Filename: CVE-2009-0927 PDF 2010-02-10 F77F83B7C388C46F771BA7A1E419E833 North Korea Human Rights Report UNZIPPED.pdf= | MD5: f77f83b7c388c46f771ba7a1e419e833

Link to here

Document information

Original filename: CVE-2009-0927 PDF 2010-02-10 F77F83B7C388C46F771BA7A1E419E833 North Korea Human Rights Report UNZIPPED.pdf=

Size: 315999 bytes

Submitted: 2010-09-21 01:37:37

md5: f77f83b7c388c46f771ba7a1e419e833

sha1: 038943d3d8eede4ba34dbb5005e000b4185cdd4b

sha256: 8143244ea9469e8a494323b55de8c43a3185a3522c5c7443ba21e1af290df8d2

ssdeep: 768:TSZ+4exEKxUEHxxZYKgmZKPLOyVtbXHb7ph+eAjkdUK7zXmiPrSZ+SexEKS9q:i+4eK0U0ZNuLOOtb3/YcfXmb+SeKr9q

content/type: PDF document, version 1.4

Analysis: Malware [182] Beta OpenIOC

43.0 @ 9264: pdf.suspicious util.printd used to fill buffers

43.0 @ 9264: pdf.exploit media.newPlayer CVE-2009-4324

43.0 @ 308961: suspicious.warning: object contains JavaScript

43.0 @ 9264: pdf.exploit Collab.getIcon CVE-2009-0927

43.0 @ 9264: suspicious.warning: object contains JavaScript

43.0 @ 9264: pdf.exploit Collab.collectEmailInfo CVE-2008-0655

43.0 @ 9264: suspicious.obfuscation using String.replace

43.0 @ 9264: suspicious.obfuscation using substring

43.0 @ 9264: suspicious.string shellcode

43.0 @ 9264: suspicious.obfuscation using app.setTimeOut to eval code

43.0 @ 9264: suspicious.obfuscation using unescape