Troj/PDFJs-WT

Category:	Viruses and Spyware	Protection available since:	22 Mar 2012 16:06:32 (GMT)
Type:	Trojan	Last Updated:	22 Mar 2012 16:06:32 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/PDFJs-WT exploits CVE-2010-2883.

Examples of Troj/PDFJs-WT include:

Example 1

File Information

Size: 37K
SHA-1: a3caae91440608ffe3dcb4872c9830ad835dd036
MD5: 6cc2a162e08836f7d50d461a9fc136fe
CRC-32: 81994c2c
File type: Adobe Portable Document Format
First seen: 2010-10-18

Other vendor detection

Kaspersky: Exploit.JS.Pdfka.cyy

Runtime Analysis

Dropped Files

c:\Documents and Settings\test user\Local Settings\Temp\AcrA285.tmp
Size
358
SHA-1
892ae38efcb6f623310c62795e62b9a9de8c8c65
MD5
2a2e9413a9f021dc618d4315bb34f105
CRC-32
fee7d1d6
File type
application/pdf
First seen
2012-03-22
c:\Documents and Settings\test user\Local Settings\Temp\WERec72.dir00\AcroRd32.exe.mdmp
Size
190K
SHA-1
02697c66c1c4d6245193fab3c7bd7d2960f3fbea
MD5
b2d726509b07f53ec0ab1eca05d34bc0
CRC-32
e94e4b7b
File type
application/octet-stream
First seen
2012-03-22
c:\Documents and Settings\test user\Local Settings\Temp\WERec72.dir00\AcroRd32.exe.hdmp
Size
39M
SHA-1
99c3b5a19590d98f8d203b84ad49b6a99b4b7bd4
MD5
cc009083734053596f3735b3ab8a33fd
CRC-32
ea21f2ac
File type
application/octet-stream
First seen
2012-03-22

Processes Created

c:\program files\adobe\reader 8.0\reader\acrord32.exe
c:\windows\system32\dumprep.exe

Example 2

File Information

Size: 2.0M
SHA-1: 38d5bd8a618907195d9a9f7d1d143a43d359085e
MD5: b196fe9d8aa9a1997591f8622d952b66
CRC-32: 4cbecd59
File type: application/pdf
First seen: 2012-01-10

Example 3

Other vendor detection

Kaspersky: Exploit.Win32.CVE-2010-2883.a

Download
Sophos Home

Free business-grade security for the home.