× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d9a96d193f63cefb3380ed5a7ec10e401dd46ca0d9e11a6a019574e058c89fcc
File name: A4 Inv_Crd 311487.pdf
Detection ratio: 23 / 56
Analysis date: 2017-06-06 08:43:19 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
AhnLab-V3 PDF/Expod.Gen 20170605
Avast Other:Malware-gen [Trj] 20170606
Avira (no cloud) W97M/Agent.7510415 20170606
CAT-QuickHeal JS.Nemucod.DQO 20170606
Cyren PP97M/Downldr 20170606
DrWeb W97M.DownLoader.1772 20170606
ESET-NOD32 PDF/TrojanDropper.Agent.AI 20170606
F-Prot New or modified PP97M/Downldr 20170606
F-Secure Trojan-Dropper:JS/PdfDropper.A 20170606
Fortinet PDF/Agent.F40B!tr.dldr 20170606
GData PDF.Trojan.Agent.5FOX40 20170606
Kaspersky HEUR:Trojan-Downloader.Script.Generic 20170606
McAfee Artemis!AAA7A53DE29D 20170606
McAfee-GW-Edition Artemis 20170605
Microsoft TrojanDownloader:O97M/Donoff 20170606
Panda O97M/Downloader 20170605
Qihoo-360 virus.office.obfuscated.1 20170606
Rising Downloader.Generic!8.141 (cloud:Ndc2Zy8mFON) 20170606
Sophos AV Troj/PDFDoc-K 20170606
Symantec Trojan.Pidief 20170606
TrendMicro PDF_DOCDROP.YYTAJ 20170606
TrendMicro-HouseCall PDF_DOCDROP.YYTAJ 20170606
ZoneAlarm by Check Point HEUR:Trojan-Downloader.Script.Generic 20170606
Ad-Aware 20170606
AegisLab 20170606
Alibaba 20170606
ALYac 20170606
Antiy-AVL 20170606
Arcabit 20170606
AVG 20170606
AVware 20170606
Baidu 20170601
BitDefender 20170606
Bkav 20170605
ClamAV 20170605
CMC 20170606
Comodo 20170606
CrowdStrike Falcon (ML) 20170420
Emsisoft 20170606
Endgame 20170515
Ikarus 20170606
Sophos ML 20170604
Jiangmin 20170606
K7AntiVirus 20170606
K7GW 20170606
Kingsoft 20170606
Malwarebytes 20170606
eScan 20170606
NANO-Antivirus 20170606
nProtect 20170606
Palo Alto Networks (Known Signatures) 20170606
SentinelOne (Static ML) 20170516
SUPERAntiSpyware 20170606
Symantec Mobile Insight 20170605
Tencent 20170606
TheHacker 20170605
Trustlook 20170606
VBA32 20170605
VIPRE 20170606
ViRobot 20170606
Webroot 20170606
WhiteArmor 20170601
Yandex 20170606
Zillya 20170605
Zoner 20170606
The file being studied is a PDF document! The document's header reveals it is using the following file format specification: %PDF-1.4.
PDFiD information
This PDF file contains 2 JavaScript blocks. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent.
This PDF file contains an open action to be performed when the document is viewed. Malicious PDF documents with JavaScript very often use open actions to launch the JavaScript without user interaction.
The combination of automatic actions and JavaScript makes this PDF document suspicious.
This PDF document contains at least one embedded file. Embedded files can be used in conjunction with launch actions in order to run malicious executables in the machine viewing the PDF.
This PDF document has 1 page, please note that most malicious PDFs have only one page.
This PDF document has 12 object start declarations and 12 object end declarations.
This PDF document has 4 stream object start declarations and 4 stream object end declarations.
This PDF document has a cross reference table (xref).
This PDF document has a pointer to the cross reference table (startxref).
This PDF document has a trailer dictionary containing entries allowing the cross reference table, and thus the file objects, to be read.
ExifTool file metadata
MIMEType
application/pdf

ModifyDate
2017:06:05 11:43:50+03:00

Producer
iTextSharp 5.5.10 2000-2016 iText Group NV (AGPL-version)

PageCount
1

FileType
PDF

Linearized
No

FileTypeExtension
pdf

PDFVersion
1.4

CreateDate
2017:06:05 11:43:50+03:00

File identification
MD5 aaa7a53de29dc9cd175c1b6cfad897d1
SHA1 76f9512f840e32930763afa3ce013a8459b0f255
SHA256 d9a96d193f63cefb3380ed5a7ec10e401dd46ca0d9e11a6a019574e058c89fcc
ssdeep
1536:dPCMlY1AMZ1bkeMey7y0dlQd+B79ak7CM+/C/lJXtD4Z:dPCMlY1N1bieAy2X7r7CL/C/l34Z

File size 67.7 KB ( 69289 bytes )
File type PDF
Magic literal
PDF document, version 1.4

TrID Adobe Portable Document Format (100.0%)
Tags
pdf js-embedded file-embedded attachment autoaction

VirusTotal metadata
First submission 2017-06-05 09:23:13 UTC ( 1 month, 3 weeks ago )
Last submission 2017-06-06 08:43:19 UTC ( 1 month, 3 weeks ago )
File names A4 Inv_Crd 6698.pdf
A4 Inv_Crd 311487.pdf
A4 Inv_Crd 91511.pdf
A4 Inv_Crd 56238.pdf
A4 Inv_Crd 914605.pdf
ExifTool file metadata
MIMEType
application/pdf

ModifyDate
2017:06:05 11:43:50+03:00

Producer
iTextSharp 5.5.10 2000-2016 iText Group NV (AGPL-version)

PageCount
1

FileType
PDF

Linearized
No

FileTypeExtension
pdf

PDFVersion
1.4

CreateDate
2017:06:05 11:43:50+03:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!