Need help? Ask the community or hire an expert.
Go to Avira Answers
Date discovered:03/11/2011
In the wild:No
Reported Infections:Medium to high
Distribution Potential:Low
Damage Potential:Low to medium
Static file:No
VDF version: - Thursday, November 3, 2011
IVDF version: - Thursday, November 3, 2011

 General Method of propagation:
   • No own spreading routine

   •  Kaspersky: Exploit.JS.Pdfka.fef
   •  Sophos: Troj/PDFEx-ET
   •  Eset: JS/Exploit.Pdfka.PFS.Gen
     DrWeb: Exploit.PDF.2545

Platforms / OS:
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7

Side effects:
    Can be used to execute malicious code
    Drive-by download
   • Makes use of software vulnerability

 Files It tries to download a file:

The location is the following:
   • http://**********/ku33/yp7.php?i=8
Furthermore this file gets executed after it was fully downloaded. At the time of writing this file was not online for further investigation.

 File details Programming language:
 • JavaScript

Encrypted - The virus code inside the file is encrypted.

Description inserted by Chiaho Heng on Wednesday, November 30, 2011
Description updated by Chiaho Heng on Wednesday, November 30, 2011

Back . . . .