Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:EXP/PDF.3355
Date discovered:11/12/2008
Type:Exploit
Subtype:Downloader
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low to medium
Static file:No
File size:~5.300 Bytes
VDF version:7.01.00.44
IVDF version:7.01.00.49 - Thursday, November 6, 2008

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Mcafee: Exploit-PDF.f
   •  Kaspersky: Exploit.JS.Pdfka.bp
   •  F-Secure: Exploit.JS.Pdfka.bp
   •  Sophos: Troj/PDFJs-G


Platforms / OS:
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003


Side effects:
   • Downloads a malicious file
   • Makes use of software vulnerability

 Files It tries to download a file:

– The location is the following:
   • http://www.gamunkl.com/fifa/**********
It is saved on the local hard drive under: %SYSDIR%\%random character string%.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

Description inserted by Monica Ghitun on Thursday, December 11, 2008
Description updated by Monica Ghitun on Thursday, December 18, 2008

Back . . . .