× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b2b42576b9f77a97a3f647fbfdbb2533672a51d417a9f9a8ae15d194899feaf8
File name: b2b42576b9f77a97a3f647fbfdbb2533672a51d417a9f9a8ae15d194899feaf8....
Detection ratio: 39 / 55
Analysis date: 2016-11-21 16:09:55 UTC ( 6 months ago )
Antivirus Result Update
Ad-Aware Trojan.Doc.Agent.H 20161121
AegisLab Troj.Downloader.PDF.Agent.aw!c 20161121
AhnLab-V3 PDF/Dropper 20161121
ALYac Trojan.Doc.Agent.H 20161121
Arcabit Trojan.Doc.Agent.H 20161121
Avast VBA:Downloader-KN [Trj] 20161121
AVG W97M/Generic 20161121
Avira (no cloud) PDF/Agent.aw 20161121
AVware Trojan.PDF.Generic.a (v) 20161121
Baidu Multi.Threats.InArchive 20161121
BitDefender Trojan.Doc.Agent.H 20161121
CAT-QuickHeal PDF.Dropper.C 20161121
Comodo UnclassifiedMalware 20161121
Cyren PP97M/Donoff 20161121
DrWeb W97M.DownLoader.553 20161121
Emsisoft Trojan.Doc.Agent.H (B) 20161121
ESET-NOD32 PDF/TrojanDropper.Agent.B 20161121
F-Prot New or modified PP97M/Donoff 20161121
F-Secure Trojan.Doc.Agent.H 20161121
Fortinet WM/Agent.BJC!tr.dldr 20161121
GData Trojan.Doc.Agent.H 20161121
Ikarus Trojan-Dropper.PDF.Agent 20161121
K7AntiVirus Trojan ( 0001140e1 ) 20161121
K7GW Trojan ( 0001140e1 ) 20161121
Kaspersky Trojan-Downloader.PDF.Agent.aw 20161121
McAfee Downloader-FAXN!0C044FD59CC6 20161121
McAfee-GW-Edition BehavesLike.PDF.Suspicious.pb 20161121
Microsoft TrojanDownloader:O97M/Donoff 20161121
eScan Trojan.Doc.Agent.H 20161121
NANO-Antivirus Trojan.Script.PDF.dzxkwm 20161121
Panda W97M/Downloader 20161121
Qihoo-360 heur.macro.encodefeature.d 20161121
Rising Exploit.Generic!8.3E1-S8LaMm0xhdT (cloud) 20161121
Sophos Troj/DocDl-XI 20161121
Symantec W97M.Downloader 20161121
Tencent OLE.Win32.Macro.700322 20161121
TrendMicro W2KM_DRIDEX.XCV 20161121
TrendMicro-HouseCall W2KM_DRIDEX.XCV 20161121
VIPRE Trojan.PDF.Generic.a (v) 20161121
Alibaba 20161121
Antiy-AVL 20161121
Bkav 20161121
ClamAV 20161121
CMC 20161121
CrowdStrike Falcon (ML) 20161024
Invincea 20161018
Jiangmin 20161121
Kingsoft 20161121
Malwarebytes 20161121
nProtect 20161121
SUPERAntiSpyware 20161121
TheHacker 20161117
TotalDefense 20161121
Trustlook 20161121
VBA32 20161121
ViRobot 20161121
Yandex 20161121
Zillya 20161121
Zoner 20161121
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.4.
PDFiD information
This PDF file contains 3 JavaScript blocks. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent.
This PDF document contains at least one embedded file. Embedded files can be used in conjunction with launch actions in order to run malicious executables in the machine viewing the PDF.
This PDF document has 1 page, please note that most malicious PDFs have only one page.
This PDF document has 12 object start declarations and 12 object end declarations.
This PDF document has 2 stream object start declarations and 2 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a pointer to the cross reference table (startxref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

ModifyDate
2015:08:11 10:50:28+03:00

Producer
iTextSharp 5.5.5 2000-2014 iText Group NV (AGPL-version)

PageCount
1

FileType
PDF

Linearized
No

FileTypeExtension
pdf

PDFVersion
1.4

CreateDate
2015:08:11 10:50:28+03:00

File identification
MD5 0c044fd59cc6ccc28a48937bc69cc0c4
SHA1 c7fc6056db86e72baf40dd175c7e7cd6ea407c29
SHA256 b2b42576b9f77a97a3f647fbfdbb2533672a51d417a9f9a8ae15d194899feaf8
ssdeep
768:tED8t70JTXSUFZCioKZerMU4qBxRavYqsV3vb08o6yO0RWodVxN24XrIEp4Nyg:6DjCioKe74Mxgvu3483yO0RWE42rzg

File size 43.2 KB ( 44249 bytes )
File type PDF
Magic literal
PDF document, version 1.4

TrID Adobe Portable Document Format (100.0%)
Tags
pdf file-embedded attachment js-embedded

VirusTotal metadata
First submission 2015-08-11 08:16:29 UTC ( 1 year, 9 months ago )
Last submission 2016-04-08 15:21:56 UTC ( 1 year, 1 month ago )
File names DirectDebit Invoice_5262307_011220140151449702826.pdf
Shipping Labels (938854744923).pdf
dba480dad51f3da2ad9774f8c551216c
Shipping Labels (938854744923).pdf
61d849d2853569a5b7ed89d4ff362c9e
b2b42576b9f77a97a3f647fbfdbb2533672a51d417a9f9a8ae15d194899feaf8.pdf.000
Shipping Labels (938854744923).pdf.pdf
ExifTool file metadata
MIMEType
application/pdf

ModifyDate
2015:08:11 10:50:28+03:00

Producer
iTextSharp 5.5.5 2000-2014 iText Group NV (AGPL-version)

PageCount
1

FileType
PDF

Linearized
No

FileTypeExtension
pdf

PDFVersion
1.4

CreateDate
2015:08:11 10:50:28+03:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!