contagio malware exchange: 011 CVE-2010-0188 PDF - with decided JS (thanks to Villy)

About contagio exchange

CONTAGIO EXCHANGE Contagio exchange was created to absorb malware samples shared by readers of Contagio. This is meant to be a community driven malware collection.

Edit Aug 2013 - The community is busy and Mila too so this was not a very active site (my fault probably) so I will be just dumping malware strings here - it often helps in malware identification and googling is the best way.

With just strings, not exactly a fun blog to read but might become s useful resource over time.

I will not be posting samples here, just md5. You can find the corresponding samples on contagio or ping me if you can't find

P.S. Robot pictures delivered by Robohash.com (generated from file hashes)

Thursday, March 22, 2012

011 CVE-2010-0188 PDF - with decided JS (thanks to Villy) - Mar 2012

MD5 B9E21C8ADFB5A3844CC2991ECBE0378C
Virustotal 8 / 41
Decoding help http://www.hashemian.com/tools/html-url-encode-decode.php
Sample credit: thanks to anonymous donation

Download (pass infected)

SHA256:     0638324b80aaa7d185f353fd4d5436d70845d648e62791e60cdc1626359c05cc
SHA1:     6bf714ac9dd12d0bfd06ac6377a0658d7c54e046
MD5:     b9e21c8adfb5a3844cc2991ecbe0378c
File size:     16.6 KB ( 17029 bytes )
File name:     1214934.pdf
File type:     PDF
Detection ratio:     8 / 41
Analysis date:     2012-03-22 11:47:54 UTC ( 1 minute ago )
Avast     PDF:ContEx [Heur]     20120320
AVG     Script/PDF.Exploit     20120322
Kaspersky     Exploit.JS.Pdfka.fpt     20120322
Microsoft     Exploit:Win32/Pdfjsc.AAX     20120322
NOD32     JS/Exploit.Pdfka.PJC.Gen     20120322
Sophos     Troj/PDFJs-WR     20120322