Home / malware
First posted on 11 April 2019.
Exploit:Win32/Pdfjsc.ALA is also known as Exploit.JS.Pdfka.gkz, generic/Pdfjsc.DZ, PDF:Exploit.PDF-JS.AEV, JS/Pdfka.GKZ!exploit, JS.Pdfka, Suspicious-PDF.gen.
You might get Exploit:Win32/Pdfjsc.ALA if you visit a malicious website, or a website that's been hacked. It runs successfully on your PC if you have a version of Adobe Acrobat or Adobe Reader affected by the vulnerability discussed in CVE-2010-0188.
If Exploit:Win32/Pdfjsc.ALA successfully exploits a vulnerable PC, it tries to download and run files.
In the wild, we've observed Exploit:Win32/Pdfjsc.ALA trying to download files from this site:
As of this writing, the site is unavailable.
Analysis by Daniel Chipiristeanu
Last update 11 April 2019