Need help? Ask the community or hire an expert.
Go to Avira Answers
Date discovered:23/10/2012
In the wild:Yes
Reported Infections:High
Distribution Potential:Low to medium
Damage Potential:Low to medium
Static file:No
File size:~13.000 Bytes
VDF version: - Tuesday, October 23, 2012
IVDF version: - Tuesday, October 23, 2012

 General Method of propagation:
   • By visiting infected websites

   •  Kaspersky: Exploit.JS.Pdfka.ggc
   •  Sophos: Troj/PDFJs-AAS
     Microsoft: Exploit:Win32/Pdfjsc.ADY
   •  Grisoft: Exploit_c.VRU
   •  Eset: JS/Exploit.Pdfka.PTS
     GData: Exploit.JS.PDF.FD
     Authentium: JS/Pdfka.HD
     DrWeb: Exploit.PDF.3048
     Norman: Trojan CVE_2010_0188.A

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7

Side effects:
    Drive-by download
   • Makes use of software vulnerability

 Files It tries to download a file:

The location is the following:
It is saved on the local hard drive under: %temporary internet files%\calc[1].exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Agent.FQR

Description inserted by Alexander Bauer on Friday, October 26, 2012
Description updated by Alexander Bauer on Friday, October 26, 2012

Back . . . .