Home / malwarePDF  


First posted on 11 April 2019.
Source: Microsoft

Aliases :

Exploit:Win32/Pdfjsc.ALA is also known as Exploit.JS.Pdfka.gkz, generic/Pdfjsc.DZ, PDF:Exploit.PDF-JS.AEV, JS/Pdfka.GKZ!exploit, JS.Pdfka, Suspicious-PDF.gen.

Explanation :


You might get Exploit:Win32/Pdfjsc.ALA if you visit a malicious website, or a website that's been hacked. It runs successfully on your PC if you have a version of Adobe Acrobat or Adobe Reader affected by the vulnerability discussed in CVE-2010-0188.


Downloads files

If Exploit:Win32/Pdfjsc.ALA successfully exploits a vulnerable PC, it tries to download and run files.

In the wild, we've observed Exploit:Win32/Pdfjsc.ALA trying to download files from this site:


As of this writing, the site is unavailable.

Analysis by Daniel Chipiristeanu

Last update 11 April 2019