Filename: CVE-2009-0927 CVE-2007-5659 PDF 2010-04-02 C497C02464AE74BBC94120D1CBE88D49 IPR in China final.pdf= | MD5: c497c02464ae74bbc94120d1cbe88d49

Link to here

Document information

Original filename: CVE-2009-0927 CVE-2007-5659 PDF 2010-04-02 C497C02464AE74BBC94120D1CBE88D49 IPR in China final.pdf=

Size: 54720 bytes

Submitted: 2010-09-21 01:38:01

md5: c497c02464ae74bbc94120d1cbe88d49

sha1: 794b26a4320e968e7b5a68f600c6a7b2388220ae

sha256: 816ff03f39d9d210ee3a49a61f208a4b0a8979c3d08fa9b8a17e01a98b5d123c

ssdeep: 1536:ob/dOMWvEHZa7sN8lfIPDR9dqT5ybgwCZ:tGEsNH19j0l

content/type: PDF document, version a.a

analysis time: 3.46 s

Analysis: Malware [46] Beta OpenIOC

48.0 @ 1291: suspicious.warning: object contains JavaScript

48.0 @ 1291: pdf.exploit Collab.getIcon CVE-2009-0927

48.0 @ 1291: suspicious.obfuscation using app.setTimeOut to eval code

48.0 @ 1291: suspicious.obfuscation using util.byteToChar

48.0 @ 1291: suspicious.string shellcode

48.0 @ 1291: suspicious.obfuscation using unescape