× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 508608f460aa9af69a3d2ddffbff27e6bb4e3b5d520ddd42dd5748feb0fb8693
File name: 40-6347.pdf
Detection ratio: 19 / 55
Analysis date: 2017-05-23 14:25:27 UTC ( 5 months ago ) View latest
Antivirus Result Update
AegisLab Exploit.Spamdocmacro.Gen!c 20170523
AhnLab-V3 PDF/Expod.Gen 20170523
Antiy-AVL Trojan[Downloader]/MSOffice.Agent.ab 20170523
Arcabit Exploit.SpamDocMacro.Gen 20170523
BitDefender Exploit.SpamDocMacro.Gen 20170523
CAT-QuickHeal O97M.Downloader.AJK 20170523
Emsisoft Exploit.SpamDocMacro.Gen (B) 20170523
F-Secure Exploit.SpamDocMacro.Gen 20170523
GData Exploit.SpamDocMacro.Gen 20170523
Ikarus Trojan-Downloader.VBA.Jaff 20170523
McAfee Artemis!3F07EE18D6A3 20170523
McAfee-GW-Edition W97M/Downloader.bze 20170523
eScan Exploit.SpamDocMacro.Gen 20170523
NANO-Antivirus Trojan.Ole2.Vbs-heuristic.druvzi 20170523
Panda O97M/Downloader 20170522
Qihoo-360 virus.office.obfuscated.1 20170523
Rising Heur.Macro.Downloader.d (cloud:dB0otW3GmoL) 20170523
TrendMicro HEUR_VBA.O2 20170523
ZoneAlarm by Check Point HEUR:Trojan-Downloader.Script.Generic 20170523
Ad-Aware 20170523
Alibaba 20170523
ALYac 20170523
Avast 20170523
AVG 20170523
Avira (no cloud) 20170523
AVware 20170523
Bkav 20170523
ClamAV 20170523
CMC 20170523
Comodo 20170523
CrowdStrike Falcon (ML) 20170130
Cyren 20170523
DrWeb 20170523
Endgame 20170515
ESET-NOD32 20170523
F-Prot 20170523
Fortinet 20170523
Sophos ML 20170519
Jiangmin 20170523
K7AntiVirus 20170523
K7GW 20170523
Kaspersky 20170523
Kingsoft 20170523
Malwarebytes 20170523
Microsoft 20170523
nProtect 20170523
Palo Alto Networks (Known Signatures) 20170523
SentinelOne (Static ML) 20170516
Sophos AV 20170523
SUPERAntiSpyware 20170523
Symantec 20170523
Symantec Mobile Insight 20170523
Tencent 20170523
TheHacker 20170522
TrendMicro-HouseCall 20170523
Trustlook 20170523
VBA32 20170523
VIPRE 20170523
ViRobot 20170523
Webroot 20170523
WhiteArmor 20170517
Yandex 20170518
Zillya 20170523
Zoner 20170523
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.4.
PDFiD information
This PDF file contains 23 JavaScript blocks. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent.
This PDF file contains an open action to be performed when the document is viewed. Malicious PDF documents with JavaScript very often use open actions to launch the JavaScript without user interaction.
The combination of automatic actions and JavaScript makes this PDF document suspicious.
This PDF document contains at least one embedded file. Embedded files can be used in conjunction with launch actions in order to run malicious executables in the machine viewing the PDF.
This PDF document has 1 page, please note that most malicious PDFs have only one page.
This PDF document has 36 object start declarations and 36 object end declarations.
This PDF document has 9 stream object start declarations and 9 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a pointer to the cross reference table (startxref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

ModifyDate
2017:05:23 13:08:51+03:00

Producer
iTextSharp 5.5.10 2000-2016 iText Group NV (AGPL-version)

PageCount
1

FileType
PDF

Linearized
No

FileTypeExtension
pdf

PDFVersion
1.4

CreateDate
2017:05:23 13:08:51+03:00

Compressed bundles
File identification
MD5 3f07ee18d6a3dbf1e2aa01d4920a9cac
SHA1 13b72bee0e1b68c45fdf8cf957c947223d5f49c9
SHA256 508608f460aa9af69a3d2ddffbff27e6bb4e3b5d520ddd42dd5748feb0fb8693
ssdeep
1536:Y0zK4EIjkbNRcuHlJ2JvaGqVAGuD276Jcp1Bjk+9c07Onjfhq:N24E6kbvcuFSyAGmc6qTxOnrhq

File size 60.7 KB ( 62186 bytes )
File type PDF
Magic literal
PDF document, version 1.4

TrID Adobe Portable Document Format (100.0%)
Tags
pdf js-embedded file-embedded autoaction attachment

VirusTotal metadata
First submission 2017-05-23 13:23:35 UTC ( 5 months ago )
Last submission 2017-06-02 13:14:15 UTC ( 4 months, 3 weeks ago )
File names 40-6347.pdf
508608f460aa9af69a3d2ddffbff27e6bb4e3b5d520ddd42dd5748feb0fb8693.bin
51-2935.pdf
13b2532deb259ad4842403134bce83c87b7c6b92
33-9489.pdf
__substg1.0_37010102
72-0083.pdf
98-0885.pdf
ExifTool file metadata
MIMEType
application/pdf

ModifyDate
2017:05:23 13:08:51+03:00

Producer
iTextSharp 5.5.10 2000-2016 iText Group NV (AGPL-version)

PageCount
1

FileType
PDF

Linearized
No

FileTypeExtension
pdf

PDFVersion
1.4

CreateDate
2017:05:23 13:08:51+03:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!