× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d313a689f1528d8f427b9ed22be6e8188e412b1736ba3994c6512da8fe2a8d3f
File name: 6cc2a162e08836f7d50d461a9fc136fe
Detection ratio: 22 / 49
Analysis date: 2014-03-15 21:59:26 UTC ( 3 years, 7 months ago )
Antivirus Result Update
Ad-Aware Exploit.PDF-TTF.Gen 20140315
AhnLab-V3 PDF/Exploit 20140315
AntiVir EXP/Pidief.hay 20140315
Avast JS:Pdfka-MX [Expl] 20140315
AVG Exploit_c.QTW 20140314
BitDefender Exploit.PDF-TTF.Gen 20140315
Bkav MW.Clod6cc.Trojan.2a16 20140315
DrWeb Exploit.PDF.1717 20140315
Emsisoft Exploit.PDF-TTF.Gen (B) 20140315
F-Secure Exploit.PDF-TTF.Gen 20140315
GData Exploit.PDF-TTF.Gen 20140315
Ikarus Exploit.JS.Pdfka 20140315
Kaspersky Exploit.JS.Pdfka.cyy 20140315
McAfee Artemis!6CC2A162E088 20140315
eScan Exploit.PDF-TTF.Gen 20140315
NANO-Antivirus Trojan.Script.PdfKa.bjryo 20140315
Norman Pdfjsc.BX 20140315
nProtect Trojan.PDF-JS.Gen 20140315
Rising PDF:Attention.APT-Bait.OddDocument/RDM!5.38 20140315
Sophos AV Troj/PDFJs-WT 20140315
Symantec Trojan.Gen.2 20140315
TrendMicro EXPL_EXECOD.A 20140315
Yandex 20140313
Antiy-AVL 20140315
Baidu-International 20140315
ByteHero 20140315
CAT-QuickHeal 20140315
ClamAV 20140315
CMC 20140313
Commtouch 20140315
Comodo 20140315
ESET-NOD32 20140315
F-Prot 20140315
Fortinet 20140315
Jiangmin 20140315
K7AntiVirus 20140314
K7GW 20140314
Kingsoft 20140315
Malwarebytes 20140315
McAfee-GW-Edition 20140315
Microsoft 20140315
Panda 20140315
Qihoo-360 20140302
SUPERAntiSpyware 20140315
TheHacker 20140314
TotalDefense 20140315
TrendMicro-HouseCall 20140315
VBA32 20140314
VIPRE 20140315
ViRobot 20140315
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.3.
PDFiD information
This PDF file contains 5 JavaScript blocks. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent.
This PDF file contains an open action to be performed when the document is viewed. Malicious PDF documents with JavaScript very often use open actions to launch the JavaScript without user interaction.
The combination of automatic actions and JavaScript makes this PDF document suspicious.
This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers.
This PDF document has 4 pages, please note that most malicious PDFs have only one page.
This PDF document has 28 object start declarations and 27 object end declarations.
This PDF document has 10 stream object start declarations and 10 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a pointer to the cross reference table (startxref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

PDFVersion
1.3

FileType
PDF

Linearized
No

FileAccessDate
2014:03:15 23:00:06+01:00

Warning
Error reading xref table

FileCreateDate
2014:03:15 23:00:06+01:00

File identification
MD5 6cc2a162e08836f7d50d461a9fc136fe
SHA1 a3caae91440608ffe3dcb4872c9830ad835dd036
SHA256 d313a689f1528d8f427b9ed22be6e8188e412b1736ba3994c6512da8fe2a8d3f
ssdeep
768:6MpugcvLtrSu8prfYZhJYn0HObHhJM7GC:91pbAObvMT

File size 36.4 KB ( 37290 bytes )
File type PDF
Magic literal
PDF document, version 1.3

TrID Adobe Portable Document Format (100.0%)
Tags
invalid-xref acroform js-embedded autoaction pdf

VirusTotal metadata
First submission 2010-10-18 18:07:52 UTC ( 7 years ago )
Last submission 2014-03-15 21:59:26 UTC ( 3 years, 7 months ago )
File names aa
6cc2a162e08836f7d50d461a9fc136fe
1uKJ.ocx
6CC2A162E08836F7D50D461A9FC136FE
test1.pdf
ZICQSd.rtf
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

ExifTool file metadata
MIMEType
application/pdf

PDFVersion
1.3

FileType
PDF

Linearized
No

FileAccessDate
2014:03:15 23:00:06+01:00

Warning
Error reading xref table

FileCreateDate
2014:03:15 23:00:06+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!