PDFExaminer
Recent PDF malware detections. +Submit one
| MD5 | filename | size | severity | js | flash | embed | encrypt | |
|---|---|---|---|---|---|---|---|---|
| 73e8f3bb63b16e5830528d226fbc9998 view report | 73e8f3bb63b16e5830528d226fbc9998.stream | 36407 | 30 | |||||
31.0@2452: pdf.exploit fontfile SING table overflow CVE-2010-2883 generic | ||||||||
| 0b27937125637ed7c41fd7750e9d0704 view report | 123132.pdfx | 5508 | 12 | J | ||||
8.0@955: suspicious.obfuscation using unescape 8.0@955: suspicious.javascript in XFA block 8.0@955: suspicious.warning: object contains JavaScript | ||||||||
| 51c0b7eaa1c5dd6b17e462a6de9cdd7a view report | 00000790_1.xxx | 23122 | 13 | J | ||||
43.0@14738: suspicious.javascript in XFA block 43.0@14738: suspicious.obfuscation using String.fromCharCode 43.0@14738: suspicious.warning: object contains JavaScript | ||||||||
| 29fc1626c9ce0c46172e05206719f5a9 view report | calcCoolType.pdf | 46620 | 26 | J | ||||
10.0@1038: pdf.exploit fontfile SING table overflow CVE-2010-2883 A 12.0@41497: suspicious.obfuscation using unescape 12.0@41497: suspicious.obfuscation using substring 12.0@41497: suspicious.string heap spray shellcode 12.0@41497: suspicious.string shellcode 12.0@41497: suspicious.warning: object contains JavaScript | ||||||||
| d67b250c0d7f5a82623414109d874de7 view report | 00038086.xxx | 112741 | 19 | J | E | |||
118.0@108175: suspicious.obfuscation using eval 118.0@108175: suspicious.obfuscation using String.fromCharCode 118.0@108175: suspicious.obfuscation using substring 118.0@108175: pdf.suspicious util.printd used to fill buffers 118.0@108175: suspicious.warning: object contains JavaScript | ||||||||
| b34ca19dbccd3552906f810255da7d9f view report | 39d9d2133a1b184063fb7db073ac851f5d0b | 6046 | 17 | J | ||||
8.0@914: suspicious.javascript in XFA block 8.0@914: suspicious.obfuscation using eval 8.0@914: suspicious.obfuscation using String.replace 8.0@914: suspicious.obfuscation using substring 8.0@914: suspicious.warning: object contains JavaScript | ||||||||
| 4411b3f3b7ce78580f5a619aba7accb7 view report | 00038700.xxx | 113447 | 12 | J | ||||
168.0@1137: suspicious.warning: object contains JavaScript 169.0@1615: suspicious.warning: object contains JavaScript 170.0@1962: suspicious.warning: object contains JavaScript 7.0@95037: suspicious.javascript in XFA block 7.0@95037: suspicious.warning: object contains JavaScript | ||||||||
| 07786908ba5ea0838a6e941028651db7 view report | CVE-2010-0188_PDF_07786908BA5EA0838A6E941028651DB7 | 3501 | 16 | J | ||||
5.0@380: shellcode.hash ExitProcess 5.0@380: shellcode.hash LoadLibraryA 5.0@380: shellcode.hash WinExec 5.0@380: shellcode.hash URLDownloadToFileA 5.0@380: suspicious.shellcode NOP Sled 11.0@2847: suspicious.warning: object contains JavaScript | ||||||||
| d4205798f3bb9790bb44b603c79f08dd view report | 00037408.xxx | 42580 | 95 | J | ||||
17.0@2949: suspicious.warning: object contains JavaScript 19.0@3092: suspicious.warning: object contains JavaScript 21.0@3222: suspicious.warning: object contains JavaScript 23.0@3352: suspicious.warning: object contains JavaScript 30.0@4049: suspicious.warning: object contains JavaScript 32.0@4192: suspicious.warning: object contains JavaScript 34.0@4322: suspicious.warning: object contains JavaScript 66.0@6893: suspicious.obfuscation using String.fromCharCode 66.0@6893: suspicious.warning: object contains JavaScript 68.0@7473: suspicious.warning: object contains JavaScript 70.0@10042: suspicious.obfuscation toString 70.0@10042: suspicious.obfuscation using substr 70.0@10042: suspicious.obfuscation using String.replace 70.0@10042: suspicious.warning: object contains JavaScript 72.0@11824: suspicious.obfuscation toString 72.0@11824: suspicious.obfuscation using substr 72.0@11824: suspicious.warning: object contains JavaScript 74.0@12813: suspicious.obfuscation toString 74.0@12813: suspicious.warning: object contains JavaScript 76.0@13283: suspicious.obfuscation toString 76.0@13283: suspicious.obfuscation using String.replace 76.0@13283: suspicious.warning: object contains JavaScript 78.0@17184: suspicious.obfuscation toString 78.0@17184: suspicious.obfuscation using String.replace 78.0@17184: suspicious.warning: object contains JavaScript 80.0@18889: suspicious.obfuscation toString 80.0@18889: suspicious.obfuscation using String.replace 80.0@18889: suspicious.warning: object contains JavaScript 82.0@20604: suspicious.obfuscation toString 82.0@20604: suspicious.warning: object contains JavaScript 84.0@22216: suspicious.warning: object contains JavaScript 86.0@24099: suspicious.obfuscation using eval 86.0@24099: suspicious.obfuscation toString 86.0@24099: suspicious.warning: object contains JavaScript 88.0@28702: suspicious.obfuscation using eval 88.0@28702: suspicious.warning: object contains JavaScript 90.0@30997: suspicious.obfuscation toString 90.0@30997: suspicious.obfuscation using String.replace 90.0@30997: suspicious.warning: object contains JavaScript 92.0@32019: suspicious.warning: object contains JavaScript 94.0@32296: suspicious.obfuscation using eval 94.0@32296: suspicious.warning: object contains JavaScript 96.0@32825: suspicious.obfuscation toString 96.0@32825: suspicious.warning: object contains JavaScript 98.0@36102: suspicious.warning: object contains JavaScript 100.0@36571: suspicious.warning: object contains JavaScript | ||||||||
| 372a6a67b8ba9cc89f0afe32b204711c view report | 00035100.xxx | 79452 | 19 | J | E | |||
138.0@73508: suspicious.obfuscation using eval 138.0@73508: suspicious.obfuscation using String.fromCharCode 138.0@73508: suspicious.obfuscation using substring 138.0@73508: pdf.suspicious util.printd used to fill buffers 138.0@73508: suspicious.warning: object contains JavaScript | ||||||||
| 2d7e9e39f89a0236de7557d15d068b54 view report | 00032481.xxx | 589454 | 19 | J | E | |||
1239.0@30281: suspicious.obfuscation using eval 1239.0@30281: suspicious.obfuscation using String.fromCharCode 1239.0@30281: suspicious.obfuscation using substring 1239.0@30281: pdf.suspicious util.printd used to fill buffers 1239.0@30281: suspicious.warning: object contains JavaScript | ||||||||
| 4b1064bcd2d13122889e9519922a0abb view report | 00032165.xxx | 55318 | 6 | J | ||||
36.0@52966: suspicious.obfuscation using unescape 36.0@52966: suspicious.warning: object contains JavaScript | ||||||||
| 275b4df2cf01267c0a9626470e1debca view report | 00030704.xxx | 64635 | 19 | J | E | |||
86.0@59754: suspicious.obfuscation using eval 86.0@59754: suspicious.obfuscation using String.fromCharCode 86.0@59754: suspicious.obfuscation using substring 86.0@59754: pdf.suspicious util.printd used to fill buffers 86.0@59754: suspicious.warning: object contains JavaScript | ||||||||
| ace477e91035ae9f84343b098335a9b8 view report | 00026922.xxx | 1488849 | 19 | J | E | |||
390.0@55557: suspicious.obfuscation using eval 390.0@55557: suspicious.obfuscation using String.fromCharCode 390.0@55557: suspicious.obfuscation using substring 390.0@55557: pdf.suspicious util.printd used to fill buffers 390.0@55557: suspicious.warning: object contains JavaScript | ||||||||
| 0aaaf60ba9a50f41ea5fea516ddca41e view report | 00022606.xxx | 52144 | 19 | J | E | |||
100.0@28465: suspicious.obfuscation using eval 100.0@28465: suspicious.obfuscation using String.fromCharCode 100.0@28465: suspicious.obfuscation using substring 100.0@28465: pdf.suspicious util.printd used to fill buffers 100.0@28465: suspicious.warning: object contains JavaScript | ||||||||