PDFExaminer


Recent PDF malware detections. This list is delayed 2 weeks. +Submit one

MD5filenamesizeseverityjsflashembedencrypt
81f4ab577b236b88546a989c909e7ccb view report [Steven_M._Teles]_The_Rise_of_the_Conservative_Leg(b-ok.org).pdf 1150071 3     P  
881.0@998911: suspicious.obfuscation using eval
0.0@1145785: suspicious.warning: object contains embedded PDF
bd23ad33accef14684d42c32769092a0 view report Sample.pdf 82344 14 J      
33.0@4675: pdf.exploit Corrupted JPEG2000 CVE-2018-4990
1.0@25957: suspicious.obfuscation using app.setTimeOut to eval code
1.0@25957: suspicious.warning: object contains JavaScript
-1.-1@25955: suspicious.warning: end of file contains content
9677efa15a77f712c2427ffbbe40a8a3 view report 10-09-50-435 CC4D9C54.PDF 100141 18 J      
29.0@88302: suspicious.obfuscation using unescape
29.0@88302: suspicious.warning: object contains JavaScript
30.0@88433: suspicious.obfuscation using unescape
30.0@88433: suspicious.warning: object contains JavaScript
31.0@98585: suspicious.obfuscation using eval
31.0@98585: suspicious.warning: object contains JavaScript
32.0@98682: suspicious.warning: object contains JavaScript
9677efa15a77f712c2427ffbbe40a8a3 view report 10-09-50-435 CC4D9C54.PDF 100141 18 J      
29.0@88302: suspicious.obfuscation using unescape
29.0@88302: suspicious.warning: object contains JavaScript
30.0@88433: suspicious.obfuscation using unescape
30.0@88433: suspicious.warning: object contains JavaScript
31.0@98585: suspicious.obfuscation using eval
31.0@98585: suspicious.warning: object contains JavaScript
32.0@98682: suspicious.warning: object contains JavaScript
ed4ae2914b0d53b76701f64bc89993bc view report test.pdf 30353 23 J      
2.0@17: suspicious.javascript object
80.0@22960: suspicious.javascript object
82.0@23071: suspicious.obfuscation using charCodeAt
82.0@23071: suspicious.obfuscation using eval
82.0@23071: suspicious.obfuscation toString
82.0@23071: suspicious.obfuscation using String.fromCharCode
82.0@23071: suspicious.obfuscation using String.replace
82.0@23071: suspicious.warning: object contains JavaScript
83.0@27766: suspicious.warning: object contains JavaScript
838cc6ac8cb0d8ddb98fdb1ae0c8a443 view report clean-code-handbook-software-craftsmanship.pdf 3072779 4        
421.0@1344408: suspicious.obfuscation using String.replace
7d7c9780321cfc82cc303a9677a79bf4 view report Resume_Aman_Parashar.pdf 42898 12        
27.0@39840: suspicious.embedded external content
55.0@47812: suspicious.embedded external content
56.0@47969: suspicious.embedded external content
57.0@48124: suspicious.embedded external content
58.0@48281: suspicious.embedded external content
59.0@48457: suspicious.embedded external content
60.0@48635: suspicious.embedded external content
63.0@49136: suspicious.embedded external content
64.0@49302: suspicious.embedded external content
65.0@49473: suspicious.embedded external content
00ab49a6766f59687bffc04461cb72b3 view report 00ab49a6766f59687bffc04461cb72b3_Malware_pdf 177695 31 J      
28.0@1598: suspicious.obfuscation using unescape
28.0@1598: suspicious.string nopblock
28.0@1598: suspicious.obfuscation using eval
28.0@1598: suspicious.obfuscation using substring
28.0@1598: suspicious.string Shellcode NOP sled
28.0@1598: suspicious.string shellcode
28.0@1598: suspicious.warning: object contains JavaScript
0023bc5daf2a02ff58a42647334a4298 view report 0023bc5daf2a02ff58a42647334a4298_Malware_pdf 74288 11 J      
7.0@421: suspicious.obfuscation using charCodeAt
7.0@421: suspicious.obfuscation using String.replace
7.0@421: suspicious.obfuscation using substring
7.0@421: suspicious.warning: object contains JavaScript
c37ae9efc4eefcf1fe9cefa69a9e51f4 view report infected.pdf 6771 49 J      
6.0@425: suspicious.obfuscation using unescape
6.0@425: suspicious.obfuscation using substring
6.0@425: pdf.exploit util.printf CVE-2008-2992
6.0@425: suspicious.warning: object contains JavaScript
79d9745aed1e9ad48a15ff52b34c3831 view report Form_CHG-1.pdf 482028 30 J      
933.0@231625: suspicious.warning: object contains JavaScript
934.0@232116: suspicious.warning: object contains JavaScript
935.0@232462: suspicious.warning: object contains JavaScript
938.0@235910: suspicious.obfuscation using charCodeAt
938.0@235910: suspicious.javascript in XFA block
938.0@235910: suspicious.obfuscation toString
938.0@235910: suspicious.obfuscation using substr
938.0@235910: suspicious.obfuscation using String.fromCharCode
938.0@235910: suspicious.obfuscation using substring
938.0@235910: suspicious.warning: object contains JavaScript
theme_MH17
2a03ac24042fc35caa92c847638ca7c2 view report Agreemnet-00290267.pdf#720027062 11104 19 J      
1.0@15: suspicious.obfuscation using charCodeAt
1.0@15: suspicious.javascript in XFA block
1.0@15: suspicious.obfuscation using String.fromCharCode
1.0@15: suspicious.obfuscation using substring
1.0@15: suspicious.string -shellcode-
1.0@15: pdf.exploit BMP RLE integer heap overflow CVE-2013-2729
1.0@15: block size over 10MB
1.0@15: suspicious.warning: object contains JavaScript
cc6472a7d902e9a40eb0ed2795e76e0b view report KovterWhitepaper.pdf 2999173 2        
87.0@772352: block size over 10MB
90.0@1725802: block size over 10MB
659cf4c6baa87b082227540047538c2a view report fcexploit.pdf 25169 101 J      
5.0@1043: suspicious.obfuscation using String.fromCharCode
5.0@1043: suspicious.obfuscation getAnnots access blocks
5.0@1043: suspicious.warning: object contains JavaScript
10.0@21269: suspicious.obfuscation using unescape
21.0@22553: pdf.exploit using TIFF overflow CVE-2010-0188
21.0@22553: suspicious.string base 64 nop sled used in TIFF overflow CVE-2010-0188
21.0@22553: pdf.exploit TIFF overflow CVE-2010-0188
02488fbf56ec3768f41ded4b5107c401 view report [Intelligent Systems Reference Library 95] Liana Razmerita, Gloria Phillips-Wren, Lakhmi C. Jain (eds.) - Innovations in Knowledge Management_ The Impact of Social Media, Semantic Web and Cloud Computing (2016, Springer-V.pdf 7276968 3        
13.0@289358: suspicious.obfuscation using eval