In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?”
Let’s go to our case study:
I received a scan request for a PDF file that was reported to support an antivirus vendor, and it replied that the file was not malicious. Because the manufacturer’s analysis was not satisfactory, the team responsible for handling the incident requested a second opinion, since in other anti-virus tools the document was reported to be malicious. The team needed evidence to prove the risk involved in the file.
While conducting an initial analysis on the file, I identified that I had something suspicious:
Full Article.
