Malware Tracker Malware Tracker [static + dynamic analysis]

Login

PDFExaminer


Recent PDF malware detections. This list is delayed 2 weeks. +Submit one

MD5filenamesizeseverityjsflashembedencrypt
5d62d2c6d1964431b25472c0bd5340bf view report 95d6ac976a7c480ef6477607de3d7c575c3b1dc8f673ee6458a22f2b3b4053c2 3851752 6 J     E
2384.0@2165: suspicious.warning: object contains JavaScript
1326.0@3828594: suspicious.warning: object contains JavaScript
1327.0@3829409: suspicious.warning: object contains JavaScript
1328.0@3830881: suspicious.warning: object contains JavaScript
1329.0@3831696: suspicious.warning: object contains JavaScript
1339.0@3843612: suspicious.warning: object contains JavaScript
fb48b838b40ae803f4d9d1bea45f75da view report 0666fa252c668ae390c0064f0495d7b1224d7c772db70d6def0004ef838d9563 7148 49 J      
6.0@433: suspicious.obfuscation using unescape
6.0@433: suspicious.obfuscation using substring
6.0@433: pdf.exploit util.printf CVE-2008-2992
6.0@433: suspicious.warning: object contains JavaScript
06da58d1f223d82fe80c8139f3486a32 view report 8fb014ad4a52a5aabc20acc158e9bc1a94dac1697c0c2e365a3782b5e6a72c30 5638 89 J      
5.0@352: suspicious.obfuscation using unescape
5.0@352: suspicious.obfuscation using substring
5.0@352: suspicious.string -HeapSpray-
5.0@352: suspicious.string -shellcode-
5.0@352: pdf.exploit ToolButton use-after-free CVE-2014-0496
5.0@352: suspicious.javascript addToolButton
5.0@352: suspicious.warning: object contains JavaScript
7.0@4983: suspicious.warning: object contains JavaScript
cve_2013_3346
c8ca03b477147127d7a10e91022f3a92 view report 4d0028ea70a39fe665f5c7feb4fed1a9a9e4ebd0aef5c7f1fea46fa0f8b5d0da 397808 62 J      
449.0@59670: suspicious.warning: object contains JavaScript
451.0@64943: suspicious.warning: object contains JavaScript
453.0@70193: suspicious.warning: object contains JavaScript
455.0@74695: suspicious.warning: object contains JavaScript
457.0@80094: suspicious.warning: object contains JavaScript
459.0@85313: suspicious.warning: object contains JavaScript
461.0@90791: suspicious.warning: object contains JavaScript
463.0@96512: suspicious.warning: object contains JavaScript
465.0@101141: suspicious.warning: object contains JavaScript
467.0@105551: suspicious.warning: object contains JavaScript
469.0@109774: suspicious.warning: object contains JavaScript
471.0@115342: suspicious.warning: object contains JavaScript
473.0@120954: suspicious.warning: object contains JavaScript
475.0@126265: suspicious.warning: object contains JavaScript
477.0@130861: suspicious.warning: object contains JavaScript
479.0@135823: suspicious.warning: object contains JavaScript
481.0@141755: suspicious.warning: object contains JavaScript
483.0@146865: suspicious.warning: object contains JavaScript
485.0@151444: suspicious.warning: object contains JavaScript
487.0@156818: suspicious.warning: object contains JavaScript
489.0@161590: suspicious.warning: object contains JavaScript
491.0@165707: suspicious.warning: object contains JavaScript
493.0@171229: suspicious.warning: object contains JavaScript
495.0@176549: suspicious.warning: object contains JavaScript
497.0@181554: suspicious.warning: object contains JavaScript
499.0@186170: suspicious.warning: object contains JavaScript
501.0@192273: suspicious.warning: object contains JavaScript
503.0@198132: suspicious.warning: object contains JavaScript
505.0@204386: suspicious.warning: object contains JavaScript
507.0@210105: suspicious.warning: object contains JavaScript
509.0@215701: suspicious.warning: object contains JavaScript
511.0@220195: suspicious.warning: object contains JavaScript
513.0@226020: suspicious.warning: object contains JavaScript
515.0@231448: suspicious.warning: object contains JavaScript
517.0@236377: suspicious.warning: object contains JavaScript
519.0@241228: suspicious.warning: object contains JavaScript
521.0@246483: suspicious.warning: object contains JavaScript
523.0@251620: suspicious.warning: object contains JavaScript
525.0@256230: suspicious.warning: object contains JavaScript
527.0@261707: suspicious.warning: object contains JavaScript
529.0@266116: suspicious.warning: object contains JavaScript
531.0@270802: suspicious.warning: object contains JavaScript
533.0@275842: suspicious.warning: object contains JavaScript
535.0@280566: suspicious.warning: object contains JavaScript
537.0@287808: suspicious.warning: object contains JavaScript
539.0@293742: suspicious.warning: object contains JavaScript
541.0@300536: suspicious.warning: object contains JavaScript
543.0@306425: suspicious.warning: object contains JavaScript
545.0@311957: suspicious.warning: object contains JavaScript
547.0@316974: suspicious.warning: object contains JavaScript
549.0@321752: suspicious.warning: object contains JavaScript
551.0@326393: suspicious.warning: object contains JavaScript
553.0@331807: suspicious.warning: object contains JavaScript
555.0@337717: suspicious.warning: object contains JavaScript
557.0@343565: suspicious.warning: object contains JavaScript
559.0@348905: suspicious.warning: object contains JavaScript
561.0@353611: suspicious.warning: object contains JavaScript
563.0@359256: suspicious.warning: object contains JavaScript
565.0@364537: suspicious.warning: object contains JavaScript
567.0@370011: suspicious.warning: object contains JavaScript
569.0@375913: suspicious.warning: object contains JavaScript
585.0@382577: suspicious.warning: object contains JavaScript
7ebce24f9c1c02c9333c41d15dc63f3f view report The Seven Principles for Making Marriage Work.pdf 1453443 4 J      
578.0@1429879: suspicious.warning: object contains JavaScript
579.0@1431301: suspicious.warning: object contains JavaScript
586.0@1439778: suspicious.warning: object contains JavaScript
586.0@1446544: suspicious.warning: object contains JavaScript
6cd627950eabdf4ad8263fd484f94bba view report 4b3aa6f61a48c018d9f725da05917a6da5044377e034a66df7ab86a7bd62c791 334006 10 J      
13.0@209358: suspicious.warning: object contains JavaScript
19.0@236175: suspicious.warning: object contains JavaScript
23.0@241402: suspicious.obfuscation using eval
25.0@308638: suspicious.obfuscation using eval
680ea9bdb9e8aa6cd488ffc03712a210 view report 4f79e3bdfc2f9bb5dd2463ddb0b96bf5e1ff91f6311a9d3499a6fa62be3ec51f 334006 10 J      
13.0@209358: suspicious.warning: object contains JavaScript
19.0@236175: suspicious.warning: object contains JavaScript
23.0@241402: suspicious.obfuscation using eval
25.0@308638: suspicious.obfuscation using eval
34d1b55310e104fb31fea8227d17b1a2 view report 5c0803d08b317c5664443520ce87032184095e737e68077a0f338a472b16ad87 334006 10 J      
13.0@209358: suspicious.warning: object contains JavaScript
19.0@236175: suspicious.warning: object contains JavaScript
23.0@241402: suspicious.obfuscation using eval
25.0@308638: suspicious.obfuscation using eval
0dd2f4fe553f3061f40af471c3ced213 view report 0289e5264dac3a569316a36c27078aa65a8df696408a383f201b9f1d7434ec48 334006 10 J      
13.0@209358: suspicious.warning: object contains JavaScript
19.0@236175: suspicious.warning: object contains JavaScript
23.0@241402: suspicious.obfuscation using eval
25.0@308638: suspicious.obfuscation using eval
37cd0066334085244ad7ca48b16d7c03 view report babeec531a9e45d8ef843a57c53ce19f9e676ecf9b72595ddfc2e687ce131783 346183 6 J      
13.0@209545: suspicious.warning: object contains JavaScript
19.0@236362: suspicious.warning: object contains JavaScript
23.0@241589: suspicious.obfuscation using eval
aa1c15e8d4bcdb7fcff8aac770cf5194 view report 008986bb15610e18e91d24226a29fb089a5112da455ebf932bb613a18f176c00 511926 6 J      
15.0@209142: suspicious.warning: object contains JavaScript
21.0@235960: suspicious.warning: object contains JavaScript
25.0@241187: suspicious.obfuscation using eval
38c32a1e82fcec436d6bc89ad4000749 view report 826b85b09973be6f8e96aa34ba2aadbff255939e034d9b09c564ed0da2d2b20a 247622 4 J      
11.0@209742: suspicious.warning: object contains JavaScript
17.0@236559: suspicious.warning: object contains JavaScript
0.0@242816: suspicious.obfuscation using eval
0.0@242816: suspicious.obfuscation using String.fromCharCode
-1.-1@242887: suspicious.warning: end of file contains content
c2ee314d61f324e66958cac6fb7db864 view report fb976711de696d43d280d24adf426b80133ba651bc39f363ab7c0a9703809a53 346183 6 J      
13.0@209545: suspicious.warning: object contains JavaScript
19.0@236362: suspicious.warning: object contains JavaScript
23.0@241589: suspicious.obfuscation using eval
101577a2c87bac17f1581760993b23c3 view report e0438bc1567c1057d4d00cb0f7bb44bb4b4d941bab9aa154ee2e99c79533ac7f 358470 14 J      
15.0@212012: suspicious.warning: object contains JavaScript
21.0@238830: suspicious.warning: object contains JavaScript
25.0@244057: suspicious.obfuscation using eval
26.0@248520: suspicious.obfuscation using eval
27.0@311974: suspicious.obfuscation using eval
2275b52a04b90eb56784cf7492522e94 view report 01a8ff6ae3c610e9a40c4e5b6cce1e71965d581f2898a78a81f7827a7cd97f2a 334006 10 J      
13.0@209358: suspicious.warning: object contains JavaScript
19.0@236175: suspicious.warning: object contains JavaScript
23.0@241402: suspicious.obfuscation using eval
25.0@308638: suspicious.obfuscation using eval