Search
Keyword: PDF_FAREIT
This is a specially crafted PDF which takes advantage of a recent vulnerability in Adobe (CVE-2013-0641) to drop MiniDuke malware. To get a one-glance comprehensive view of the behavior of this
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
Trend Micro has received multiple samples of this worm from multiple, independent sources, including customer reports and internal sources. These indicate that this worm poses a high risk to users
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
affected SharePoint server. The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests. CVE-2017-8737 | Microsoft PDF Remote Code Execution
CVE-2009-2169 Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a
DisplayName = "Renee PDF Aide 2016.10.13.71" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ {GUID}_is1 UninstallString = "%Program Files%\Rene.E Laboratory\PDFAide\unins000.exe
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
image in the malicious pdf file. Trojan:PDF/Tnega.AL!MTB (Microsoft), Trojan-Downloader.PDF.Doc (Ikarus)
following URL(s) to download its component file(s): {BLOCKED}medrbopdrv.com/boostrap/p.pdf It saves the file as: %User Profile%/Downloads/Passport20231023_90223.pdf → serves as a decoy pdf file {BLOCKED
(64-bit).) It drops the following files: %System Root%\__tmp_rar_sfx_access_check_{Random} %System Root%\şirket-ruhsat.pdf.exe → information stealer %System Root%\BNG 824 ruhsat.pdf → serves as a decoy pdf
email, and an attachment that uses the current date as its name to pose as a normal file. But as previously mentioned, the PDF contains an .IQY file inside it. Users should be cautious when encountering
traditional security solutions may not have at the time of infection. Recently found variants, such as PE_URSNIF, also sport a unique evasion technique involving .PDF files: It “embeds” each PDF file it finds
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a