Exploit:JS/Pdfka.TI is an exploit that can take advantage of two vulnerabilities in a single PDF file in order to download malicious binary files (usually Trojan-Downloader:W32/Bredolab variants) onto the system.
Based on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the detected program or file, or ask you for a desired action.
Find the latest advice in our Community Knowledge Base.
See the manual for your F-Secure product on the Help Center.
Submit a file or URL for further analysis.
The vulnerabilities exploited are:
Adobe Reader and Acrobat versions 8.1.2 and earlier are affected by the vulnerabilities exploited by this malware.
Once the vulnerabilities are exploited, binary files are downloaded from:
The downloaded files are saved in the Temporary directory using the following filenames:
The files are then executed.