Evilblog

In this post we are going to investigate a malicious PDF file , as we all know a PDF file can be infected with embedded objects,JavaScript code, encoded stream to exploit the PDF reader and these days this type of attacks are happening very often. We are getting these types of infected PDF very often through Email or from other communication services.  Basics Of PDF Structure Before we begin investigating our PDF we should first need to know about some basics of PDF file  which we need to understand the analysis. A PDF contain four parts  1. "Header" which contains information about the PDF version. 2. "Body" which contains objects that define operations performed by the file and embedded data like scripting code,images,text etc.  3."cross-reference table" lists the offsets inside the file which will be rendered by the PDF reader.  4. "Trailer" describes the location of the certain objects inside the body of the PDF and location of the cross-refe...