PDFExaminer


Recent PDF malware detections. This list is delayed 2 weeks. +Submit one

MD5filenamesizeseverityjsflashembedencrypt
475a43bdc53a10321c1e030136a3fd96 view report document24.pdf 321558 18 J      
291.0@7011: suspicious.javascript object
292.0@7057: suspicious.javascript object
293.0@7103: suspicious.javascript object
294.0@7149: suspicious.warning: object contains JavaScript
295.0@7641: suspicious.warning: object contains JavaScript
296.0@7988: suspicious.warning: object contains JavaScript
275.0@196692: suspicious.javascript in XFA block
275.0@196692: suspicious.obfuscation toString
275.0@196692: suspicious.warning: object contains JavaScript
458c3f6f0796d558fd4feb9075208ae4 view report GARTH_1159538_004226-008.pdf 49101 1        
10.0@47564: suspicious.embedded external content
b20572bb62c3c18abd944eddcc18d492 view report SmartSource_Coupon_June10 (1).fdf 712686 1 J     E
167.0@692233: suspicious.warning: object contains JavaScript
567724bfd93046a65462140f9cf9567b view report [Effective JavaScript 68 Specific Ways to Harness the Power of JavaScript (Effective Software Development Series) by David Herman - 2013].pdf 1361406 20        
6560.0@616468: suspicious.obfuscation using charCodeAt
6690.0@719571: suspicious.obfuscation using eval
6695.0@723841: suspicious.obfuscation using eval
6725.0@744669: suspicious.obfuscation using charCodeAt
6725.0@744669: suspicious.obfuscation using String.fromCharCode
6730.0@748057: suspicious.obfuscation using String.fromCharCode
3f3b0679138494c494ade826ca5abf1f view report gfbi.pdf 449365 1        
15.0@1515: suspicious.embedded external content
5ff7f21e90ca509a865b2d71deac54fa view report Lease_Option_-_Short_Offer_Form_Copy.pdf 278612 1        
8.0@2916: block size over 10MB
5ff7f21e90ca509a865b2d71deac54fa view report Lease_Option_-_Short_Offer_Form_Copy.pdf 278612 1        
8.0@2916: block size over 10MB
59d8c592c6451993fde31255972398df view report 00670720.pdf 319547 2 J      
5.0@248: suspicious.javascript object
6.0@301: suspicious.warning: object contains JavaScript
6f348baf5e72f527273c69e5822266ad view report advanced_forensic_challenge_v2.pdf 6542 52 J      
6.0@407: suspicious.obfuscation using unescape
6.0@407: suspicious.obfuscation using substring
6.0@407: suspicious.string Shellcode NOP sled
6.0@407: pdf.exploit util.printf CVE-2008-2992
6.0@407: suspicious.warning: object contains JavaScript
de96d23ddb7d37ead39f41944af60302 view report VocĂȘ sabia disso.pdf 64414 5 J      
50.0@48491: suspicious.warning: object contains JavaScript
54.0@53408: suspicious.warning: object contains JavaScript
50.0@58273: suspicious.warning: object contains JavaScript
54.0@58424: suspicious.warning: object contains JavaScript
54.0@63535: suspicious.warning: object contains JavaScript
de96d23ddb7d37ead39f41944af60302 view report VocĂȘ sabia disso.pdf 64414 5 J      
50.0@48491: suspicious.warning: object contains JavaScript
54.0@53408: suspicious.warning: object contains JavaScript
50.0@58273: suspicious.warning: object contains JavaScript
54.0@58424: suspicious.warning: object contains JavaScript
54.0@63535: suspicious.warning: object contains JavaScript
0a47d30c07c20b0f0a003a1d78d227cb view report mal2_evade 501 1 J      
2.0@96: suspicious.warning: object contains JavaScript
05400a27a9ce8f98cbea62298a378c7a view report Stuvia-464921-unit-18-creative-product-promotion (2).pdf 694290 39        
5.0@675244: suspicious.embedded external content
6.0@675535: suspicious.embedded external content
7.0@675826: suspicious.embedded external content
8.0@676117: suspicious.embedded external content
9.0@676408: suspicious.embedded external content
10.0@676699: suspicious.embedded external content
11.0@676991: suspicious.embedded external content
12.0@677283: suspicious.embedded external content
13.0@677575: suspicious.embedded external content
14.0@677867: suspicious.embedded external content
15.0@678159: suspicious.embedded external content
16.0@678451: suspicious.embedded external content
17.0@678743: suspicious.embedded external content
18.0@679035: suspicious.embedded external content
19.0@679327: suspicious.embedded external content
20.0@679619: suspicious.embedded external content
21.0@679911: suspicious.embedded external content
22.0@680203: suspicious.embedded external content
23.0@680495: suspicious.embedded external content
24.0@680787: suspicious.embedded external content
25.0@681079: suspicious.embedded external content
26.0@681371: suspicious.embedded external content
27.0@681663: suspicious.embedded external content
28.0@681955: suspicious.embedded external content
29.0@682247: suspicious.embedded external content
30.0@682539: suspicious.embedded external content
31.0@682831: suspicious.embedded external content
32.0@683123: suspicious.embedded external content
33.0@683415: suspicious.embedded external content
34.0@683707: suspicious.embedded external content
35.0@683999: suspicious.embedded external content
36.0@684291: suspicious.embedded external content
37.0@684583: suspicious.embedded external content
38.0@684875: suspicious.embedded external content
39.0@685167: suspicious.embedded external content
40.0@685459: suspicious.embedded external content
41.0@685751: suspicious.embedded external content
42.0@686043: suspicious.embedded external content
43.0@686335: suspicious.embedded external content
05400a27a9ce8f98cbea62298a378c7a view report Stuvia-464921-unit-18-creative-product-promotion (2).pdf 694290 39        
5.0@675244: suspicious.embedded external content
6.0@675535: suspicious.embedded external content
7.0@675826: suspicious.embedded external content
8.0@676117: suspicious.embedded external content
9.0@676408: suspicious.embedded external content
10.0@676699: suspicious.embedded external content
11.0@676991: suspicious.embedded external content
12.0@677283: suspicious.embedded external content
13.0@677575: suspicious.embedded external content
14.0@677867: suspicious.embedded external content
15.0@678159: suspicious.embedded external content
16.0@678451: suspicious.embedded external content
17.0@678743: suspicious.embedded external content
18.0@679035: suspicious.embedded external content
19.0@679327: suspicious.embedded external content
20.0@679619: suspicious.embedded external content
21.0@679911: suspicious.embedded external content
22.0@680203: suspicious.embedded external content
23.0@680495: suspicious.embedded external content
24.0@680787: suspicious.embedded external content
25.0@681079: suspicious.embedded external content
26.0@681371: suspicious.embedded external content
27.0@681663: suspicious.embedded external content
28.0@681955: suspicious.embedded external content
29.0@682247: suspicious.embedded external content
30.0@682539: suspicious.embedded external content
31.0@682831: suspicious.embedded external content
32.0@683123: suspicious.embedded external content
33.0@683415: suspicious.embedded external content
34.0@683707: suspicious.embedded external content
35.0@683999: suspicious.embedded external content
36.0@684291: suspicious.embedded external content
37.0@684583: suspicious.embedded external content
38.0@684875: suspicious.embedded external content
39.0@685167: suspicious.embedded external content
40.0@685459: suspicious.embedded external content
41.0@685751: suspicious.embedded external content
42.0@686043: suspicious.embedded external content
43.0@686335: suspicious.embedded external content
4632c15b61c6883331b735f6a40d8a1a view report W4 Federal Tax Form 2019 VW.pdf 151004 12 J      
13.0@37336: suspicious.javascript in XFA block
13.0@37336: suspicious.warning: object contains JavaScript
1046.0@81271: suspicious.warning: object contains JavaScript
1047.0@81749: suspicious.warning: object contains JavaScript
1048.0@82096: suspicious.warning: object contains JavaScript