¿Necesita ayuda? Pregunte a la comunidad o contrate a un experto.
Ir a Avira Answers
Date discovered:16/01/2013
In the wild:No
Reported Infections:Medium
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:9.870 Bytes
MD5 checksum:88addadbfe3d3a9f9359cc334934dd64
VDF version:
IVDF version:

 General Method of propagation:
   • Email

   •  Sophos: Troj/PDFJs-ACP
   •  Bitdefender: Exploit.PDF.Agent.F
   •  Microsoft: Exploit:Win32/Pdfjsc.ADF
   •  GData: Exploit.PDF.Agent.F
   •  Fortinet: W32/PDFJs.ACP!tr
   •  Ikarus: Exploit.Win32.Pdfjsc

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
   • Downloads a malicious file
   • Makes use of software vulnerability

 Files It tries to download a file:

– The location is the following:
   • http://www.ukde********** s/name-pdf.exe
It is saved on the local hard drive under: %temporary internet files%\Content.IE5\XP8IS2UM\name-pdf[1].exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Bublik.aayw

 File details Programming language:
 • JavaScript

Encrypted - The virus code inside the file is encrypted.

Descripción insertada por Eric Burk el miércoles, 16 de enero de 2013
Descripción actualizada por Eric Burk el miércoles, 16 de enero de 2013

Volver . . . .