× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ff12998983a0a3a753aa808b3d635ddafaf555fb18e4b7fcc35b9087cc6b534f
File name: Kindle.pdf
Detection ratio: 26 / 46
Analysis date: 2013-05-07 23:12:26 UTC ( 11 months, 2 weeks ago )
Antivirus Result Update
AVG Exploit_c.XFU 20130508
AntiVir EXP/Pidief.egs 20130508
Avast JS:Pdfka-gen [Expl] 20130508
BitDefender PDF:Exploit.PDF-JS.ZB 20130508
Commtouch JS/Pdfka.KO 20130507
Comodo Exploit.JS.Pdfka.QV 20130507
DrWeb Exploit.PDF.4652 20130508
ESET-NOD32 JS/Exploit.Pdfka.QEV 20130507
Emsisoft PDF:Exploit.PDF-JS.ZB (B) 20130508
F-Prot JS/Pdfka.KO 20130507
F-Secure PDF:Exploit.PDF-JS.ZB 20130507
Fortinet PDF/Pdfka.QEV!tr 20130508
GData PDF:Exploit.PDF-JS.ZB 20130508
Ikarus Exploit.Win32.CVE-2010-0188 20130507
Kaspersky HEUR:Exploit.Script.Generic 20130507
McAfee PDF/Blacole-FHJ!53C90140FDE5 20130508
McAfee-GW-Edition PDF/Blacole-FHJ!53C90140FDE5 20130507
MicroWorld-eScan PDF:Exploit.PDF-JS.ZB 20130508
Microsoft Exploit:Win32/CVE-2010-0188 20130508
NANO-Antivirus Exploit.Script.Pdfka.btvxj 20130507
Norman CVE_2010_0188.JS 20130507
Sophos Troj/PDFEx-GX 20130508
TrendMicro TROJ_PIDIEF.SMAL 20130508
TrendMicro-HouseCall TROJ_PIDIEF.SMAL 20130507
VIPRE Exploit.AdobeReader.gen (v) 20130508
nProtect PDF:Exploit.PDF-JS.ZB 20130507
Agnitum 20130507
AhnLab-V3 20130507
Antiy-AVL 20130507
ByteHero 20130425
CAT-QuickHeal 20130506
ClamAV 20130507
Jiangmin 20130507
K7AntiVirus 20130506
K7GW 20130506
Kingsoft 20130506
Malwarebytes 20130507
PCTools 20130507
Panda 20130507
SUPERAntiSpyware 20130508
Symantec 20130507
TheHacker 20130507
TotalDefense 20130507
VBA32 20130507
ViRobot 20130507
eSafe 20130501
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.6.
PDFiD information
This PDF document contains at least one embedded file. Embedded files can be used in conjunction with launch actions in order to run malicious executables in the machine viewing the PDF.
This PDF document has an invalid cross reference table.
This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers.
This PDF document has 2 pages, please note that most malicious PDFs have only one page.
This PDF document has 26 object start declarations and 26 object end declarations.
This PDF document has 12 stream object start declarations and 12 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

PDFVersion
1.6

FileType
PDF

Linearized
No

FileAccessDate
2013:05:08 00:12:55+01:00

Warning
Invalid xref table

FileCreateDate
2013:05:08 00:12:55+01:00

File identification
MD5 53c90140fde593713efe6298547ff205
SHA1 995717ddfd5862cc73e8469e5b406177a15c5402
SHA256 ff12998983a0a3a753aa808b3d635ddafaf555fb18e4b7fcc35b9087cc6b534f
ssdeep
192:HhZjYnwAO9Gw/vqvQNi/60un/TILpNgqF0YTZGpDs62XYsDAentjGz0Z:HhZEwAO9GUUQi/60G7IdNgqFto5srHRP

File size 9.6 KB ( 9798 bytes )
File type PDF
Magic literal
PDF document, version 1.6

TrID Adobe Portable Document Format (100.0%)
Tags
exploit pdf invalid-xref acroform file-embedded cve-2010-0188

VirusTotal metadata
First submission 2013-05-07 23:12:26 UTC ( 11 months, 2 weeks ago )
Last submission 2013-05-07 23:12:26 UTC ( 11 months, 2 weeks ago )
File names Kindle.pdf
ExifTool file metadata
MIMEType
application/pdf

PDFVersion
1.6

FileType
PDF

Linearized
No

FileAccessDate
2013:05:08 00:12:55+01:00

Warning
Invalid xref table

FileCreateDate
2013:05:08 00:12:55+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!