Author Topic: Need help analyzing these 3 malicious PDF  (Read 4463 times)

0 Members and 1 Guest are viewing this topic.

October 13, 2009, 09:20:37 am
Read 4463 times


  • Jr. Member

  • Offline
  • **

  • 13

I was getting a hard time to analyze 3 malicious PDF files.
I've tried using pdf-parser (by didiers) and inflater (by bobby) and also from my own ruby script using pdftoolkit.
I cannot deflate the PDF which makes me stuck on getting the deobfuscated JavaScript and shellcode.

Need help from anyone to analyze these 3 PDF files, and if possible to share how you decode the encoded PDF stream.

Password for zip file : infected

Thank you in advance

October 19, 2009, 07:08:26 pm
Reply #1


  • Sr. Member

  • Offline
  • ****

  • 179
Just try running it through wepawet?


Tries to download: