Search
Keyword: PDF_FAREIT
We have observed a recent spike in spam in Russian language. The spammed message delivers a SHADE ransomware variant via embedded link in the attached .PDF. Upon investigation, this campaign used
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This malware is involved in certain targeted attacks that took place on March 2013. It drops and opens non-malicious document files to hide its backdoor routines. Users affected by this malware may
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
' JavaScript Method Remote Code Execution Vulnerability Adobe Acrobat and Reader Collab 'getIcon()' JavaScript Method Remote Code Execution Vulnerability Adobe Multiple Products PDF JavaScript Method Buffer
Trend Micro has received multiple samples of this worm from multiple, independent sources, including customer reports and internal sources. These indicate that this worm poses a high risk to users
This Trojan opens non-malicious .PDF files for users not to suspect any malicious activity in the system. This Trojan arrives as an attachment to email messages spammed by other malware/grayware or
\Software\ElcomSoft HKEY_CURRENT_USER\Software\ElcomSoft\ Advanced PDF Password Recovery HKEY_CURRENT_USER\Software\ElcomSoft\ Advanced PDF Password Recovery\Language HKEY_CURRENT_USER\Software\ElcomSoft
Trend Micro detection for: PDF files that presents the user a fake message tricking them to click embedded link. NOTES: Upon execution of the file, the user is presented with a fake message (see below)
}gingayam.co.id/wp-admin/vmsi/index.html It does the following: When users click the link on the PDF file, it accesses the said URL which is a phishing site. This routine risks the exposure of the user's account information, which may then
), Windows Server 2008, and Windows Server 2012.) Other Details This Trojan does the following: It deletes the created folder and drop file once PDF file has been closed. Trojan.PDF.Agent.CW
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This Trojan arrives as an attachment to email messages spammed by other
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. Arrival Details This Trojan arrives as an attachment to email messages spammed by other
malware/grayware or malicious users. NOTES: This is the Trend Micro detection for PDF files that contains a malicious link. Once the link on the document file is opened, a browser will be opened and redirected to
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a
for PDF files which show fake messages when opened. The files require the user to click the image on the PDF file. Once clicked, it will access a URL.
}.ng/wp-admin/css/colors/light/Adobe/index.php It does the following: When users click the link on the PDF file, it accesses the said URL which is a phishing site, asking to fill out data to be stolen. Trojan.PDF.Phishing (Ikarus);
are exhibited on the affected system. NOTES: It takes advantage of a zero-day vulnerability in the following software to drop malicious files: Adobe PDF Reader 9 Adobe PDF Reader 10 Adobe PDF Reader 11