PDFExaminer


Recent PDF malware detections. This list is delayed 2 weeks. +Submit one

MD5filenamesizeseverityjsflashembedencrypt
1e73d9ededf114b737502a3e1f90703a view report 103296f2ac2b49eac7bea99c99c74a4204eb4ce09a5f1cc1060fba0cad55d250 102302 6     P  
83.0@51682: suspicious.pdf embedded PDF file
83.0@51682: suspicious.warning: object contains embedded PDF
85.0@95969: pdf.exploit execute EXE file
85.0@95969: pdf.exploit access system32 directory
85.0@95969: pdf.exploit execute action command
85.0@95969: pdf.execute exe file
85.0@95969: pdf.execute access system32 directory
-1.-1@97180: suspicious.warning: end of file contains content
a74486aee1a369a26135fce9ae8ecb85 view report 2840fbc868a6064c7d25ff81f73923013832fa7486cac149098d64bd7e3ce300 9369 5 J      
111.0@4016: suspicious.javascript in XFA block
111.0@4016: suspicious.warning: object contains JavaScript
4394b9b6b72ef14878f452b96b8725ee view report 2856f26bcc849da92f0eb8de85b9b6c7051dbc94b2fb3c8dea8b6bf5c6672c18 10015 5 J      
111.0@3961: suspicious.javascript in XFA block
111.0@3961: suspicious.warning: object contains JavaScript
38c0e105b9f0eb6b1b332a4ac4d4b352 view report 6cb1fd4382938c569bf9df18b627c4ee1a2e21beeeaaf87d5d6856afba1ad2e8 5623 5 J     E
1.0@15: suspicious.warning: object contains JavaScript
23.0@2004: suspicious.obfuscation using unescape
23.0@2004: suspicious.warning: object contains JavaScript
ca7d4d96be7757d7f6586e4a97aa3923 view report 28309f1421b88172bfafced80a9c0227b0adbe0067500cc150e90279011819bf 9356 5 J      
111.0@4016: suspicious.javascript in XFA block
111.0@4016: suspicious.warning: object contains JavaScript
1d1309114f8522974b6f3b21983f889c view report 95897aafa5749bc8d1b1bb1fb866c49d27608fcad8ac9cd93364c5d11dfdb6ba 23189 4 J      
9848.0@22391: suspicious.obfuscation using substring
9848.0@22391: suspicious.warning: object contains JavaScript
0811cce0ffdfd059883e60484895c174 view report 922046a8c9a704d5a360f7e63794583e48bbb9175a943b905fd18d4cea23d8d8 4854 2        
7.0@1019: pdf.exploit URI directory traversal
7.0@1019: pdf.exploit URI directory traversal system32
f4fc197b8562cb5ef4cc3176c059c24d view report a7a8906e333b28939fe7269e395f967ad937fdff05ae5d67249128fc448604b3 10293 4 J      
111.0@3699: suspicious.javascript in XFA block
111.0@3699: suspicious.warning: object contains JavaScript
d91da49ba354b4c48ccbf8aa10574055 view report ab67714495f4192fc32868a5ebb4146d9f18228e3bd44f73ee1b91c0c0b205ff 10384 4 J      
111.0@3699: suspicious.javascript in XFA block
111.0@3699: suspicious.warning: object contains JavaScript
f7b5acbdefb13a7f5c81062bf2d8ce80 view report 0aeea9e8197f4b4ed5baa60449a23397127582d755e2239552245749f6b273f1 10526 4 J      
111.0@3699: suspicious.javascript in XFA block
111.0@3699: suspicious.warning: object contains JavaScript
d340ec74295fae434d9599ea2538e37f view report 9fef744f66effd37602ff0f6491321617c7826182ddbf388bf1ae29de84932a9 10293 4 J      
111.0@3699: suspicious.javascript in XFA block
111.0@3699: suspicious.warning: object contains JavaScript
457225a6f126ecb58cb593a5c83bd585 view report 008b2301dca2dcdf23ea12ea3c52a34710cc7c4b81b0c1203613474713189c5c 9528 5 J      
111.0@4016: suspicious.javascript in XFA block
111.0@4016: suspicious.warning: object contains JavaScript
de4eb13bf53031729dd04fa1703beada view report 78ac13989ce1a1be6936065fa1991072511be708237790f26f78e539bd742c2e 10432 4 J      
111.0@3699: suspicious.javascript in XFA block
111.0@3699: suspicious.warning: object contains JavaScript
3e1d20a4d29e2b2f8fc7545c43a4b4ab view report 0053cadd233e760435889bdf880b810885628f9bbc26a896c15e814ff059306c 9801 5 J      
111.0@3961: suspicious.javascript in XFA block
111.0@3961: suspicious.warning: object contains JavaScript
ace675f2852de362be462c5093ac67ff view report 12d4ab36d5e90f1adabc95502f027f65c9d3b317ecb4375bdfaef496f3bf9a40 10264 4 J      
111.0@3699: suspicious.javascript in XFA block
111.0@3699: suspicious.warning: object contains JavaScript