Home / malware
First posted on 01 May 2020.
Exploit:Win32/Pdfjsc.YP is also known as Exploit.JS.Pdfka.fhr, Exploit.PDF-JS.BN, Exploit.PDF.2645, JS/Exploit.Pdfka.PFU trojan, PDF.Exploit, Exploit.JS.Pdfka.fhr, Troj/PDFEx-ET.
Exploit:Win32/Pdfjsc.YP is a specially-crafted Portable Document Format (PDF) file that exploits a vulnerability in Adobe Acrobat and Adobe Reader described in the following articles:
Exploit:Win32/Pdfjsc.YP is known to be part of the "Blackhole" malware distribution kit.
Some of the servers it is known to connect to are:
eatingmyglasses.com cr dret.ru
The file is then saved in the computer as "wpbt0.dll".
As of this writing, the files are no longer available.
Analysis by Daniel Chipiristeanu
Last update 01 May 2020