Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:EXP/Pdfka.QG
Date discovered:03/11/2011
Type:Exploit
In the wild:No
Reported Infections:Medium to high
Distribution Potential:Low
Damage Potential:Low to medium
Static file:No
VDF version:7.11.17.06 - Thursday, November 3, 2011
IVDF version:7.11.17.06 - Thursday, November 3, 2011

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: Exploit.JS.Pdfka.fef
   •  Sophos: Troj/PDFEx-ET
   •  Eset: JS/Exploit.Pdfka.PFS.Gen
   •  DrWeb: Exploit.PDF.2545


Platforms / OS:
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Side effects:
   • Can be used to execute malicious code
   • Drive-by download
   • Makes use of software vulnerability

 Files It tries to download a file:

– The location is the following:
   • http://**********/ku33/yp7.php?i=8
Furthermore this file gets executed after it was fully downloaded. At the time of writing this file was not online for further investigation.

 File details Programming language:
 • JavaScript


Encryption:
Encrypted - The virus code inside the file is encrypted.

Description inserted by Chiaho Heng on Wednesday, November 30, 2011
Description updated by Chiaho Heng on Wednesday, November 30, 2011

Back . . . .