Search
Keyword: PDF_FAREIT
for PDF files which show fake messages when opened. The files require the user to click the image on the PDF file. Once clicked, it will access a URL.
}.ng/wp-admin/css/colors/light/Adobe/index.php It does the following: When users click the link on the PDF file, it accesses the said URL which is a phishing site, asking to fill out data to be stolen. Trojan.PDF.Phishing (Ikarus);
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
CVE-2009-2169 Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
\Software\ElcomSoft HKEY_CURRENT_USER\Software\ElcomSoft\ Advanced PDF Password Recovery HKEY_CURRENT_USER\Software\ElcomSoft\ Advanced PDF Password Recovery\Language HKEY_CURRENT_USER\Software\ElcomSoft
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a
affected SharePoint server. The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests. CVE-2017-8737 | Microsoft PDF Remote Code Execution
DisplayName = "Renee PDF Aide 2016.10.13.71" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ {GUID}_is1 UninstallString = "%Program Files%\Rene.E Laboratory\PDFAide\unins000.exe
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
image in the malicious pdf file. Trojan:PDF/Tnega.AL!MTB (Microsoft), Trojan-Downloader.PDF.Doc (Ikarus)
following URL(s) to download its component file(s): {BLOCKED}medrbopdrv.com/boostrap/p.pdf It saves the file as: %User Profile%/Downloads/Passport20231023_90223.pdf → serves as a decoy pdf file {BLOCKED
(64-bit).) It drops the following files: %System Root%\__tmp_rar_sfx_access_check_{Random} %System Root%\şirket-ruhsat.pdf.exe → information stealer %System Root%\BNG 824 ruhsat.pdf → serves as a decoy pdf
email, and an attachment that uses the current date as its name to pose as a normal file. But as previously mentioned, the PDF contains an .IQY file inside it. Users should be cautious when encountering
traditional security solutions may not have at the time of infection. Recently found variants, such as PE_URSNIF, also sport a unique evasion technique involving .PDF files: It “embeds” each PDF file it finds
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a