PDFExaminer


Recent PDF malware detections. This list is delayed 2 weeks. +Submit one

MD5filenamesizeseverityjsflashembedencrypt
e88b3a9dfa157c5ef5dced79b1b91480 view report 4d4829fccb1303718575151acd9d88ddf9d8d56374c23e540f0c7ca2cf884346 19699 9 J      
8.0@149: suspicious.javascript in XFA block
8.0@149: suspicious.warning: object contains JavaScript
0511e58729a6c284e9d6e2085fa8f91e view report a77945b25012e05d71fd812bb1d7cae35820099e53c65856899a2c5a2936eba6 101900 12 J      
8.0@149: suspicious.javascript in XFA block
8.0@149: suspicious.obfuscation using substr
8.0@149: suspicious.warning: object contains JavaScript
e0fc0dc50ac5a31c0657ee19b6723983 view report 5280b71326687b187d7e89ff3cfb354f5b7589d5d53b367b7acffc6eeab85815 78348 85 J      
4.0@192: suspicious.obfuscation using unescape
4.0@192: suspicious.obfuscation using eval
4.0@192: suspicious.obfuscation toString
4.0@192: suspicious.obfuscation using substr
4.0@192: suspicious.obfuscation using String.fromCharCode
4.0@192: suspicious.obfuscation using substring
4.0@192: pdf.exploit Collab.getIcon CVE-2009-0927
4.0@192: suspicious.warning: object contains JavaScript
e570521bbb02be316d2203cb603b5eec view report 83c8ea747b998870cd2db199b651987fba6d0b61e23fcdf656451a590f955496 14750 5 J      
13.0@822: suspicious.obfuscation using eval
13.0@822: suspicious.warning: object contains JavaScript
e22cd3fe0f7953645ffcbbad77d5d061 view report 7eb09fc9d76989389c1966be1daa6e0744a487b268eec04b91527c36ed4c208f 1430 85        
1111.0@354: suspicious.obfuscation using unescape
1111.0@354: suspicious.obfuscation using String.replace
1111.0@354: pdf.suspicious util.printd used to fill buffers
1112.0@1151: suspicious.obfuscation using substr
1112.0@1151: pdf.exploit media.newPlayer CVE-2009-4324
f10562fcfb171dfda1744fdf106b1e1f view report 25cee889adfc31b55ad455c2e701beebb84a7cfe28779827bfa0d0b0b21708ff 15107 5 J      
13.0@822: suspicious.obfuscation using eval
13.0@822: suspicious.warning: object contains JavaScript
b8c62428489699112b0e2eba12c3afdf view report 63092f8511b03bc7aadcc566b1cd8898103a7ad79c1da625af4024b3b840b26e 12359 1 J      
26.0@350: suspicious.warning: object contains JavaScript
b8d40ee8e9a4437d8d2efe8f8bf66a32 view report eb131dd214b3785f5c95b3a4116df6f77d01e02a11ec190a3a2e59dd73b6b1b6 15019 5 J      
13.0@822: suspicious.obfuscation using eval
13.0@822: suspicious.warning: object contains JavaScript
b8be9792b7d6771c67fd5b6bb5d88f2a view report a28a1c534ad0979e53dfe65d288887c3e51e498f0f9e6ac71a6c804ed74898fb 85093 1 J      
26.0@350: suspicious.warning: object contains JavaScript
b93c31c76527be5330b471e9059ff90b view report be298998e6a6c231bfebebea8ac75edcfc4241eac4c2ed3e60e68b7d186828d6 15039 5 J      
13.0@822: suspicious.obfuscation using eval
13.0@822: suspicious.warning: object contains JavaScript
b9349347b518428f0cacbba0200c402e view report 5b15ec27bb817821c795f931f649ac9776cbde7e1e2b2ec9951ed27baad6b1cd 135854 1 J      
26.0@350: suspicious.warning: object contains JavaScript
b93140fe6a392a0050e36698a0fca746 view report 11e9bd6e446d29ca9680809becf6485bbba071fed9ff7bc0761cd7497a107fa9 85399 1 J      
26.0@350: suspicious.warning: object contains JavaScript
b8e2e3b16059c58391fe3a505a85a9d8 view report be141e50199b4f25dee4bcf6f0613ca3637f0d9fbaf69be61f2c4c0203e9de46 80480 12 J      
8.0@149: suspicious.javascript in XFA block
8.0@149: suspicious.obfuscation using substr
8.0@149: suspicious.warning: object contains JavaScript
b92b4f0ca52673bf72e3a13a9f836222 view report 23a73c963f79ce232f490d632344140629630b94f73bbce30490504b05504ae2 13163 13 J      
8.0@424: suspicious.javascript in XFA block
8.0@424: suspicious.obfuscation using substr
8.0@424: suspicious.warning: object contains JavaScript
17.0@12857: suspicious.warning: object contains JavaScript
b8cb7aa746bfb6356c57e55cbfa31eb6 view report 8a46ff1b029ae070bf7518ab450eeee8d69dca45dfd1d7dfd6a6f4f8c47b0dc7 14883 5 J      
13.0@822: suspicious.obfuscation using eval
13.0@822: suspicious.warning: object contains JavaScript