PDF_PHISH.FOFC
ALIASES:
Trojan.PDF.Phishing.LT (BitDefender), PDF/Phishing.Agent.BCV (ESET-NOD32)
PLATFORM:
Windows
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
INFORMATION EXPOSURE:
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
TECHNICAL DETAILS
File Size:
165,150 bytes
File Type: PDF
Initial Samples Received Date:
31 May 2017
Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Other Details
This Trojan connects to the following possibly malicious URL:
- https://{BLOCKED}gingayam.co.id/wp-admin/vmsi/index.html
It does the following:
- When users click the link on the PDF file, it accesses the said URL which is a phishing site. This routine risks the exposure of the user's account information, which may then lead to the unauthorized use of the stolen data.