PDFExaminer


Recent PDF malware detections. This list is delayed 2 weeks. +Submit one

MD5filenamesizeseverityjsflashembedencrypt
f908a5e8659c82a1663610d533662869 view report b32deb445b4fa8e54266c6f6a1a78bf60edeadd1b93423262a2f7de74eea0c4d:.pdf: 75560 2        
5.0@1190: suspicious.embedded external content
6.0@1466: suspicious.embedded external content
e5bd8b72ca0e4f8eb7d7f81f3aab2ca8 view report be2c287ff0ae45987fe4caf15800a28091fb3cf047f891526a5182665e1b4c01:.pdf: 75034 2        
5.0@1190: suspicious.embedded external content
6.0@1466: suspicious.embedded external content
318ce3e7f9e63fb2239abbb5de9171ab view report 519af0c505d2f2b0669dbec68cc18803878dd9d30456e0a9b4443e27de6154f4:318ce3e7f9e63fb2239abbb5de9171ab.1: 151084 32 J      
12.0@798: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
13.0@66865: suspicious.obfuscation using unescape
13.0@66865: suspicious.obfuscation using String.fromCharCode
13.0@66865: suspicious.obfuscation using String.replace
13.0@66865: suspicious.warning: object contains JavaScript
002219d3a67933cf3072b3a740d58305 view report 6c393049035623f17d3c763db67025ea0a93b934bd68e4786978f0ef2b79dc39:002219d3a67933cf3072b3a740d58305.1: 13355 17 J      
11.0@4756: suspicious.obfuscation using unescape
11.0@4756: suspicious.javascript in XFA block
11.0@4756: suspicious.obfuscation using String.replace
11.0@4756: suspicious.warning: object contains JavaScript
1b53f791f4e549d0a0e2dea3800eed6f view report 377bc7ff1dca759754179d0fe96b0044c0b35c196b3a096871854fa6d5e13ee3:.pdf: 75560 2        
5.0@1190: suspicious.embedded external content
6.0@1466: suspicious.embedded external content
2d10e9e03ae4a13b62bc2428fcf8daae view report f9fa54182ada3be2eb66941461dd8031b157782b536703fbbd83c42801508b9d:2d10e9e03ae4a13b62bc2428fcf8daae.1: 151084 32 J      
12.0@798: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
13.0@66865: suspicious.obfuscation using unescape
13.0@66865: suspicious.obfuscation using String.fromCharCode
13.0@66865: suspicious.obfuscation using String.replace
13.0@66865: suspicious.warning: object contains JavaScript
01919f4dcec1738518ef028c030a47a4 view report e9f1a7ea819994f94f684f8327c08eb9eece431bfb38972f5d7278352d133336:01919f4dcec1738518ef028c030a47a4.1: 46013 30 J      
10.0@760: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
11.0@41089: suspicious.javascript object
12.0@41146: suspicious.obfuscation using unescape
12.0@41146: suspicious.obfuscation using substring
12.0@41146: suspicious.string Shellcode NOP sled
12.0@41146: suspicious.string heap spray shellcode
12.0@41146: suspicious.string shellcode
12.0@41146: suspicious.warning: object contains JavaScript
305d91bde1ff8d8b3172644b6546a649 view report a2bede28b013b98ac2e8c769c276fa374e3a72435308a6857f2dcbd0d6909777:305d91bde1ff8d8b3172644b6546a649.1: 151084 32 J      
12.0@798: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
13.0@66865: suspicious.obfuscation using unescape
13.0@66865: suspicious.obfuscation using String.fromCharCode
13.0@66865: suspicious.obfuscation using String.replace
13.0@66865: suspicious.warning: object contains JavaScript
3209e5c4f6aecd19ba1bd83121131e87 view report d615f1a96965c8450e5dcdbcdefacd73769d352fcae57d331001fa117b383ca4:3209e5c4f6aecd19ba1bd83121131e87.1: 18301 10 J      
9.0@17669: suspicious.obfuscation using String.fromCharCode
9.0@17669: suspicious.obfuscation getAnnots access blocks
9.0@17669: suspicious.warning: object contains JavaScript
2fdcc9285a69e8935cde02b601119c45 view report e55a92eb44eab3c26859d47abf7959932a2483a2153bda593351480a68a6fe5a:2fdcc9285a69e8935cde02b601119c45.1: 151084 32 J      
12.0@798: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
13.0@66865: suspicious.obfuscation using unescape
13.0@66865: suspicious.obfuscation using String.fromCharCode
13.0@66865: suspicious.obfuscation using String.replace
13.0@66865: suspicious.warning: object contains JavaScript
2f3b7446738c421a98f7b5f433e15175 view report 0603a6d28f60ac029cf313445abc41e76781ca038d34d4d238a2f0522fa75e9d:.pdf: 72919 2        
5.0@1194: suspicious.embedded external content
6.0@1470: suspicious.embedded external content
1ed53a8ff11273abe4de63e4c9221fd4 view report 5a91e0da85b5cd15a66b9d141a01f0dcfa0331a08d96955dff0712e5d3a34d14:1ed53a8ff11273abe4de63e4c9221fd4.1: 39688 122 J      
73.0@78: suspicious.warning: object contains JavaScript
73.0@239: suspicious.warning: object contains JavaScript
73.0@9874: suspicious.obfuscation using unescape
73.0@9874: suspicious.obfuscation using String.replace
73.0@9874: suspicious.obfuscation using substring
73.0@9874: suspicious.warning: object contains JavaScript
74.0@24903: suspicious.obfuscation using substring
74.0@24903: suspicious.warning: object contains JavaScript
75.0@25581: suspicious.warning: object contains JavaScript
67.0@27790: suspicious.flash Embedded Flash define obj
82.0@29266: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
63.0@30771: suspicious.flash Embedded Flash define obj
56.0@32875: suspicious.flash Embedded Flash define obj
92.0@35134: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
92.0@35134: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
93.0@35703: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
93.0@35703: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
324d4d35e45d404f9b23e74549de7d1b view report daa64eb4d5103d485059a93b872baeba3e21ba28a799d074254921d5e92d324c:324d4d35e45d404f9b23e74549de7d1b.1: 148724 123 J      
34.0@65460: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
34.0@65460: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
44.0@138817: suspicious.obfuscation using unescape
44.0@138817: suspicious.obfuscation using charCodeAt
44.0@138817: suspicious.obfuscation toString
44.0@138817: suspicious.obfuscation using substr
44.0@138817: suspicious.obfuscation using String.fromCharCode
44.0@138817: suspicious.obfuscation using substring
44.0@138817: pdf.exploit Collab.getIcon CVE-2009-0927
44.0@138817: pdf.exploit Collab.collectEmailInfo CVE-2008-0655
44.0@138817: suspicious.warning: object contains JavaScript
2c68ad4103f4988aeea532a207e7bcd3 view report 043aacdf8a150637780eaba6cb09ddc44750d518c2dd7c722826274d41e94e4f:2c68ad4103f4988aeea532a207e7bcd3.1: 151084 32 J      
12.0@798: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
13.0@66865: suspicious.obfuscation using unescape
13.0@66865: suspicious.obfuscation using String.fromCharCode
13.0@66865: suspicious.obfuscation using String.replace
13.0@66865: suspicious.warning: object contains JavaScript
340b078f1ecf569bd70fd1d325927425 view report 8aa57fbae661e20ca08d5d98ea88198d33845db702c97a16eb2bea140ada5af1:340b078f1ecf569bd70fd1d325927425.1: 151085 32 J      
12.0@798: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
13.0@66865: suspicious.obfuscation using unescape
13.0@66865: suspicious.obfuscation using String.fromCharCode
13.0@66865: suspicious.obfuscation using String.replace
13.0@66865: suspicious.warning: object contains JavaScript