAntiSpyware 20131010
Sophos 20131010
Symantec 20131010
TheHacker 20131010
TotalDefense 20131009
TrendMicro-HouseCall 20131010
VBA32 20131009
VIPRE 20131010
ViRobot 20131010
nProtect 20131010
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.6.
PDFiD information
This PDF document has an invalid cross reference table.
This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers.
This PDF document has 3 pages, please note that most malicious PDFs have only one page.
This PDF document has 17 object start declarations and 16 object end declarations.
This PDF document has 4 stream object start declarations and 4 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a pointer to the cross reference table (startxref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

FileCreateDate
2013:12:12 15:36:59+01:00

FileType
PDF

Linearized
No

FileAccessDate
2013:12:12 15:36:59+01:00

Warning
Invalid xref table

PDFVersion
1.6

File identification
MD5 77cd239509c0c5ca6f52c38a23b505f3
SHA1 8776da15cb67bfcaf14efcf23b67378924bb4eac
SHA256 a9007903f4eabc2e3a63382eb107287b6e279d8b8497cd973730213fabb2ab49
ssdeep
192:SuAFPi6l+V9ZYK3T43si9cdVcLFUZaXa2az1ZN4aueIODBY4NAFzt/sxwc:SZFq6l+VAK3TPRvLZaXa2az1QaWODBpt

File size 9.6 KB ( 9788 bytes )
File type PDF
Magic literal
PDF document, version 1.6

TrID Adobe Portable Document Format (100.0%)
Tags
pdf exploit acroform cve-2010-0188 invalid-xref

VirusTotal metadata
First submission 2013-10-10 12:04:09 UTC ( 6 months, 1 week ago )
Last submission 2013-10-11 05:44:29 UTC ( 6 months ago )
File names rj65fBrBw38.pdf
vti-rescan
8776da15cb67bfcaf14efcf23b67378924bb4eac
ExifTool file metadata
MIMEType
application/pdf

FileCreateDate
2013:12:12 15:36:59+01:00

FileType
PDF

Linearized
No

FileAccessDate
2013:12:12 15:36:59+01:00

Warning
Invalid xref table

PDFVersion
1.6

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!