EXPL_PIDIEF.O - Description and solution

TrendLabs Malware Blog

Glossary

TrendWatch

TrendLabs Twitter

EXPL_PIDIEF.O

Overview

Solution

Technical Details

Malware type: Exploit

Aliases: Exploit-PDF.b (McAfee), Trojan.Pidief.C (Symantec), HTML/Shellcode.Gen (Avira), Mal/JSShell-B (Sophos), Exploit:Win32/Pdfjsc.A (Microsoft)

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:
Damage potential:		Medium
Distribution potential:		Low

Infection Channel 1 : Spammed via email

Description:

Trend Micro threat researchers post findings and analyses on various threats in real-time at the Malware Blog. Users can find more information about this specific threat here.

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

EXPL_PIDIEF.O Behavior Diagram

Malware Overview

This exploit arrives as attachment to email messages spammed by another malware or a malicious user.

This is the Trend Micro detection for an exploit code that takes advantage of multiple vulnerabilities in versions of Adobe Reader earlier than 8.1.2. For more information on the said vulnerabilities, please refer to the following Web page:

CVE-2008-0655

Upon successful exploitation, this malware connects to a certain IP address to download a possibly malicious file. As a result, routines of the downloaded file may be executed on the affected system. However, as of this writing, the said IP address is unavailable.

For additional information about this threat, see:
Solution
Technical Details

Description created: Feb. 10, 2008 7:21:34 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.