Filename: 467459e449801ae07f18303398bb51d01f6d3cfac82a7c198da3fc428a0ba16d | MD5: 3906b1140fde25f1186ff3bd72f07511

Link to here

Document information

Original filename: 467459e449801ae07f18303398bb51d01f6d3cfac82a7c198da3fc428a0ba16d

Size: 1660800 bytes

Submitted: 2013-06-14 14:00:03

md5: 3906b1140fde25f1186ff3bd72f07511

sha1: ae83a142a59f8cea40a033e6075ddb9c83107c31

sha256: 467459e449801ae07f18303398bb51d01f6d3cfac82a7c198da3fc428a0ba16d

ssdeep: 24576:FOCCEpNXyABHGnSlHlolABHGnSlHluABHz:LZy4HGnSlCl4HGnSlM4Hz

content/type: with offset PDF header

analysis time: 37.21 s

Analysis: Malware [18] Beta OpenIOC

-1.-1@404617: suspicious.warning: end of file contains content

1.0 @ 15: suspicious.warning: object contains JavaScript

1.0 @ 15: block size over 10MB

1.0 @ 15: pdf.exploit BMP RLE integer heap overflow CVE-2013-2729

1.0 @ 15: suspicious.javascript in XFA block

1.0 @ 15: suspicious.obfuscation using String.fromCharCode

1.0 @ 15: suspicious.obfuscation using substring

1.0 @ 15: suspicious.obfuscation using charCodeAt