Filename: 2fa9d935f63068929da307c29b243965a51f781d8191575ef66497cfd2ffb3c6 | MD5: 711e0773b8cbf09a45204f92095ede70

Link to here

Document information

Original filename: 2fa9d935f63068929da307c29b243965a51f781d8191575ef66497cfd2ffb3c6

Size: 11079 bytes

Submitted: 2014-08-12 14:16:13

md5: 711e0773b8cbf09a45204f92095ede70

sha1: bd1f3e9337ff82fdb7ea615d080fd63bf72c8125

sha256: 2fa9d935f63068929da307c29b243965a51f781d8191575ef66497cfd2ffb3c6

ssdeep: 192:xtcCiY/LmF0VX34nUneTbTT6TTT5ITTTTTT1TXoTbTT6TTT9TTTTTTxT2TbTT6TC:xtyF43zneTbTT6TTT5ITTTTTT1TYTbT1

content/type: PDF document, version 1.5

analysis time: 1.50 s

Analysis: Malware [79] Beta OpenIOC

Yara tags: cve_2013_3346

5.0 @ 260: suspicious.javascript addToolButton

5.0 @ 260: suspicious.warning: object contains JavaScript

5.0 @ 260: pdf.exploit ToolButton use-after-free CVE-2014-0496

5.0 @ 260: suspicious.string -shellcode-

5.0 @ 260: suspicious.obfuscation using String.replace

5.0 @ 260: suspicious.obfuscation using substring

5.0 @ 260: suspicious.string -HeapSpray-

5.0 @ 260: suspicious.obfuscation toString