Filename: CVE-2009-1862 PDF 2009-10-15 4F94B85D07114678DFF1601B572A232D Taiwan op-ed.pdf.pdf= | MD5: 4f94b85d07114678dff1601b572a232d

Link to here

Document information

Original filename: CVE-2009-1862 PDF 2009-10-15 4F94B85D07114678DFF1601B572A232D Taiwan op-ed.pdf.pdf=

Size: 460181 bytes

Submitted: 2010-09-21 01:27:12

md5: 4f94b85d07114678dff1601b572a232d

sha1: ccc0bf6d24b4b9b76172eed83349bfaae22634bc

sha256: b5da1ced95efcedb0551c410d0c01cbb35e2c4bfcf0490c66699a8b816d0b6ab

ssdeep: 6144:40jhscu/ciCXmhwyqKAj8krnHP5KA7kgKqZ6ZsNKCLQyqffdkaRvVWvqw2GL:PE/C6QrjRxgRRZs2rRAvqe

content/type: PDF document, version 1.7

analysis time: 28.97 s

Analysis: Malware [28] Beta OpenIOC

1.0 @ 17: flash.exploit CVE-2009-1862

1.0 @ 17: suspicious.flash Embedded Flash

17.0 @ 352949: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

34.0 @ 456991: suspicious.warning: object contains JavaScript

34.0 @ 356185: suspicious.warning: object contains JavaScript

34.0 @ 356185: suspicious.obfuscation using String.replace

34.0 @ 356185: suspicious.obfuscation using unescape

34.0 @ 356185: suspicious.obfuscation using substring