SecurityHome.eu Exploit:Win32/Pdfjsc.ALA

Home / malware PDF

Exploit:Win32/Pdfjsc.ALA

First posted on 11 April 2019.
Source: Microsoft
Aliases :
Exploit:Win32/Pdfjsc.ALA is also known as Exploit.JS.Pdfka.gkz, generic/Pdfjsc.DZ, PDF:Exploit.PDF-JS.AEV, JS/Pdfka.GKZ!exploit, JS.Pdfka, Suspicious-PDF.gen.
Explanation :
Installation

You might get Exploit:Win32/Pdfjsc.ALA if you visit a malicious website, or a website that's been hacked. It runs successfully on your PC if you have a version of Adobe Acrobat or Adobe Reader affected by the vulnerability discussed in CVE-2010-0188.

Payload

Downloads files

If Exploit:Win32/Pdfjsc.ALA successfully exploits a vulnerable PC, it tries to download and run files.

In the wild, we've observed Exploit:Win32/Pdfjsc.ALA trying to download files from this site:

oeyhrg.webbipolar.biz

As of this writing, the site is unavailable.

Analysis by Daniel Chipiristeanu
Last update 11 April 2019

TOP

Malware :

HackTool:Win64/ProcHack
Trojan:Win64/SvcMiner.A
HackTool:Win64/Reflectivensa.gen!A
Trojan:Win64/CoinMiner
Backdoor:Win64/Diovule.A

Last 20

Family:

Exploit:Win32/Pdfjsc.AS
Exploit:Win32/Pdfjsc.ALA
Exploit:Win32/Pdfjsc.ADF
Exploit:Win32/Pdfjsc.H
Exploit:Win32/Pdfjsc.X
Exploit:Win32/Pdfjsc.G
Exploit:Win32/Pdfjsc.AD
Exploit:Win32/Pdfjsc.YP
Exploit:Win32/Pdfjsc.AS
Exploit:Win32/Pdfjsc.AV