Content
Exploit-PDF.i
- Type
- Trojan
- SubType
- Exploit
- Discovery Date
- 01/19/2009
- Length
- Varies
- Minimum DAT
- 5500 (01/19/2009)
- Updated DAT
- 6528 (11/12/2011)
- Minimum Engine
- 5.2.00
- Description Added
- 01/19/2009
- Description Modified
- 02/13/2009 3:22 AM (PT)
Tab Navigation
Characteristics
This detection covers trojan in the form of *.PDF files that attempts to exploit a vulnerability in Adobe Reader.
When successful, the following files are dropped and installed:
- %UserProfile%\Local Settings\Temp\svchost.exe (Backdoor-DTJ trojan)
- %UserProfile%\Local Settings\Temp\temp.exe (Generic Dropper.ck trojan)
(Where %UserProfile% is the Windows user profile folder, e.g. C:\Documents and Settings\USER, %SystemDir% is the Windows system folder, e.g. C:\Windows\System32)
Symptoms
Method of Infection
The malicious PDF file may be sent via e-mail or downloaded from a remote site.
Removal
Variants
Variants
N/A
All Information
Overview -
This detection covers trojan in the form of *.PDF files that attempts to exploit a vulnerability in Adobe Reader.
Characteristics
Characteristics -
This detection covers trojan in the form of *.PDF files that attempts to exploit a vulnerability in Adobe Reader.
When successful, the following files are dropped and installed:
- %UserProfile%\Local Settings\Temp\svchost.exe (Backdoor-DTJ trojan)
- %UserProfile%\Local Settings\Temp\temp.exe (Generic Dropper.ck trojan)
(Where %UserProfile% is the Windows user profile folder, e.g. C:\Documents and Settings\USER, %SystemDir% is the Windows system folder, e.g. C:\Windows\System32)
Symptoms
Symptoms -
Method of Infection
Method of Infection -
The malicious PDF file may be sent via e-mail or downloaded from a remote site.
Removal -
Removal -
Variants
Variants -
N/A