Filename: CVE-2010-1297_PDF_2010-07-07_719CF2BAB291DA52E495B86929B7EA7D_water_update2.pdf | MD5: 719cf2bab291da52e495b86929b7ea7d

Link to here

Document information

Original filename: CVE-2010-1297_PDF_2010-07-07_719CF2BAB291DA52E495B86929B7EA7D_water_update2.pdf

Size: 427577 bytes

Submitted: 2010-09-01 16:40:26

md5: 719cf2bab291da52e495b86929b7ea7d

sha1: 869fb46d4985443390660ae65af3d4b5d6bb4e87

sha256: 8f60aa88853eec6e0ffce6ea2a8916a597ff105b6e4a087454b2a9bfa82ef4c8

ssdeep: 12288:/jaRLg2N49TE3ygkLANUAl4SkTFSw3ns8eVmT2hNq0UkI26jaRLgW:/joL9NmTEiDLMUAbQSw3nsnVmTgNq0UW

content/type: PDF document, version 1.5

Analysis: Malware [142] Beta OpenIOC

6.0 @ 390474: suspicious.obfuscation using String.replace

6.0 @ 390474: suspicious.obfuscation using eval

6.0 @ 390474: suspicious.obfuscation using app.setTimeOut to eval code

6.0 @ 390474: pdf.exploit media.newPlayer CVE-2009-4324

6.0 @ 390474: suspicious.warning: object contains JavaScript

6.0 @ 316: suspicious.obfuscation using unescape

6.0 @ 390474: pdf.suspicious util.printd used to fill buffers

6.0 @ 390474: suspicious.obfuscation using unescape

6.0 @ 316: pdf.exploit media.newPlayer CVE-2009-4324

6.0 @ 316: suspicious.obfuscation using app.setTimeOut to eval code

6.0 @ 316: suspicious.obfuscation using String.replace

6.0 @ 316: suspicious.obfuscation using eval

6.0 @ 316: suspicious.warning: object contains JavaScript

6.0 @ 316: pdf.suspicious util.printd used to fill buffers

7.0 @ 4084: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

7.0 @ 394242: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

8.0 @ 4290: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

8.0 @ 394448: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

9.0 @ 4441: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

9.0 @ 394599: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

10.0 @ 4567: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

10.0 @ 394725: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

11.0 @ 4664: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

11.0 @ 394822: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

14.0 @ 4922: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

14.0 @ 395080: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

15.0 @ 5046: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

15.0 @ 395204: suspicious.flash Adobe Shockwave Flash in a PDF define obj type

16.0 @ 5155: flash.exploit CVE-2010-1297

16.0 @ 395313: suspicious.flash Embedded Flash

16.0 @ 395313: flash.exploit CVE-2010-1297

16.0 @ 5155: suspicious.flash Embedded Flash