PDFExaminer


Recent PDF malware detections. This list is delayed 2 weeks. +Submit one

MD5filenamesizeseverityjsflashembedencrypt
084cc7ecb27f84459cc2189082d602b1 view report 4bf2660e286049cc15a72756bcbc2fc6dfbc7e4d9b5087de8742b67f183d844b 47327 26 J      
10.0@1010: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
12.0@41442: suspicious.obfuscation using unescape
12.0@41442: suspicious.obfuscation using substring
12.0@41442: suspicious.string heap spray shellcode
12.0@41442: suspicious.string shellcode
12.0@41442: suspicious.warning: object contains JavaScript
01360a51d0756c70efa3a8eaf942ab90 view report 649d4545daa71704cde3eb17b5c48739645b147de76c26cd8f9775bf3fac32e5 45898 26 J      
10.0@992: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
12.0@41426: suspicious.obfuscation using unescape
12.0@41426: suspicious.obfuscation using substring
12.0@41426: suspicious.string heap spray shellcode
12.0@41426: suspicious.string shellcode
12.0@41426: suspicious.warning: object contains JavaScript
8430f5d927a93451bc2a05ee56f4f89d view report fcb2b19261558c842d55e92c246360765a25e8e4f903c52e10636bf98cbca0da 45802 29 J      
10.0@760: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
12.0@41146: suspicious.obfuscation using unescape
12.0@41146: suspicious.obfuscation using substring
12.0@41146: suspicious.string Shellcode NOP sled
12.0@41146: suspicious.string heap spray shellcode
12.0@41146: suspicious.string shellcode
12.0@41146: suspicious.warning: object contains JavaScript
8531a183eadab93422edc20896406645 view report 65f32991252a9008129ee593482d915b784997a1eddf64e1ba4de3e360516e20 49860 17 J      
10.0@758: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
12.0@37893: suspicious.obfuscation using String.replace
12.0@37893: suspicious.warning: object contains JavaScript
17.0@39451: suspicious.string nopblock
17.0@39451: suspicious.obfuscation using String.replace
17.0@39451: suspicious.string -shellcode-
76b2e234e8b2d344e1b11f4ff0a3b370 view report 8f00d3d54ebc73c4c1fcdb5013440d6775f1cd21ad86ec376fc0da4569108613 47438 26 J     E
10.0@859: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
12.0@41273: suspicious.obfuscation using unescape
12.0@41273: suspicious.obfuscation using substring
12.0@41273: suspicious.string heap spray shellcode
12.0@41273: suspicious.string shellcode
12.0@41273: suspicious.warning: object contains JavaScript
ac342fda76ff4e41b23f6147544a43c6 view report de30552ca136ee5ed234862d7497cf78e5e04458aa8d64a89f750eba18aeb69f 46559 26 J      
10.0@1006: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
12.0@41433: suspicious.obfuscation using unescape
12.0@41433: suspicious.obfuscation using substring
12.0@41433: suspicious.string heap spray shellcode
12.0@41433: suspicious.string shellcode
12.0@41433: suspicious.warning: object contains JavaScript
609c17b0b75ab3ea0d8075460c538ba8 view report a50c19966864fe025bb6e5757b2988079e215a43bc0e87c6cbb81c84d1f8445c 15092 17 J      
1.0@5229: suspicious.obfuscation using unescape
1.0@5229: suspicious.javascript in XFA block
1.0@5229: suspicious.obfuscation using substr
1.0@5229: suspicious.warning: object contains JavaScript
cf039fa6ccc9046b4d95a9a335bbd7f0 view report 8f3d0a1ad78326d9d9cee4b1bf4b90c34d8cdbbab37492fb0ddf00807010e826 5695 88 J      
5.0@364: suspicious.obfuscation using unescape
5.0@364: suspicious.obfuscation using substring
5.0@364: suspicious.string -HeapSpray-
5.0@364: suspicious.string -shellcode-
5.0@364: pdf.exploit ToolButton use-after-free CVE-2013-3346
5.0@364: pdf.exploit ToolButton use-after-free CVE-2013-3446
5.0@364: suspicious.javascript addToolButton
5.0@364: suspicious.warning: object contains JavaScript
cve_2013_3346
2cd4ce4e05b4b6c47a019f57958bf13b view report 37604ffb1647461dd6a0d230f2456e15d3b903cac505622061c0cc142f1b3035 11901 95   F    
20.0@3330: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
20.0@3330: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
26.0@4789: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
26.0@4789: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
35.0@6271: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
49.0@9014: suspicious.flash Adobe Shockwave Flash in a PDF define obj type
50.0@9568: suspicious.flash Embedded Flash
466da293089accaaed456572a50ad9e6 view report 097da15b662ce84610daf1d29bc566a2362bd2094073993cd7347a5f92464140 6334 90        
26.0@1162: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
26.0@1162: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
35.0@2191: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
68.0@3618: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
68.0@3618: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
5d121920c7e0d297433f65939b178517 view report b0d7c46e1dd17841180f3d07fcaffd90e0df72f2ea76b8e92db2120597ea4d8d 8552 94        
12.0@1618: suspicious.flash Embedded Flash define obj
20.0@4185: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
20.0@4185: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
26.0@5645: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
26.0@5645: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
35.0@7128: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
7f517458f245d2a6b700a663750aefb8 view report 2c99b9ccb75bdb7ca4213ffba2a2de5c3f8dc8b88c2f1cd5190e75e686334d1f 183342 80        
58.0@14730: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
58.0@14730: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
59.0@98259: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
59.0@98259: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
794253599eceb2fde9d308caf3fea139 view report a7c9821da5d7bd54d0784f7f9e1166b015cd33ceca791986f4f051085eed334f 183577 80        
58.0@14730: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
58.0@14730: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
59.0@98381: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
59.0@98381: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
8949fdee27192445183e3dca41f1a56f view report e759227edee1ddc9bff5f405f07cd4245d881745b6c3b3fc06ae90b8c789fd46 49959 40        
59.0@8571: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
59.0@8571: pdf.exploit fontfile SING table overflow CVE-2010-2883 A
17de557efb365a35c6c09a7f61a7db30 view report e2e3fef0b8cd9871fc526e8f53cbaddfcc23cf6b50dbc6afb5bcb594104ddcb2 50079 40        
59.0@8691: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic
59.0@8691: pdf.exploit fontfile SING table overflow CVE-2010-2883 A