Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:EXP/Pidief.edu
Date discovered:29/01/2013
Type:Exploit
In the wild:Yes
Reported Infections:Low to medium
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:6.914 Bytes
MD5 checksum:a55b3d65628a200Faab3b4321a91d203
VDF version:7.11.59.18 - Tuesday, January 29, 2013
IVDF version:7.11.59.18 - Tuesday, January 29, 2013

 General Method of propagation:
   • Email


Aliases:
   •  Bitdefender: PDF:Exploit.PDF-JS.UQ
   •  AVG: Exploit_c.WPO
   •  Eset: JS/Exploit.Pdfka.QCG trojan


Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Side effects:
   • Downloads a malicious file

 Files It tries to download a file:

– The locations are the following:
   • http://styl**********ds/google_sitemap.exe
   • http://b-**********et/info.exe
   • http://www.dnl-co**********d/host.exe
   • http://www.axi**********ll/helper.exe
It is saved on the local hard drive under: %temporary internet files%\Content.IE5\XP8IS2UM\google_sitemap[1].exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Spy.Bebloh.EB.92

Description inserted by Eric Burk on Saturday, February 2, 2013
Description updated by Eric Burk on Saturday, February 2, 2013

Back . . . .