Home / malware

PDF

Trojan:PDF/Tetomek.A

First posted on 29 April 2017.
Source: Microsoft

Aliases :

There are no other names known for Trojan:PDF/Tetomek.A.

Explanation :

Installation
This trojan typically arrives as a file attachment to a spam email message. We have observed that it uses this filename as file attachment: Document_77785661_NI_NSO___77785661.pdf



This malware uses a social engineering method by luring the recipient to click on the hyperlink in its content.

We have observed it use the following URL:

hxxp://markantic.com/view-pdf-HEKF-42754-oyI/

Payload

Clicking the hyperlink leads to download a JavaScript malware TrojanDownloader:JS/Tetomek.A.





Analysis by Jonathan San Jose

Last update 29 April 2017

 

TOP